d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com Open in urlscan Pro
2a03:b0c0:3:d0::35:d001 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
Submission: On September 21 via manual (September 21st 2019, 5:55:22 pm UTC) from US

Summary HTTP 17 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 17 HTTP transactions. The main IP is 2a03:b0c0:3:d0::35:d001, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on February 20th 2018. Valid for: 3 years.

This is the only time d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

	IP Address	AS Autonomous System
9	2a03:b0c0:3:d... 2a03:b0c0:3:d0::35:d001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
4 8	207.241.233.214 207.241.233.214	7941 (INTERNET-...) (INTERNET-ARCHIVE - Internet Archive)
1 2	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c09::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
17	5

9 2a03:b0c0:3:d0::35:d001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)

d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 207.241.233.214 (United States) 4 redirects

ASN7941 (INTERNET-ARCHIVE - Internet Archive, US)
PTR: wwwb-front4.us.archive.org

web.archive.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	htmlpasta.com d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com	28 KB
8	archive.org 4 redirects web.archive.org	16 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	184 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	164 B
17	6

	Domain	Requested by
9	d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com	d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com
8	web.archive.org	4 redirects d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com
2	www.google-analytics.com	1 redirects d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com
1	www.google.de	d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
17	6

This site contains links to these domains. Also see Links.

Domain
archive.org
faq.web.archive.org
web.archive.org

Subject Issuer	Validity	Valid
*.htmlpasta.com COMODO RSA Domain Validation Secure Server CA	`2018-02-20` - `2021-02-19`	3 years	crt.sh
*.archive.org Go Daddy Secure Certificate Authority - G2	`2016-12-19` - `2020-02-21`	3 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
Frame ID: BA63264468C1329168BECDD016054FDE
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

17
Requests

88 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

60 kB
Transfer

136 kB
Size

0
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://archive.org/account/login.php
Title:

Search URL Search Domain Scan URL

URL: http://faq.web.archive.org/

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/20190611230723/https://accounts.google.com/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2FManageAccount&followup=https%3A%2F%2Faccounts.google.com%2FManageAccount
Title: Jun

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/20190710230743/https://accounts.google.com/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2FManageAccount&followup=https%3A%2F%2Faccounts.google.com%2FManageAccount

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/20180711230723/https://accounts.google.com/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.google.com%2FManageAccount&followup=https%3A%2F%2Faccounts.google.com%2FManageAccount
Title: 2018

Search URL Search Domain Scan URL

URL: https://archive.org/details/ArchiveIt-Partner-1067
Title: Political TV Ad Archive

Search URL Search Domain Scan URL

URL: https://archive.org/details/ArchiveIt-Collection-6793
Title: Candidates

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/20190711230840/https://accounts.google.com/signin/usernamerecovery?continue=https%3A%2F%2Faccounts.google.com%2FManageAccount&hl=en
Title: Find my account

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/20190711230840/https://accounts.google.com/AccountChooser?continue=https%3A%2F%2Faccounts.google.com%2FManageAccount&followup=https%3A%2F%2Faccounts.google.com%2FManageAccount
Title: Sign in with a different account

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/20190711230840/https://accounts.google.com/SignUp?continue=https%3A%2F%2Faccounts.google.com%2FManageAccount
Title: Create account

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/20190711230840/https://www.google.com/intl/en/about
Title: About Google

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/20190711230840/https://accounts.google.com/TOS?loc=US&hl=en&privacy=true
Title: Privacy

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/20190711230840/https://accounts.google.com/TOS?loc=US&hl=en
Title: Terms

Search URL Search Domain Scan URL

URL: https://web.archive.org/web/20190711230840/http://www.google.com/support/accounts?hl=en
Title: Help

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://web.archive.org/web/20190711230840im_/https://ssl.gstatic.com/accounts/ui/avatar_2x.png HTTP 302
https://web.archive.org/web/20190711214457im_/https://ssl.gstatic.com/accounts/ui/avatar_2x.png

Request Chain 9

https://web.archive.org/web/20190711230840im_/https://ssl.gstatic.com/images/icons/ui/common/universal_language_settings-21.png HTTP 302
https://web.archive.org/web/20190711230906im_/https://ssl.gstatic.com/images/icons/ui/common/universal_language_settings-21.png

Request Chain 11

https://web.archive.org/web/20190711230840im_/https://ssl.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_112x36dp.png HTTP 302
https://web.archive.org/web/20190711230903im_/https://ssl.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_112x36dp.png

Request Chain 12

https://web.archive.org/web/20190711230840im_/https://ssl.gstatic.com/accounts/ui/wlogostrip_230x17_1x.png HTTP 302
https://web.archive.org/web/20190711214513im_/https://ssl.gstatic.com/accounts/ui/wlogostrip_230x17_1x.png

Request Chain 15

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1795000868&t=pageview&_s=1&dl=https%3A%2F%2Fd917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com%2F&dp=%2Fd917cca9-ac04-4509-bf04-634198565e9e.html&ul=en-us&de=windows-1252&dt=Sign%20in%20-%20Google%20Accounts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=506918626&gjid=1331330423&cid=1940997926.1569088490&tid=UA-75065234-3&_gid=199206229.1569088490&_r=1&z=558471565 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75065234-3&cid=1940997926.1569088490&jid=506918626&_gid=199206229.1569088490&gjid=1331330423&_v=j79&z=558471565 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75065234-3&cid=1940997926.1569088490&jid=506918626&_v=j79&z=558471565 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75065234-3&cid=1940997926.1569088490&jid=506918626&_v=j79&z=558471565&slf_rd=1&random=3744276390

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/ 83 KB
26 KB 57ms
6ms Document
text/html 2a03:b0c0:3:d0::35:d001
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:b0c0:3:d0::35:d001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 27872c7d61e2c721d7fb69357e8cd373d777f481800349b87c852510326e6f3f

Request headers

:method: GET
:authority: d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
server: nginx/1.10.3 (Ubuntu)
date: Sat, 21 Sep 2019 17:54:49 GMT
content-type: text/html
content-encoding: gzip

GET
H2 404 timestamp.js
d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/_static/js/ 0
0 6ms
5ms Script
text/html 2a03:b0c0:3:d0::35:d001
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/_static/js/timestamp.js
Requested by: Host: d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com
URL: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:b0c0:3:d0::35:d001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
date: Sat, 21 Sep 2019 17:54:49 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding
content-type: text/html

GET
H2 404 graph-calc.js
d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/_static/js/ 0
0 7ms
6ms Script
text/html 2a03:b0c0:3:d0::35:d001
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/_static/js/graph-calc.js
Requested by: Host: d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com
URL: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:b0c0:3:d0::35:d001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
date: Sat, 21 Sep 2019 17:54:49 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding
content-type: text/html

GET
H2 404 auto-complete.js
d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/_static/js/ 0
0 7ms
6ms Script
text/html 2a03:b0c0:3:d0::35:d001
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/_static/js/auto-complete.js
Requested by: Host: d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com
URL: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:b0c0:3:d0::35:d001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
date: Sat, 21 Sep 2019 17:54:49 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding
content-type: text/html

GET
H2 404 toolbar.js
d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/_static/js/ 0
0 7ms
6ms Script
text/html 2a03:b0c0:3:d0::35:d001
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/_static/js/toolbar.js
Requested by: Host: d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com
URL: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:b0c0:3:d0::35:d001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
date: Sat, 21 Sep 2019 17:54:49 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding
content-type: text/html

GET
H2 404 wayback-toolbar-logo.png
d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/_static/images/toolbar/ 580 B
580 B 7ms
7ms Image
text/html 2a03:b0c0:3:d0::35:d001
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/_static/images/toolbar/wayback-toolbar-logo.png
Requested by: Host: d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com
URL: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:b0c0:3:d0::35:d001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9e3dad9d075c73dc68d76bdfee5a2400bb8da07094c1059544b434177a8789f0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
date: Sat, 21 Sep 2019 17:54:49 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding
content-type: text/html

GET
H2 404 wm_tb_prv_on.png
d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/_static/images/toolbar/ 580 B
580 B 8ms
7ms Image
text/html 2a03:b0c0:3:d0::35:d001
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/_static/images/toolbar/wm_tb_prv_on.png
Requested by: Host: d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com
URL: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:b0c0:3:d0::35:d001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9e3dad9d075c73dc68d76bdfee5a2400bb8da07094c1059544b434177a8789f0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
date: Sat, 21 Sep 2019 17:54:49 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding
content-type: text/html

GET
H2 404 wm_tb_nxt_off.png
d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/_static/images/toolbar/ 580 B
580 B 6ms
5ms Image
text/html 2a03:b0c0:3:d0::35:d001
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/_static/images/toolbar/wm_tb_nxt_off.png
Requested by: Host: d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com
URL: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:b0c0:3:d0::35:d001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9e3dad9d075c73dc68d76bdfee5a2400bb8da07094c1059544b434177a8789f0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
date: Sat, 21 Sep 2019 17:54:49 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding
content-type: text/html

GET
H2 404 loading.gif
d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/_static/images/ 580 B
580 B 7ms
6ms Image
text/html 2a03:b0c0:3:d0::35:d001
DigitalOcean

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/_static/images/loading.gif
Requested by: Host: d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com
URL: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:b0c0:3:d0::35:d001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9e3dad9d075c73dc68d76bdfee5a2400bb8da07094c1059544b434177a8789f0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
date: Sat, 21 Sep 2019 17:54:49 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding
content-type: text/html

GET
H2

200

avatar_2x.png
web.archive.org/web/20190711214457im_/https://ssl.gstatic.com/accounts/ui/
Redirect Chain

https://web.archive.org/web/20190711230840im_/https://ssl.gstatic.com/accounts/ui/avatar_2x.png
https://web.archive.org/web/20190711214457im_/https://ssl.gstatic.com/accounts/ui/avatar_2x.png

626 B
2 KB

1908ms
1908ms

Image
image/png

207.241.233.214
Internet Archive

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.archive.org/web/20190711214457im_/https://ssl.gstatic.com/accounts/ui/avatar_2x.png

Requested by

Host: d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com
URL: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.241.233.214 , United States, ASN7941 (INTERNET-ARCHIVE - Internet Archive, US),

Reverse DNS

wwwb-front4.us.archive.org

Software

nginx/1.15.8 /

Resource Hash

cdcc6d6dcda827a694dce8bfa9a1ab41113b629ef1cc11f886866af9194c81d0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org analytics.archive.org pragma.archivelab.org

Request headers

Referer: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Sep 2019 17:54:52 GMT
x-archive-orig-last-modified: Thu, 21 Apr 2016 03:17:22 GMT
x-archive-orig-alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-app-server: wwwb-app102
x-cache-key: httpsweb.archive.org/web/20190711214457im_/https://ssl.gstatic.com/accounts/ui/avatar_2x.pngDE
x-location: All
status: 200
memento-datetime: Thu, 11 Jul 2019 21:44:57 GMT
x-archive-orig-age: 244056
x-archive-src: ARCHIVEIT-642-WEEKLY-JOB944067-SEED962055-20190711-00000/ARCHIVEIT-642-WEEKLY-JOB944067-SEED962055-20190711203727406-00000-h3.warc.gz
x-ts: ----
x-archive-guessed-content-type: image/png
x-archive-orig-server: sffe
x-archive-orig-accept-ranges: bytes
server: nginx/1.15.8
x-archive-orig-x-content-type-options: nosniff
x-archive-orig-cache-control: public, max-age=31536000
content-type: image/png
x-archive-orig-x-xss-protection: 0
cache-control: max-age=1800
x-page-cache: MISS
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org analytics.archive.org pragma.archivelab.org
x-archive-orig-date: Tue, 09 Jul 2019 01:57:21 GMT
x-archive-orig-content-length: 626
link: <https://ssl.gstatic.com/accounts/ui/avatar_2x.png>; rel="original", <https://web.archive.org/web/timemap/link/https://ssl.gstatic.com/accounts/ui/avatar_2x.png>; rel="timemap"; type="application/link-format", <https://web.archive.org/web/https://ssl.gstatic.com/accounts/ui/avatar_2x.png>; rel="timegate", <https://web.archive.org/web/20131017181436/https://ssl.gstatic.com/accounts/ui/avatar_2x.png>; rel="first memento"; datetime="Thu, 17 Oct 2013 18:14:36 GMT", <https://web.archive.org/web/20190711205012/https://ssl.gstatic.com/accounts/ui/avatar_2x.png>; rel="prev memento"; datetime="Thu, 11 Jul 2019 20:50:12 GMT", <https://web.archive.org/web/20190711214457/https://ssl.gstatic.com/accounts/ui/avatar_2x.png>; rel="memento"; datetime="Thu, 11 Jul 2019 21:44:57 GMT", <https://web.archive.org/web/20190712052617/https://ssl.gstatic.com/accounts/ui/avatar_2x.png>; rel="next memento"; datetime="Fri, 12 Jul 2019 05:26:17 GMT", <https://web.archive.org/web/20190921171135/https://ssl.gstatic.com/accounts/ui/avatar_2x.png>; rel="last memento"; datetime="Sat, 21 Sep 2019 17:11:35 GMT"
x-archive-orig-expires: Wed, 08 Jul 2020 01:57:21 GMT

Redirect headers

x-ts: ----
server: nginx/1.15.8
x-app-server: wwwb-app103
x-cache-key: httpsweb.archive.org/web/20190711230840im_/https://ssl.gstatic.com/accounts/ui/avatar_2x.pngDE
date: Sat, 21 Sep 2019 17:54:50 GMT
status: 302
content-type: text/plain; charset=utf-8
location: https://web.archive.org/web/20190711214457im_/https://ssl.gstatic.com/accounts/ui/avatar_2x.png
x-page-cache: MISS
content-length: 0
x-location: All
x-archive-redirect-reason: found capture at 20190711214457

GET
H2

200

universal_language_settings-21.png
web.archive.org/web/20190711230906im_/https://ssl.gstatic.com/images/icons/ui/common/
Redirect Chain

https://web.archive.org/web/20190711230840im_/https://ssl.gstatic.com/images/icons/ui/common/universal_language_settings-21.png
https://web.archive.org/web/20190711230906im_/https://ssl.gstatic.com/images/icons/ui/common/universal_language_settings-21.png

199 B
2 KB

1862ms
1862ms

Image
image/png

207.241.233.214
Internet Archive

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.archive.org/web/20190711230906im_/https://ssl.gstatic.com/images/icons/ui/common/universal_language_settings-21.png

Requested by

Host: d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com
URL: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.241.233.214 , United States, ASN7941 (INTERNET-ARCHIVE - Internet Archive, US),

Reverse DNS

wwwb-front4.us.archive.org

Software

nginx/1.15.8 /

Resource Hash

59404af2d92c53ad1ee9e21b252c07c77dcba810b248a79d6ae989b1ff63c7d6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org analytics.archive.org pragma.archivelab.org

Request headers

Referer: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Sep 2019 17:54:51 GMT
x-archive-orig-last-modified: Thu, 21 Apr 2016 03:17:22 GMT
x-archive-orig-alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-app-server: wwwb-app104
x-cache-key: httpsweb.archive.org/web/20190711230906im_/https://ssl.gstatic.com/images/icons/ui/common/universal_language_settings-21.pngDE
x-location: All
status: 200
memento-datetime: Thu, 11 Jul 2019 23:09:06 GMT
x-archive-orig-age: 233735
x-archive-src: ARCHIVEIT-6793-DAILY-JOB944158-SEED1072497-20190711-00000/ARCHIVEIT-6793-DAILY-JOB944158-SEED1072497-20190711230640979-00000-h3.warc.gz
x-ts: ----
x-archive-guessed-content-type: image/png
x-archive-orig-server: sffe
x-archive-orig-accept-ranges: bytes
server: nginx/1.15.8
x-archive-orig-x-content-type-options: nosniff
x-archive-orig-cache-control: public, max-age=31536000
content-type: image/png
x-archive-orig-x-xss-protection: 0
cache-control: max-age=1800
x-page-cache: MISS
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org analytics.archive.org pragma.archivelab.org
x-archive-orig-date: Tue, 09 Jul 2019 06:13:31 GMT
x-archive-orig-content-length: 199
link: <https://ssl.gstatic.com/images/icons/ui/common/universal_language_settings-21.png>; rel="original", <https://web.archive.org/web/timemap/link/https://ssl.gstatic.com/images/icons/ui/common/universal_language_settings-21.png>; rel="timemap"; type="application/link-format", <https://web.archive.org/web/https://ssl.gstatic.com/images/icons/ui/common/universal_language_settings-21.png>; rel="timegate", <https://web.archive.org/web/20130205215321/https://ssl.gstatic.com/images/icons/ui/common/universal_language_settings-21.png>; rel="first memento"; datetime="Tue, 05 Feb 2013 21:53:21 GMT", <https://web.archive.org/web/20190711230319/https://ssl.gstatic.com/images/icons/ui/common/universal_language_settings-21.png>; rel="prev memento"; datetime="Thu, 11 Jul 2019 23:03:19 GMT", <https://web.archive.org/web/20190711230906/https://ssl.gstatic.com/images/icons/ui/common/universal_language_settings-21.png>; rel="memento"; datetime="Thu, 11 Jul 2019 23:09:06 GMT", <https://web.archive.org/web/20190711233309/https://ssl.gstatic.com/images/icons/ui/common/universal_language_settings-21.png>; rel="next memento"; datetime="Thu, 11 Jul 2019 23:33:09 GMT", <https://web.archive.org/web/20190921171136/https://ssl.gstatic.com/images/icons/ui/common/universal_language_settings-21.png>; rel="last memento"; datetime="Sat, 21 Sep 2019 17:11:36 GMT"
x-archive-orig-expires: Wed, 08 Jul 2020 06:13:31 GMT

Redirect headers

x-ts: ----
server: nginx/1.15.8
x-app-server: wwwb-app42
x-cache-key: httpsweb.archive.org/web/20190711230840im_/https://ssl.gstatic.com/images/icons/ui/common/universal_language_settings-21.pngDE
date: Sat, 21 Sep 2019 17:54:50 GMT
status: 302
content-type: text/plain; charset=utf-8
location: https://web.archive.org/web/20190711230906im_/https://ssl.gstatic.com/images/icons/ui/common/universal_language_settings-21.png
x-page-cache: MISS
content-length: 0
x-location: All
x-archive-redirect-reason: found capture at 20190711230906

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com
URL: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4276
date: Sat, 21 Sep 2019 16:43:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Sat, 21 Sep 2019 18:43:33 GMT

GET
H2

200

googlelogo_color_112x36dp.png
web.archive.org/web/20190711230903im_/https://ssl.gstatic.com/images/branding/googlelogo/1x/
Redirect Chain

https://web.archive.org/web/20190711230840im_/https://ssl.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_112x36dp.png
https://web.archive.org/web/20190711230903im_/https://ssl.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_112x36dp.png

2 KB
4 KB

16944ms
16944ms

Image
image/png

207.241.233.214
Internet Archive

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.archive.org/web/20190711230903im_/https://ssl.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_112x36dp.png

Requested by

Host: d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com
URL: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.241.233.214 , United States, ASN7941 (INTERNET-ARCHIVE - Internet Archive, US),

Reverse DNS

wwwb-front4.us.archive.org

Software

nginx/1.15.8 /

Resource Hash

9ecd5e18216a965021f794cc1fd255767f8437ce1dd6c6c2ff4ceea7ccc0073d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org analytics.archive.org pragma.archivelab.org

Request headers

Referer: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Sep 2019 17:55:07 GMT
x-archive-orig-last-modified: Thu, 21 Apr 2016 03:17:22 GMT
x-archive-orig-alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-app-server: wwwb-app104
x-cache-key: httpsweb.archive.org/web/20190711230903im_/https://ssl.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_112x36dp.pngDE
x-location: All
status: 200
x-archive-orig-vary: Origin
memento-datetime: Thu, 11 Jul 2019 23:09:03 GMT
x-archive-orig-age: 228506
x-archive-src: ARCHIVEIT-6793-DAILY-JOB944158-SEED1072497-20190711-00000/ARCHIVEIT-6793-DAILY-JOB944158-SEED1072497-20190711230640979-00000-h3.warc.gz
x-ts: ----
x-archive-guessed-content-type: image/png
x-archive-orig-server: sffe
x-archive-orig-accept-ranges: bytes
server: nginx/1.15.8
x-archive-orig-x-content-type-options: nosniff
x-archive-orig-cache-control: public, max-age=31536000
content-type: image/png
x-archive-orig-x-xss-protection: 0
cache-control: max-age=1800
x-page-cache: MISS
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org analytics.archive.org pragma.archivelab.org
x-archive-orig-date: Tue, 09 Jul 2019 07:40:37 GMT
x-archive-orig-content-length: 2449
link: <https://ssl.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_112x36dp.png>; rel="original", <https://web.archive.org/web/timemap/link/https://ssl.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_112x36dp.png>; rel="timemap"; type="application/link-format", <https://web.archive.org/web/https://ssl.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_112x36dp.png>; rel="timegate", <https://web.archive.org/web/20150820052855/https://ssl.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_112x36dp.png>; rel="first memento"; datetime="Thu, 20 Aug 2015 05:28:55 GMT", <https://web.archive.org/web/20190711230313/https://ssl.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_112x36dp.png>; rel="prev memento"; datetime="Thu, 11 Jul 2019 23:03:13 GMT", <https://web.archive.org/web/20190711230903/https://ssl.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_112x36dp.png>; rel="memento"; datetime="Thu, 11 Jul 2019 23:09:03 GMT", <https://web.archive.org/web/20190711233306/https://ssl.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_112x36dp.png>; rel="next memento"; datetime="Thu, 11 Jul 2019 23:33:06 GMT", <https://web.archive.org/web/20190921141848/https://ssl.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_112x36dp.png>; rel="last memento"; datetime="Sat, 21 Sep 2019 14:18:48 GMT"
x-archive-orig-expires: Wed, 08 Jul 2020 07:40:37 GMT

Redirect headers

x-ts: ----
server: nginx/1.15.8
x-app-server: wwwb-app102
x-cache-key: httpsweb.archive.org/web/20190711230840im_/https://ssl.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_112x36dp.pngDE
date: Sat, 21 Sep 2019 17:54:50 GMT
status: 302
content-type: text/plain; charset=utf-8
location: https://web.archive.org/web/20190711230903im_/https://ssl.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_112x36dp.png
x-page-cache: MISS
content-length: 0
x-location: All
x-archive-redirect-reason: found capture at 20190711230903

GET
H2

200

wlogostrip_230x17_1x.png
web.archive.org/web/20190711214513im_/https://ssl.gstatic.com/accounts/ui/
Redirect Chain

https://web.archive.org/web/20190711230840im_/https://ssl.gstatic.com/accounts/ui/wlogostrip_230x17_1x.png
https://web.archive.org/web/20190711214513im_/https://ssl.gstatic.com/accounts/ui/wlogostrip_230x17_1x.png

4 KB
6 KB

2160ms
2160ms

Image
image/png

207.241.233.214
Internet Archive

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.archive.org/web/20190711214513im_/https://ssl.gstatic.com/accounts/ui/wlogostrip_230x17_1x.png

Requested by

Host: d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com
URL: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.241.233.214 , United States, ASN7941 (INTERNET-ARCHIVE - Internet Archive, US),

Reverse DNS

wwwb-front4.us.archive.org

Software

nginx/1.15.8 /

Resource Hash

05cdc120325f04f53e3ec7dbba877500d94db5a47e38fb6a2cc96fa3d1d7664c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org analytics.archive.org pragma.archivelab.org

Request headers

Referer: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 21 Sep 2019 17:54:52 GMT
x-archive-orig-last-modified: Thu, 21 Apr 2016 03:17:22 GMT
x-archive-orig-alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-app-server: wwwb-app58
x-cache-key: httpsweb.archive.org/web/20190711214513im_/https://ssl.gstatic.com/accounts/ui/wlogostrip_230x17_1x.pngDE
x-location: All
status: 200
memento-datetime: Thu, 11 Jul 2019 21:45:13 GMT
x-archive-orig-age: 274923
x-archive-src: ARCHIVEIT-642-WEEKLY-JOB944067-SEED962055-20190711-00000/ARCHIVEIT-642-WEEKLY-JOB944067-SEED962055-20190711203727406-00000-h3.warc.gz
x-ts: ----
x-archive-guessed-content-type: image/png
x-archive-orig-server: sffe
x-archive-orig-accept-ranges: bytes
server: nginx/1.15.8
x-archive-orig-x-content-type-options: nosniff
x-archive-orig-cache-control: public, max-age=31536000
content-type: image/png
x-archive-orig-x-xss-protection: 0
cache-control: max-age=1800
x-page-cache: MISS
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org analytics.archive.org pragma.archivelab.org
x-archive-orig-date: Mon, 08 Jul 2019 17:23:10 GMT
x-archive-orig-content-length: 4285
link: <https://ssl.gstatic.com/accounts/ui/wlogostrip_230x17_1x.png>; rel="original", <https://web.archive.org/web/timemap/link/https://ssl.gstatic.com/accounts/ui/wlogostrip_230x17_1x.png>; rel="timemap"; type="application/link-format", <https://web.archive.org/web/https://ssl.gstatic.com/accounts/ui/wlogostrip_230x17_1x.png>; rel="timegate", <https://web.archive.org/web/20150901194549/https://ssl.gstatic.com/accounts/ui/wlogostrip_230x17_1x.png>; rel="first memento"; datetime="Tue, 01 Sep 2015 19:45:49 GMT", <https://web.archive.org/web/20190711204902/https://ssl.gstatic.com/accounts/ui/wlogostrip_230x17_1x.png>; rel="prev memento"; datetime="Thu, 11 Jul 2019 20:49:02 GMT", <https://web.archive.org/web/20190711214513/https://ssl.gstatic.com/accounts/ui/wlogostrip_230x17_1x.png>; rel="memento"; datetime="Thu, 11 Jul 2019 21:45:13 GMT", <https://web.archive.org/web/20190712052614/https://ssl.gstatic.com/accounts/ui/wlogostrip_230x17_1x.png>; rel="next memento"; datetime="Fri, 12 Jul 2019 05:26:14 GMT", <https://web.archive.org/web/20190921141848/https://ssl.gstatic.com/accounts/ui/wlogostrip_230x17_1x.png>; rel="last memento"; datetime="Sat, 21 Sep 2019 14:18:48 GMT"
x-archive-orig-expires: Tue, 07 Jul 2020 17:23:10 GMT

Redirect headers

x-ts: ----
server: nginx/1.15.8
x-app-server: wwwb-app43
x-cache-key: httpsweb.archive.org/web/20190711230840im_/https://ssl.gstatic.com/accounts/ui/wlogostrip_230x17_1x.pngDE
date: Sat, 21 Sep 2019 17:54:50 GMT
status: 302
content-type: text/plain; charset=utf-8
location: https://web.archive.org/web/20190711214513im_/https://ssl.gstatic.com/accounts/ui/wlogostrip_230x17_1x.png
x-page-cache: MISS
content-length: 0
x-location: All
x-archive-redirect-reason: found capture at 20190711214513

GET mem5YaGs126MiZpBA-UN_r8OUuhs.ttf
web.archive.org/web/20190711230840im_/https://fonts.gstatic.com/s/opensans/v15/ 0
0

GET mem8YaGs126MiZpBA-UFVZ0e.ttf
web.archive.org/web/20190711230840im_/https://fonts.gstatic.com/s/opensans/v15/ 0
0

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1795000868&t=pageview&_s=1&dl=https%3A%2F%2Fd917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com%2F&dp=%2Fd917cca9-ac04-4509-bf04-634198565e9e....
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75065234-3&cid=1940997926.1569088490&jid=506918626&_gid=199206229.1569088490&gjid=1331330423&_v=j79&z=558471565
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75065234-3&cid=1940997926.1569088490&jid=506918626&_v=j79&z=558471565
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75065234-3&cid=1940997926.1569088490&jid=506918626&_v=j79&z=558471565&slf_rd=1&random=3744276390

42 B
109 B

29ms
29ms

Image
image/gif

2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75065234-3&cid=1940997926.1569088490&jid=506918626&_v=j79&z=558471565&slf_rd=1&random=3744276390

Requested by

Host: d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com
URL: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Sep 2019 17:54:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 21 Sep 2019 17:54:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75065234-3&cid=1940997926.1569088490&jid=506918626&_v=j79&z=558471565&slf_rd=1&random=3744276390
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: web.archive.org
URL: https://web.archive.org/web/20190711230840im_/https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN_r8OUuhs.ttf

Domain: web.archive.org
URL: https://web.archive.org/web/20190711230840im_/https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0e.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com
stats.g.doubleclick.net
web.archive.org
www.google-analytics.com
www.google.com
www.google.de
web.archive.org
207.241.233.214
2a00:1450:4001:81c::2004
2a00:1450:4001:81e::2003
2a00:1450:4001:825::200e
2a00:1450:400c:c09::9a
2a03:b0c0:3:d0::35:d001
05cdc120325f04f53e3ec7dbba877500d94db5a47e38fb6a2cc96fa3d1d7664c
27872c7d61e2c721d7fb69357e8cd373d777f481800349b87c852510326e6f3f
59404af2d92c53ad1ee9e21b252c07c77dcba810b248a79d6ae989b1ff63c7d6
9e3dad9d075c73dc68d76bdfee5a2400bb8da07094c1059544b434177a8789f0
9ecd5e18216a965021f794cc1fd255767f8437ce1dd6c6c2ff4ceea7ccc0073d
cdcc6d6dcda827a694dce8bfa9a1ab41113b629ef1cc11f886866af9194c81d0
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com Open in urlscan Pro 2a03:b0c0:3:d0::35:d001 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

17 Requests

88 %HTTPS

83 %IPv6

6 Domains

6 Subdomains

5 IPs

3 Countries

60 kBTransfer

136 kBSize

0 Cookies

14 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

26 JavaScript Global Variables

0 Cookies

Indicators

d917cca9-ac04-4509-bf04-634198565e9e.htmlpasta.com Open in urlscan Pro
2a03:b0c0:3:d0::35:d001 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

88 %
HTTPS

83 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

60 kB
Transfer

136 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!