scriptpastebin.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://scriptpastebin.com/19974/
Submission Tags: @phish_report
Submission: On July 03 via api (July 3rd 2024, 1:42:41 pm UTC) from FI — Scanned from NL

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 11 domains to perform 43 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is scriptpastebin.com.
TLS certificate: Issued by WE1 on June 11th 2024. Valid for: a month.

This is the only time scriptpastebin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
6	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:4bb1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.185.142 142.250.185.142	15169 (GOOGLE) (GOOGLE)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
43	16

3 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

scriptpastebin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

scriptpastebin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bb1 (United States)

ASN13335 (CLOUDFLARENET, US)

protagcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adx.protagcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 137 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	300 KB
9	scriptpastebin.com scriptpastebin.com	1 MB
6	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 744	131 KB
2	gstatic.com fonts.gstatic.com	168 KB
2	protagcdn.com protagcdn.com — Cisco Umbrella Rank: 142898 adx.protagcdn.com — Cisco Umbrella Rank: 306370	133 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235	146 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 112	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	6 KB
1	w.org s.w.org — Cisco Umbrella Rank: 3961	580 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2355
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	89 KB
43	11

	Domain	Requested by
13	pagead2.googlesyndication.com	scriptpastebin.com pagead2.googlesyndication.com
9	scriptpastebin.com	scriptpastebin.com
6	fundingchoicesmessages.google.com	scriptpastebin.com pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	fonts.gstatic.com	scriptpastebin.com
2	securepubads.g.doubleclick.net	scriptpastebin.com
1	lh3.googleusercontent.com	scriptpastebin.com
1	fonts.googleapis.com
1	s.w.org	scriptpastebin.com
1	adx.protagcdn.com	protagcdn.com
1	protagcdn.com	scriptpastebin.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	scriptpastebin.com
43	13

This site contains no links.

Subject Issuer	Validity	Valid
scriptpastebin.com WE1	`2024-06-11` - `2024-07-11`	a month	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
protagcdn.com E6	`2024-06-19` - `2024-09-17`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2023-12-18` - `2025-01-17`	a year	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://scriptpastebin.com/19974/
Frame ID: 15CF2D71AC9E0186F42480F7E672AC2B
Requests: 38 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240626/r20110914/zrt_lookup_fy2021.html
Frame ID: 740A0B7ACA5AB52DF7C1BF2E4B097E07
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8684986675842996&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1720014154&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fscriptpastebin.com%2F19974%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=27_9~29_18&aiixl=27_3~29_5&aslmct=0.7&asamct=0.7&aisaib=1&itsi=-1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720014154690&bpp=5&bdt=253&idt=284&shv=r20240626&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=2568077915705&frm=20&pv=2&ga_vid=985966572.1720014155&ga_sid=1720014155&ga_hid=203702789&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44795921%2C95330279%2C95332584%2C95334509%2C95334526%2C95334570%2C95334828%2C95337070%2C31084927%2C95331953%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3566303380595580&tmod=676205013&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=311
Frame ID: 6BCB41E0908B2D967AB56AB48E53D1A6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8684986675842996&output=html&h=280&slotname=8094437237&adk=817848039&adf=1270779588&pi=t.ma~as.8094437237&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1720014155&rafmt=1&format=1200x280&url=https%3A%2F%2Fscriptpastebin.com%2F19974%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720014154695&bpp=2&bdt=257&idt=313&shv=r20240626&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2568077915705&frm=20&pv=1&ga_vid=985966572.1720014155&ga_sid=1720014155&ga_hid=203702789&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44795921%2C95330279%2C95332584%2C95334509%2C95334526%2C95334570%2C95334828%2C95337070%2C31084927%2C95331953%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3566303380595580&tmod=676205013&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=321
Frame ID: E70B02188DDFB876237DA0C7E912AFCB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8684986675842996&output=html&h=280&slotname=6664971343&adk=82161384&adf=2298937098&pi=t.ma~as.6664971343&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1720014155&rafmt=1&format=1200x280&url=https%3A%2F%2Fscriptpastebin.com%2F19974%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720014154697&bpp=1&bdt=259&idt=333&shv=r20240626&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=2568077915705&frm=20&pv=1&ga_vid=985966572.1720014155&ga_sid=1720014155&ga_hid=203702789&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44795921%2C95330279%2C95332584%2C95334509%2C95334526%2C95334570%2C95334828%2C95337070%2C31084927%2C95331953%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3566303380595580&tmod=676205013&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=337
Frame ID: A720DC9E13A01E2D7F918D1D721A5F4D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8684986675842996&output=html&h=90&slotname=2115352241&adk=3147630998&adf=4103626104&pi=t.ma~as.2115352241&w=728&abgtt=6&lmt=1720014155&format=728x90&url=https%3A%2F%2Fscriptpastebin.com%2F19974%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720014154698&bpp=1&bdt=260&idt=368&shv=r20240626&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=2568077915705&frm=20&pv=1&ga_vid=985966572.1720014155&ga_sid=1720014155&ga_hid=203702789&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1626&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44795921%2C95330279%2C95332584%2C95334509%2C95334526%2C95334570%2C95334828%2C95337070%2C31084927%2C95331953%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3566303380595580&tmod=676205013&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=371
Frame ID: B4F4D2ED56502702E84377086663BEC6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8684986675842996&output=html&h=280&slotname=7540775607&adk=621483404&adf=2907481791&pi=t.ma~as.7540775607&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1720014155&rafmt=1&format=1200x280&url=https%3A%2F%2Fscriptpastebin.com%2F19974%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720014154699&bpp=1&bdt=261&idt=387&shv=r20240626&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C728x90&nras=1&correlator=2568077915705&frm=20&pv=1&ga_vid=985966572.1720014155&ga_sid=1720014155&ga_hid=203702789&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44795921%2C95330279%2C95332584%2C95334509%2C95334526%2C95334570%2C95334828%2C95337070%2C31084927%2C95331953%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3566303380595580&tmod=676205013&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=390
Frame ID: E9DD977957812DA1A90B82EA591F1643
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FC832BFB198A5E475357AD41D0A46A2A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BLOX FRUITS (BANANA) – ScriptPastebin

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

95 %
HTTPS

67 %
IPv6

11
Domains

13
Subdomains

16
IPs

3
Countries

2099 kB
Transfer

5379 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
scriptpastebin.com/19974/ 24 KB
8 KB 636ms
581ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scriptpastebin.com/19974/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

8f20073fa0bc1b6dc063002203a1ffcc7b76bcb231282e47d1d756a777ae50dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89d74cad9d38b942-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 03 Jul 2024 13:42:34 GMT
link: <https://scriptpastebin.com/wp-json/>; rel="https://api.w.org/" <https://scriptpastebin.com/wp-json/wp/v2/posts/19974>; rel="alternate"; type="application/json" <https://scriptpastebin.com/?p=19974>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
platform: hostinger
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mQCum0h7utVPB19DZO5lTqRZqm%2Bs%2BrsKNGYy63D6fnXSU2d4bQW2TWt28v7xRWpAz6%2Fw0MCE%2FTp62wv58YlUURl0Y6%2BfgeemWnuEGUjyAbh8unPU4nP%2FlSeKwt89o0xHhxWJ6n94bDCEHkg2%2F0%2F2aho%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-litespeed-cache: hit
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 169 KB
53 KB 155ms
97ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8684986675842996

Requested by

Host: scriptpastebin.com
URL: https://scriptpastebin.com/19974/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f77d66bcb95c126cf280502248629325f42fba6f990577435e1c55b78b65222

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://scriptpastebin.com/
Origin: https://scriptpastebin.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jul 2024 13:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53348
x-xss-protection: 0
server: cafe
etag: 17721564906045705212
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 03 Jul 2024 13:42:34 GMT

GET
H2 200 10d23e7b98633e1810b1a0077ef5cfcd.css
scriptpastebin.com/wp-content/litespeed/css/ 672 KB
91 KB 36ms
33ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scriptpastebin.com/wp-content/litespeed/css/10d23e7b98633e1810b1a0077ef5cfcd.css?ver=a5040

Requested by

Host: scriptpastebin.com
URL: https://scriptpastebin.com/19974/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03d5de6f85feffe3e4caf6b5f7618d4335f74afe8019b1330856c6263de3280e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/19974/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jul 2024 13:42:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 220
cf-polished: origSize=688300
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 02 Jul 2024 03:49:47 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=auV9C6CX1sQY4skD4Twl743i2Bbe63lcKFC4n5ZU0v0FAbwSXRdJsBYkMmDa%2FKHsNRAziVQeiuExCJw9C5ofakMSXGa9s3lH0%2B1WUctGEtRezjp6O%2FGIa7Z66PVxbUD0nnkGxn4hUj%2F5RZNswg2aNb0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 89d74cb14945b942-AMS
expires: Thu, 03 Jul 2025 19:38:53 GMT

GET
H2 200 jquery.min.js Show response
scriptpastebin.com/wp-includes/js/jquery/ 86 KB
31 KB 30ms
29ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scriptpastebin.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: scriptpastebin.com
URL: https://scriptpastebin.com/19974/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/19974/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jul 2024 13:42:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 248637
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kHr3YQYvN7K668qdSFqgBE3cKF87NPD8bFNqrt%2B%2FkB3iz02O4cKyL4Nbt%2BckqnHTJd09UC1UihD3AsXvaSTbeSGj2mlaLDYH8QRh4L%2FxQQsGomt9lCUV0TzbSMxUm5cL9RzKQIbK1JQ%2F%2BDA4wCk91Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 89d74cb14947b942-AMS
expires: Mon, 30 Jun 2025 22:38:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
89 KB 195ms
82ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2XRYJXDP7M

Requested by

Host: scriptpastebin.com
URL: https://scriptpastebin.com/19974/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dbe09e3096b132c97bf6f60684720ca1f0aba87d4c2a9e06b87dd870e7e05fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jul 2024 13:42:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90293
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 Jul 2024 13:42:34 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 169 KB
52 KB 117ms
117ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8684986675842996&host=ca-host-pub-2644536267352236

Requested by

Host: scriptpastebin.com
URL: https://scriptpastebin.com/19974/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41542e6e7be671fc442b638342ee370fc507aceee9ab19508db37712a3dbaf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://scriptpastebin.com/
Origin: https://scriptpastebin.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jul 2024 13:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53359
x-xss-protection: 0
server: cafe
etag: 8501228394810421116
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 03 Jul 2024 13:42:34 GMT

GET
H3 200 f3e436000896b46f01d270058644517b.js Show response
scriptpastebin.com/wp-content/litespeed/js/ 896 KB
248 KB 56ms
56ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scriptpastebin.com/wp-content/litespeed/js/f3e436000896b46f01d270058644517b.js?ver=a5040

Requested by

Host: scriptpastebin.com
URL: https://scriptpastebin.com/19974/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7d3d3eb1128dd36ecafdef84046ca36dc2ec76be9fa6ab18e60d01f157033d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/19974/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jul 2024 13:42:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32037
cf-polished: origSize=917452
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 03 Jul 2024 00:04:52 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BFX2Gi2CM8bw8lPMO2mZ%2BMdxq6d6umFY46yz%2B9WJuqKbjPwsCAhRH5QqTc9TFI%2BW57ftgnAcCRYeA61SJRQRmm6QNjxu8AhisqUsmF7Q1WzwGaxdD5Fj5IoYgp0afjFO3BCM%2FOI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 89d74cb1ef249ff6-AMS
expires: Thu, 03 Jul 2025 10:48:36 GMT

GET
DATA 200
OK truncated Show response
/ 226 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4543afd0cd756a9d2dfc5cfee3f2a9d5d5b422db09d7b176274eb17478f08fe

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 171 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c715954c4a66b788a388e48db04b0f54108a3cfbf166d7d60360a88ca3b2e2f1

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
H3 200 Simple-Line-Icons.woff2
scriptpastebin.com/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/ 29 KB
30 KB 81ms
80ms Font
font/woff2 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scriptpastebin.com/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/Simple-Line-Icons.woff2?v=2.4.0

Requested by

Host: scriptpastebin.com
URL: https://scriptpastebin.com/wp-content/litespeed/css/10d23e7b98633e1810b1a0077ef5cfcd.css?ver=a5040

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://scriptpastebin.com/wp-content/litespeed/css/10d23e7b98633e1810b1a0077ef5cfcd.css?ver=a5040
Origin: https://scriptpastebin.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jul 2024 13:42:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 248636
alt-svc: h3=":443"; ma=86400
content-length: 30064
x-xss-protection: 1; mode=block
last-modified: Sat, 25 May 2024 02:56:41 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vNB35GDGgHoBeP3CD0gMYiKz9DrUYFsLH5zR6B9kRPmeyM4i1JKi2iZUZuBUn785ncKrAmBg689VkSCbX3H8131c6A9XuwtREtdMmMtthfpcNolkiOL4APDqgZpURYnsrXI35dY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 89d74cb23fc49ff6-AMS
expires: Mon, 30 Jun 2025 22:38:38 GMT

GET
H3 200 fa-solid-900.woff2
scriptpastebin.com/wp-content/themes/oceanwp/assets/fonts/fontawesome/webfonts/ 147 KB
147 KB 58ms
53ms Font
font/woff2 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scriptpastebin.com/wp-content/themes/oceanwp/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2

Requested by

Host: scriptpastebin.com
URL: https://scriptpastebin.com/wp-content/litespeed/css/10d23e7b98633e1810b1a0077ef5cfcd.css?ver=a5040

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://scriptpastebin.com/wp-content/litespeed/css/10d23e7b98633e1810b1a0077ef5cfcd.css?ver=a5040
Origin: https://scriptpastebin.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jul 2024 13:42:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 248696
alt-svc: h3=":443"; ma=86400
content-length: 150020
x-xss-protection: 1; mode=block
last-modified: Sat, 25 May 2024 02:56:41 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oELhP0%2FFj7t7bVV0ZGbE%2FfTXJBS8lgOGJP8nSP1YIUlPjmpz22hl%2Bo4dPwTUxnfVBfZxx6QU7nNekAHrKIJvZOb0wWMtV%2Bz1J%2F6UvC1CpCBGQbNrdwq8jJXGdh7PqZ9FCE%2FzWz0%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 89d74cb268049ff6-AMS
expires: Mon, 30 Jun 2025 22:37:38 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/ 93 KB
32 KB 113ms
68ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/slotcar_library_fy2021.js?bust=31084927

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8684986675842996

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e0db74f93baedb488a983346d1ffc2149bcccba8f2c6bf22ebddcde571f41792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jul 2024 13:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33225
x-xss-protection: 0
server: cafe
etag: 4731824427795132559
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Jul 2024 13:42:34 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/ 425 KB
144 KB 135ms
92ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8684986675842996&plah=scriptpastebin.com&aplac=true&bust=31084927

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8684986675842996

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

b1d75bdd5c269b22bf074249d15cce582f70017059aa07834c8a4d29ba4e75b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jul 2024 13:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146910
x-xss-protection: 0
server: cafe
etag: 15608681752665119396
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 Jul 2024 13:42:34 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 64ms
21ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2XRYJXDP7M&gtm=45je4710v867701475za200&_p=1720014154817&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&gdid=dZTNiMT&cid=985966572.1720014155&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720014154&sct=1&seg=0&dl=https%3A%2F%2Fscriptpastebin.com%2F19974%2F&dt=BLOX%20FRUITS%20(BANANA)%20%E2%80%93%20ScriptPastebin&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1037&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2XRYJXDP7M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 03 Jul 2024 13:42:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://scriptpastebin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406270101/ 466 KB
145 KB 77ms
21ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406270101/pubads_impl.js

Requested by

Host: scriptpastebin.com
URL: https://scriptpastebin.com/wp-content/litespeed/js/f3e436000896b46f01d270058644517b.js?ver=a5040

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

0c0b0a5f015dbecef921a387c2f0f5bf42b440a271c0418279aae7c9ab8ca799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jul 2024 08:18:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19436
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148622
x-xss-protection: 0
server: cafe
etag: 8151157238384872658
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 03 Jul 2025 08:18:38 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 960 B
437 B 224ms
172ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=scriptpastebin.com

Requested by

Host: scriptpastebin.com
URL: https://scriptpastebin.com/wp-content/litespeed/js/f3e436000896b46f01d270058644517b.js?ver=a5040

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

b01737e458d47a64a7bf03a29f4b286f33f23ceaea365b99d07af556dec716fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jul 2024 13:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 412
x-xss-protection: 0
expires: Wed, 03 Jul 2024 13:42:34 GMT

GET
H2 200 pub-8684986675842996 Show response
fundingchoicesmessages.google.com/b/ 10 KB
6 KB 181ms
38ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/b/pub-8684986675842996

Requested by

Host: scriptpastebin.com
URL: https://scriptpastebin.com/wp-content/litespeed/js/f3e436000896b46f01d270058644517b.js?ver=a5040

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b3c8ff299f83271a89a06861b62cda4162229f0685f0bab449278882793f6ab2

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-s0QqOke4_84409PFucmxCQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jul 2024 13:42:35 GMT
content-security-policy: script-src 'nonce-s0QqOke4_84409PFucmxCQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtHikmLw0ZBiUAjbyXTe6Q7TdSCW-PqSSQuIndJnsIYAsU_9DNY4IG69eY51OhB_fnyO9TcQJ_07z1oCxEsiLrIeSbzIevDxRdaTQCzEzXF61dQtbAI3fr9TV9JIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxMDcw1DMwjy8wAABwMjsa"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 1e224a4d-a95b-40b5-a7a3-93d68ea8d473
https://scriptpastebin.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://scriptpastebin.com/1e224a4d-a95b-40b5-a7a3-93d68ea8d473
Requested by: Host: scriptpastebin.com
URL: https://scriptpastebin.com/19974/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 ca-pub-8684986675842996 Show response
fundingchoicesmessages.google.com/i/ 199 KB
65 KB 143ms
58ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-8684986675842996?href=https%3A%2F%2Fscriptpastebin.com%2F19974&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8684986675842996&plah=scriptpastebin.com&aplac=true&bust=31084927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b933782d1e2f9acb06882d025904e7f165e79b64de40416cf49fe3976bbe8a4c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-IMv4KvBc-QIW-QRXOC2T4w' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jul 2024 13:42:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-IMv4KvBc-QIW-QRXOC2T4w' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmJw05BiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQHiJREXWY8kXmQ9-Pgi60kgFuLmOL1q6hY2gRWXnhkoaSTlF8Yn5-eVFGUmlZbkF6Ulp6UWpxaVpRbFGxkYmRiYGxjqGZjHFxgAALwOOYc"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240626/r20110914/ Frame 740A 0
0 77ms
24ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240626/r20110914/zrt_lookup_fy2021.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

age: 29383
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4164
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jul 2024 05:32:52 GMT
etag: 9187630395144177108
expires: Wed, 17 Jul 2024 05:32:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 6BCB 0
0 357ms
308ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8684986675842996&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1720014154&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fscriptpastebin.com%2F19974%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=27_9~29_18&aiixl=27_3~29_5&aslmct=0.7&asamct=0.7&aisaib=1&itsi=-1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720014154690&bpp=5&bdt=253&idt=284&shv=r20240626&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=2568077915705&frm=20&pv=2&ga_vid=985966572.1720014155&ga_sid=1720014155&ga_hid=203702789&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44795921%2C95330279%2C95332584%2C95334509%2C95334526%2C95334570%2C95334828%2C95337070%2C31084927%2C95331953%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3566303380595580&tmod=676205013&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=311

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 7720
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jul 2024 13:42:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame E70B 0
0 407ms
360ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8684986675842996&output=html&h=280&slotname=8094437237&adk=817848039&adf=1270779588&pi=t.ma~as.8094437237&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1720014155&rafmt=1&format=1200x280&url=https%3A%2F%2Fscriptpastebin.com%2F19974%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720014154695&bpp=2&bdt=257&idt=313&shv=r20240626&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2568077915705&frm=20&pv=1&ga_vid=985966572.1720014155&ga_sid=1720014155&ga_hid=203702789&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44795921%2C95330279%2C95332584%2C95334509%2C95334526%2C95334570%2C95334828%2C95337070%2C31084927%2C95331953%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3566303380595580&tmod=676205013&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=321

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 307
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jul 2024 13:42:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 site.js Show response
protagcdn.com/s/scriptpastebin.com/ 467 KB
132 KB 109ms
54ms Script
application/javascript 2606:4700:20::ac43:4bb1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://protagcdn.com/s/scriptpastebin.com/site.js
Requested by: Host: scriptpastebin.com
URL: https://scriptpastebin.com/wp-content/litespeed/js/f3e436000896b46f01d270058644517b.js?ver=a5040
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bb1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64511a5310c971f7973a481a10cab4d0bc9e77d171c1f0e1e60458e1a2db4eac

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jul 2024 13:42:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 958
cf-polished: origSize=478517
alt-svc: h3=":443"; ma=86400
pragma: no-cache
cf-bgj: minify
last-modified: Tue, 12 Dec 2023 15:18:10 GMT
server: cloudflare
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AS6iVupfr0CJqQl1VUTkXeag3fc2jIfwIRT5biQKq3p8S43Ulh49krEfNJsAPTiCtlbc3JbyOLBUzWvrUunvcgiAKGn8bIPBzTp7XYfJfcVK9r%2BvtN0X3Mi8FZpJzHHyWOOfbIRiMfr9Zm8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 89d74cb55c71b92c-AMS
expires: Wed, 03 Jul 2024 14:12:35 GMT

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame A720 0
0 661ms
617ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8684986675842996&output=html&h=280&slotname=6664971343&adk=82161384&adf=2298937098&pi=t.ma~as.6664971343&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1720014155&rafmt=1&format=1200x280&url=https%3A%2F%2Fscriptpastebin.com%2F19974%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720014154697&bpp=1&bdt=259&idt=333&shv=r20240626&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=2568077915705&frm=20&pv=1&ga_vid=985966572.1720014155&ga_sid=1720014155&ga_hid=203702789&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1202&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44795921%2C95330279%2C95332584%2C95334509%2C95334526%2C95334570%2C95334828%2C95337070%2C31084927%2C95331953%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3566303380595580&tmod=676205013&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=337

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 307
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jul 2024 13:42:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame B4F4 0
0 298ms
270ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8684986675842996&output=html&h=90&slotname=2115352241&adk=3147630998&adf=4103626104&pi=t.ma~as.2115352241&w=728&abgtt=6&lmt=1720014155&format=728x90&url=https%3A%2F%2Fscriptpastebin.com%2F19974%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720014154698&bpp=1&bdt=260&idt=368&shv=r20240626&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=1&correlator=2568077915705&frm=20&pv=1&ga_vid=985966572.1720014155&ga_sid=1720014155&ga_hid=203702789&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1626&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44795921%2C95330279%2C95332584%2C95334509%2C95334526%2C95334570%2C95334828%2C95337070%2C31084927%2C95331953%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3566303380595580&tmod=676205013&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=371

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 309
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jul 2024 13:42:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 203ms
203ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8684986675842996
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://scriptpastebin.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame E9DD 0
0 328ms
319ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8684986675842996&output=html&h=280&slotname=7540775607&adk=621483404&adf=2907481791&pi=t.ma~as.7540775607&w=1200&abgtt=6&fwrn=4&fwrnh=100&lmt=1720014155&rafmt=1&format=1200x280&url=https%3A%2F%2Fscriptpastebin.com%2F19974%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1720014154699&bpp=1&bdt=261&idt=387&shv=r20240626&mjsv=m202406270101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0%2C1200x280%2C1200x280%2C728x90&nras=1&correlator=2568077915705&frm=20&pv=1&ga_vid=985966572.1720014155&ga_sid=1720014155&ga_hid=203702789&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1968&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44795921%2C95330279%2C95332584%2C95334509%2C95334526%2C95334570%2C95334828%2C95337070%2C31084927%2C95331953%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3566303380595580&tmod=676205013&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&nt=1&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=390

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 304
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jul 2024 13:42:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 AGSKWxWb9fjVfIew2_1VwxZkF1ABHHwhwoicngRWWe46cMSArvIKzTchQ4v7TxGtIsjSHMj7UPP7g17ef8z8Pf1oWZPfnA== Show response
fundingchoicesmessages.google.com/el/ 0
27 B 87ms
41ms XHR
text/html 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWb9fjVfIew2_1VwxZkF1ABHHwhwoicngRWWe46cMSArvIKzTchQ4v7TxGtIsjSHMj7UPP7g17ef8z8Pf1oWZPfnA==

Requested by

Host: scriptpastebin.com
URL: https://scriptpastebin.com/wp-content/litespeed/js/f3e436000896b46f01d270058644517b.js?ver=a5040

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-wRyQEmutOvmd1YuiYbvnXQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jul 2024 13:42:35 GMT
content-security-policy: script-src 'nonce-wRyQEmutOvmd1YuiYbvnXQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw15BicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEzXF61dQtbAIXvk-rUHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmBuYGhnoG5vEFBgA9gyu6"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://scriptpastebin.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUYIR_mH7f00YRItd88_6zMlTufhELDNUc46e748RZpJDPxSoq9iHLzeykoOUPAAskNavltGP5UzsZqR8Y5L-07IVqYp1wXbZeHqSV17TFCV8yH6UGHtbeH5sR_0oMCMmSGcrwBUg== Show response
fundingchoicesmessages.google.com/f/ 380 KB
60 KB 221ms
220ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUYIR_mH7f00YRItd88_6zMlTufhELDNUc46e748RZpJDPxSoq9iHLzeykoOUPAAskNavltGP5UzsZqR8Y5L-07IVqYp1wXbZeHqSV17TFCV8yH6UGHtbeH5sR_0oMCMmSGcrwBUg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIwMDE0MTU1LDI0MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zY3JpcHRwYXN0ZWJpbi5jb20vMTk5NzQvIixudWxsLFtbOCwiS3B3VzhCVDV4Q0kiXSxbOSwibmwiXSxbMjIsImZhbHNlIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMzkRDrx9DivQFD2pt9EyUueCXbu_w/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d793f13851f02fcecdcd2d82182a711cbb84c9fea5cebfded98760b63c939b40

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-5bOUR9ayQ2QYCfP02LHoMA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jul 2024 13:42:35 GMT
content-security-policy: script-src 'nonce-5bOUR9ayQ2QYCfP02LHoMA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmLw1ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQHiJREXWY8kXmQ9-Pgi60kgFuLhOL1q6hY2gRuHj1xhVNJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxMDcw1DMwjy8wAAAHojoz"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 wp-emoji-release.min.js Show response
scriptpastebin.com/wp-includes/js/ 18 KB
5 KB 32ms
31ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scriptpastebin.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.5

Requested by

Host: scriptpastebin.com
URL: https://scriptpastebin.com/wp-content/litespeed/js/f3e436000896b46f01d270058644517b.js?ver=a5040

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/19974/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jul 2024 13:42:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 248434
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Feb 2024 14:36:07 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EE5KPkUbYzS1Deiv6VYFoXej%2ByhUc5t2%2FyTcCZyKViOQ7c1jhQAXgsC5FPvruoU%2FY6Ejctwu2j4GizUg79RSzvANlqqhPO93256Yxb97B7wHoUuFT7%2Btum6Wklxr98evVhkYvqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 89d74cb65dda9ff6-AMS
expires: Mon, 30 Jun 2025 22:42:01 GMT

GET
H2 200 ads.js Show response
adx.protagcdn.com/ads/advertisement/ 200 B
627 B 56ms
42ms Script
application/javascript 2606:4700:20::ac43:4bb1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.protagcdn.com/ads/advertisement/ads.js

Requested by

Host: protagcdn.com
URL: https://protagcdn.com/s/scriptpastebin.com/site.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4bb1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4307a4a83648898a0381fa21222a3670428146cb065186d0ff72449bdafa8140

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-balancer-id: 1
date: Wed, 03 Jul 2024 13:42:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2743
cf-polished: origSize=248
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 09 May 2023 13:32:59 GMT
server: cloudflare
etag: W/"f8-5fb42cb349414"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GSF%2FXLe%2B5cbrrwpH4AuqdpU63Di7lgm42jmgWyJ4GTgt6rIHktvpIjTi8KO%2BOg29SAzeoYIIE9MzGinJqjyGcIacI5tkjdsYIEUaGv0oJRVjUUZIiUiluLCtuOZwD3G7jht1dvIKXkAfRzib6EDL"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=691200
cf-ray: 89d74cb6ae2eb92c-AMS
expires: Thu, 11 Jul 2024 12:56:52 GMT

GET
H2 200 1f47e.svg
s.w.org/images/core/emoji/15.0.3/svg/ 269 B
580 B 77ms
17ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/15.0.3/svg/1f47e.svg

Requested by

Host: scriptpastebin.com
URL: https://scriptpastebin.com/19974/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

b79279a24d62e351b54ac16c2318fb317c75797dc4c896faa04c760b69571f11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-nc: HIT ams 2
date: Wed, 03 Jul 2024 13:42:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 30 Jan 2024 01:18:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 269
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 111 KB
6 KB 196ms
68ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.KpwW8BT5xCI.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzbnRVbm1KC1Mu52YV9jtFiJqHFeQ/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ea0fc746446b9007b6658968367337aa1b073f6c5ac26f4ef7a746dbe9b6070

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Jul 2024 13:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 03 Jul 2024 13:42:35 GMT

GET
H2 200 rOhLlCdqz9pGS-kwJqs7cme93mYajmvrYx4en-0R6oCdHvCCoE39dvqpGmQI3CONbkmo-AsFsXFvhTiQbTJrDB9pyz6PnMyCv7gqeYP5A823_iI7i5b_=h60
lh3.googleusercontent.com/ 1 KB
1 KB 172ms
51ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/rOhLlCdqz9pGS-kwJqs7cme93mYajmvrYx4en-0R6oCdHvCCoE39dvqpGmQI3CONbkmo-AsFsXFvhTiQbTJrDB9pyz6PnMyCv7gqeYP5A823_iI7i5b_=h60

Requested by

Host: scriptpastebin.com
URL: https://scriptpastebin.com/19974/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c8e345c532437afda157a932afeab011609a53b6eaf254b44b29db1dc5110543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jul 2024 13:40:48 GMT
x-content-type-options: nosniff
age: 107
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1202
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 04 Jul 2024 13:40:48 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v40/ 42 KB
43 KB 153ms
51ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: scriptpastebin.com
URL: https://scriptpastebin.com/19974/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94a23e7f96fbde62943e5fc93c59212f68a57d2587fe51f056d20ce802e8249c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://scriptpastebin.com/
Origin: https://scriptpastebin.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 02 Jul 2024 15:07:59 GMT
x-content-type-options: nosniff
age: 81276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43068
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:05:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Jul 2025 15:07:59 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 208ms
207ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8684986675842996&plah=scriptpastebin.com&aplac=true&bust=31084927
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://scriptpastebin.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v142/ 126 KB
126 KB 169ms
107ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Requested by

Host: scriptpastebin.com
URL: https://scriptpastebin.com/19974/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a4dbc62fa335e411b94a532be091c58c0c0c4fa731339f11722577d3cf6443b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://scriptpastebin.com/
Origin: https://scriptpastebin.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 27 Jun 2024 22:38:01 GMT
x-content-type-options: nosniff
age: 486274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128616
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 22:38:01 GMT

POST
H3 204 AGSKWxUTfcZALFIn1DqltJWz-xaSMbmMGZLYDLandbEOaBPihU7C6iDjFEmWJwmQ6AZIr6mK5wUCQVEA4UDc2GhyFtJ9MaiMESJfvI1GLo8tpKbd8lKb01DuxI-Y1ueONvvcsOO2wNUecQ== Show response
fundingchoicesmessages.google.com/el/ 0
27 B 40ms
39ms XHR
text/html 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUTfcZALFIn1DqltJWz-xaSMbmMGZLYDLandbEOaBPihU7C6iDjFEmWJwmQ6AZIr6mK5wUCQVEA4UDc2GhyFtJ9MaiMESJfvI1GLo8tpKbd8lKb01DuxI-Y1ueONvvcsOO2wNUecQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-8Ncx2M6Y2NId0KiHuZwccQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://scriptpastebin.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Wed, 03 Jul 2024 13:42:35 GMT
content-security-policy: script-src 'nonce-8Ncx2M6Y2NId0KiHuZwccQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0gDi9BmsIUD8-fE51t9AvCTiIuuRxIusQjwcp1dN3cIm8OD66ytMSi5J-YXxyfl5Jal5JbqJKcW6IHZRZlJpSX4RCju1DKQiJz89PTMvPd7IwMjEwNzAUM_APL7AAAB43ixR"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://scriptpastebin.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUTfcZALFIn1DqltJWz-xaSMbmMGZLYDLandbEOaBPihU7C6iDjFEmWJwmQ6AZIr6mK5wUCQVEA4UDc2GhyFtJ9MaiMESJfvI1GLo8tpKbd8lKb01DuxI-Y1ueONvvcsOO2wNUecQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-CqmWdC0eumt0wypjm2MSGA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://scriptpastebin.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

date: Wed, 03 Jul 2024 13:42:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-CqmWdC0eumt0wypjm2MSGA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw3F61dQtbAI7Gg5eY1JyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgbmBoZ6BubxBQYATrYruA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://scriptpastebin.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 99ms
99ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240626&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e996dafbe5bda0f6cf05b69b50c2a9fe87c7e4757ae55825f2c05697ca693860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jul 2024 13:42:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12555
x-xss-protection: 0

GET
H3 200 cropped-Logo-3-1-32x32.png
scriptpastebin.com/wp-content/uploads/2022/03/ 585 B
1 KB 26ms
25ms Other
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scriptpastebin.com/wp-content/uploads/2022/03/cropped-Logo-3-1-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60454b508dd644bd714807545b3bf8ec6e08727baeb25904d621c56f90f41af3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/19974/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jul 2024 13:42:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 248417
alt-svc: h3=":443"; ma=86400
content-length: 585
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Apr 2024 19:28:42 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gkCce0fdd2SuFcAehm1qebikQBn7AhjnPOQXWsV2yIGaRSqdYCN3l4gasbEMc0qnxrKFCAFOIs8zj2Cr4YHYYx9Mb%2BLuK5qkYhbh2viSYkUlvXVk0FsHNtx35d4NC87908tecNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 89d74cbaecc69ff6-AMS
expires: Mon, 30 Jun 2025 22:42:18 GMT

GET
H3 200 vwvuewiw-1.png
scriptpastebin.com/wp-content/uploads/2024/04/ 562 KB
563 KB 943ms
942ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://scriptpastebin.com/wp-content/uploads/2024/04/vwvuewiw-1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

168c276f26cfe0856e6ddec34508fcb56773d37b638f8fcfcc27bb48b5e63dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/19974/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jul 2024 13:42:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 575702
x-xss-protection: 1; mode=block
last-modified: Fri, 26 Apr 2024 04:05:50 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C6vfmititzjtdIro2PT9KcQYjX8Wvhuvmhe5ajNez9xu20t0iLs4FvGFaBvkubnSf9jbgDL6UsVzxe570xOKze%2BEtU62e9%2FXxWhMrW4Z89LTRw%2BAb3uPZiR%2F46URJtgWxYuwBK0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
cf-ray: 89d74cbafcdb9ff6-AMS
expires: Thu, 03 Jul 2025 19:42:36 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 162ms
48ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 03 Jul 2024 13:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 03 Jul 2024 13:42:36 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FC83 0
0 73ms
23ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://scriptpastebin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ranges: bytes
age: 56013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jul 2024 22:09:03 GMT
expires: Wed, 02 Jul 2025 22:09:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240626&jk=3566303380595580&bg=!CQqlCkXNAAaO6Fnqrug7ADQBe5WfOKzLFg9usNXbgXkiStVHn-txdI9WfmN6Cs4Maq2KvS8ftf_OROEXc5oXY3S27TWnAgAAALxSAAAAC2gBB34ANDFKnCjA1ooLAn1R15SRoAzFXgFMdy8x_nieCF2SxREDHktols4Et_HGy9Filks5r4AXTSMKADmW0D88a-wgYwtSX_N4x5HXZPwc0sMLeBywmC-5X2fVHwG1lvwTPUBrUexGb_N3Ycp0Uq3E8j8wDe2ZApWQNHPN4b3AIc3QWMXB7oKifUPvLe8FvWTD2T99y6P2NxyY5q8i9DVGTyOhE3tgS6zYltuEEQjV9atitqS1j4law9oOkDVYvMQ4EL9dJF0EcRbJSpSXICwnJCF5nkwfLDlTRQqJ0ONO2Cp9zts7bhJI5l8e2pdR_nAdVeRNeO3Kx-kzj2cOiQIAMVmfgzQrmLNWxeNAmcbsvEpmJ4GAAncq12m4ilq1yLz7t2AdtxOURwUWQ4jDQFnsHSVvNWdy0kng2nkeOHUPWM3F8GUbVaBUJFThx2POueaY2udNSQumYK17PQSJ4UBvB9uw1NY4ZuEbu_A6kfk3dsvknb0TE5-QS6elq8TulWWn7pl-TI0QWUGCtvjmM2aAgZwCk_srDcPQbjnUdD7IAhSeHip6SBQXA2R458VdUdWfbHd6Ba6su2pKeNx7P9jtxw1U4KAYULgQUZYZilX2cGlC4mRY9Hg20hErebaUTMzccnkbjQ6BGwaGL4VwqEIawOvOnDoq7TFloU-saH_90eSVHbY46okOC-OrK0X3rrOS2wFBPew7XF-tuXyVtN2paHyymlbNG4SdW16lQMjH2LeIiYLM5o35lNIdJD-quCVhY-dyaAUn2SN2vYIbZfd4ruULsJanrMuTXI2jXVnC3kO3gJXTN6HIY2OW7XbEb1s41JOoJ-0B6V9XyUNKPl_QDfNFcIRG2eJuMW0hf1IklQl6K4kqVEGq6FylrZzQez8K6OtJbi6WRKtCl98QRLRLkCdJ2md-EkI50CzN8ixsincoeos4YL1cm1SD3aLxhdr2LoKhT72L7mHr4lE5eqltDjdmB2UvomPHspaHFO7fR2fhQhNAbfUBbBQCY1B8j5vpzOaCTuqYWmizvKke

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.scriptpastebin.com/	1970-01-21 07:22:54	Name: _ga_2XRYJXDP7M Value: GS1.1.1720014154.1.0.1720014154.0.0.0
.scriptpastebin.com/	1970-01-21 07:22:54	Name: _ga Value: GA1.1.985966572.1720014155
.scriptpastebin.com/	1970-01-21 02:06:06	Name: __eoi Value: ID=9b2a1a8deb465686:T=1720014155:RT=1720014155:S=AA-AfjaQrTaNe0PY65E8-OBttq9P

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://scriptpastebin.com/wp-content/litespeed/js/f3e436000896b46f01d270058644517b.js?ver=a5040 Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adx.protagcdn.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
protagcdn.com
region1.google-analytics.com
s.w.org
scriptpastebin.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagmanager.com
pagead2.googlesyndication.com
142.250.185.130
142.250.185.142
142.250.185.66
188.114.97.3
192.0.77.48
2001:4860:4802:32::36
2606:4700:20::ac43:4bb1
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2003
2a06:98c1:3120::3
03d5de6f85feffe3e4caf6b5f7618d4335f74afe8019b1330856c6263de3280e
0c0b0a5f015dbecef921a387c2f0f5bf42b440a271c0418279aae7c9ab8ca799
104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a
168c276f26cfe0856e6ddec34508fcb56773d37b638f8fcfcc27bb48b5e63dae
3f77d66bcb95c126cf280502248629325f42fba6f990577435e1c55b78b65222
4307a4a83648898a0381fa21222a3670428146cb065186d0ff72449bdafa8140
4a4dbc62fa335e411b94a532be091c58c0c0c4fa731339f11722577d3cf6443b
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4ea0fc746446b9007b6658968367337aa1b073f6c5ac26f4ef7a746dbe9b6070
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
60454b508dd644bd714807545b3bf8ec6e08727baeb25904d621c56f90f41af3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64511a5310c971f7973a481a10cab4d0bc9e77d171c1f0e1e60458e1a2db4eac
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
8f20073fa0bc1b6dc063002203a1ffcc7b76bcb231282e47d1d756a777ae50dd
94a23e7f96fbde62943e5fc93c59212f68a57d2587fe51f056d20ce802e8249c
b01737e458d47a64a7bf03a29f4b286f33f23ceaea365b99d07af556dec716fe
b1d75bdd5c269b22bf074249d15cce582f70017059aa07834c8a4d29ba4e75b3
b3c8ff299f83271a89a06861b62cda4162229f0685f0bab449278882793f6ab2
b79279a24d62e351b54ac16c2318fb317c75797dc4c896faa04c760b69571f11
b933782d1e2f9acb06882d025904e7f165e79b64de40416cf49fe3976bbe8a4c
c715954c4a66b788a388e48db04b0f54108a3cfbf166d7d60360a88ca3b2e2f1
c8e345c532437afda157a932afeab011609a53b6eaf254b44b29db1dc5110543
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d793f13851f02fcecdcd2d82182a711cbb84c9fea5cebfded98760b63c939b40
d7d3d3eb1128dd36ecafdef84046ca36dc2ec76be9fa6ab18e60d01f157033d1
dbe09e3096b132c97bf6f60684720ca1f0aba87d4c2a9e06b87dd870e7e05fe5
e0db74f93baedb488a983346d1ffc2149bcccba8f2c6bf22ebddcde571f41792
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41542e6e7be671fc442b638342ee370fc507aceee9ab19508db37712a3dbaf8
e4543afd0cd756a9d2dfc5cfee3f2a9d5d5b422db09d7b176274eb17478f08fe
e996dafbe5bda0f6cf05b69b50c2a9fe87c7e4757ae55825f2c05697ca693860

scriptpastebin.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

43 Requests

95 %HTTPS

67 %IPv6

11 Domains

13 Subdomains

16 IPs

3 Countries

2099 kBTransfer

5379 kBSize

3 Cookies

0 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

scriptpastebin.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

95 %
HTTPS

67 %
IPv6

11
Domains

13
Subdomains

16
IPs

3
Countries

2099 kB
Transfer

5379 kB
Size

3
Cookies

43 HTTP transactions
2 data transactions