paste.co.id Open in urlscan Pro
2606:4700:3034::681f:4ec2 Public Scan

URL:
https://paste.co.id/2FapNfakHM
Submission: On July 03 via api (July 3rd 2020, 11:58:13 pm UTC) from US

Summary HTTP 70 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 20 IPs in 9 countries across 27 domains to perform 70 HTTP transactions. The main IP is 2606:4700:3034::681f:4ec2, located in United States and belongs to CLOUDFLARENET, US. The main domain is paste.co.id.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 8th 2020. Valid for: 7 months.

This is the only time paste.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2606:4700:303... 2606:4700:3034::681f:4ec2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2606:4700::68... 2606:4700::6810:84e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
16	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.190.91.111 35.190.91.111	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::681c:1415	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.23.134 172.217.23.134	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE)
1 1	184.30.212.16 184.30.212.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.109.78.125 104.109.78.125	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.105.245.5 23.105.245.5	7979 (SERVERS-COM) (SERVERS-COM)
5 5	52.57.243.126 52.57.243.126	16509 (AMAZON-02) (AMAZON-02)
1 1	88.99.98.226 88.99.98.226	24940 (HETZNER-AS) (HETZNER-AS)
2 2	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
2 2	35.212.212.222 35.212.212.222	19527 (GOOGLE-2) (GOOGLE-2)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	138.201.34.178 138.201.34.178	24940 (HETZNER-AS) (HETZNER-AS)
1 1	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE)
2 2	63.32.144.14 63.32.144.14	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
70	20

15 2606:4700:3034::681f:4ec2 (United States)

ASN13335 (CLOUDFLARENET, US)

paste.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.19.133.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.111 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 111.91.190.35.bc.googleusercontent.com

lovelydrum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::681c:1415 (United States)

ASN13335 (CLOUDFLARENET, US)

img.shields.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f134.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.212.16 (Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.78.125 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.245.5 (Russian Federation)

ASN7979 (SERVERS-COM, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.57.243.126 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-243-126.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.98.226 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.226.98.99.88.clients.your-server.de

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.196.115 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (Mountain View, United States) 2 redirects

ASN19527 (GOOGLE-2, US)

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, NL)

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.34.178 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.208.34 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.32.144.14 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	mgid.com jsc.mgid.com servicer.mgid.com cm.mgid.com cdn.mgid.com s-img.mgid.com	81 KB
15	paste.co.id paste.co.id	443 KB
8	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net cm.g.doubleclick.net	1 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	134 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
4	gstatic.com fonts.gstatic.com	42 KB
4	cloudflare.com cdnjs.cloudflare.com	52 KB
2	adsrvr.org 2 redirects match.adsrvr.org	906 B
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	828 B
2	betweendigital.com 2 redirects ads.betweendigital.com	934 B
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	279 B
2	googleapis.com fonts.googleapis.com	2 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	google.com 1 redirects adservice.google.com www.google.com	340 B
2	google.de adservice.google.de www.google.de	274 B
2	lovelydrum.com lovelydrum.com	29 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
1	pubmatic.com simage2.pubmatic.com	997 B
1	loopme.me 1 redirects csync.loopme.me	190 B
1	idealmedia.io cm.idealmedia.io	558 B
1	splicky.com 1 redirects bidswitch-eu.splicky.com	229 B
1	lentainform.com cm.lentainform.com	328 B
1	googletagservices.com www.googletagservices.com	27 KB
1	shields.io img.shields.io
1	googletagmanager.com www.googletagmanager.com	33 KB
0	mixmarket.biz Failed udata.mixmarket.biz Failed
70	27

	Domain	Requested by
15	paste.co.id	paste.co.id
9	cm.mgid.com	jsc.mgid.com paste.co.id
5	x.bidswitch.net	5 redirects
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	s-img.mgid.com	paste.co.id
4	fonts.gstatic.com	pagead2.googlesyndication.com jsc.mgid.com
4	pagead2.googlesyndication.com	paste.co.id pagead2.googlesyndication.com
4	cdnjs.cloudflare.com	paste.co.id
3	tpc.googlesyndication.com	lovelydrum.com pagead2.googlesyndication.com tpc.googlesyndication.com
2	match.adsrvr.org	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	ads.betweendigital.com	2 redirects
2	fonts.googleapis.com	jsc.mgid.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	lovelydrum.com	paste.co.id lovelydrum.com
2	maxcdn.bootstrapcdn.com	paste.co.id
1	simage2.pubmatic.com	paste.co.id
1	cm.g.doubleclick.net	1 redirects
1	csync.loopme.me	1 redirects
1	cm.idealmedia.io	paste.co.id
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	bidswitch-eu.splicky.com	1 redirects
1	cm.lentainform.com	paste.co.id
1	eus.rubiconproject.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	cdn.mgid.com	paste.co.id
1	ad.doubleclick.net	lovelydrum.com
1	www.google.de	paste.co.id
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	servicer.mgid.com	jsc.mgid.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	img.shields.io	paste.co.id
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	jsc.mgid.com	paste.co.id
1	www.googletagmanager.com	paste.co.id
0	udata.mixmarket.biz Failed	paste.co.id
70	39

This site contains links to these domains. Also see Links.

Domain
cookie-consent.app.forthe.top
online.fliphtml5.com
www.flexiquiz.com
teespring.com
www.hackerrank.com
www.mifare.net
triberr.com
uijar.com
www.spreaker.com
clyp.it
www.teamapp.com
widgets.mgid.com
www.mgid.com
www.facebook.com
instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-08` - `2020-10-09`	7 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
lovelydrum.com Let's Encrypt Authority X3	`2020-05-08` - `2020-08-06`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.lentainform.com Go Daddy Secure Certificate Authority - G2	`2020-01-09` - `2021-01-20`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh

This page contains 11 frames:

Primary Page: https://paste.co.id/2FapNfakHM
Frame ID: CFD77D8AE5ADB2AF3001732EF2A53FB3
Requests: 64 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200624/r20190131/zrt_lookup.html
Frame ID: 72487CC9ADF502951DE866AB93FB6A68
Requests: 1 HTTP requests in this frame

Frame: https://img.shields.io/badge/Build-Passing-%2361ba65.svg?label=Build&color=61ba65&logo=&style=flat&cacheSeconds=3600
Frame ID: 63CF7E975864692ED13BBEB1EAF52FB3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1593820666&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fpaste.co.id%2F2FapNfakHM&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1593820665642&bpp=18&bdt=228&idt=729&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6207894430119&frm=20&pv=2&ga_vid=1479136358.1593820666&ga_sid=1593820666&ga_hid=1447860343&ga_fc=0&iag=0&icsg=154226796787&dssz=27&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C42530493%2C42530495%2C42530499%2C42530501&oid=3&pvsid=297144689403037&pem=638&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=778
Frame ID: 51E5363D8C1C3CC6FAB7FA59235BC6D6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&slotname=3374289680&adk=2423028384&adf=2347387144&w=840&fwrn=4&fwrnh=100&lmt=1593820666&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=840x280&url=https%3A%2F%2Fpaste.co.id%2F2FapNfakHM&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1593820665664&bpp=5&bdt=250&idt=820&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6207894430119&frm=20&pv=1&ga_vid=1479136358.1593820666&ga_sid=1593820666&ga_hid=1447860343&ga_fc=0&iag=0&icsg=9412999784691&dssz=29&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=77&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C42530493%2C42530495%2C42530499%2C42530501&oid=3&pvsid=297144689403037&pem=638&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=0Sme4GKAK4&p=https%3A//paste.co.id&dtd=826
Frame ID: 0C200805669DA05938EE482ADD56AD7B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&slotname=3374289680&adk=2423028384&adf=3360776472&w=840&fwrn=4&fwrnh=100&lmt=1593820666&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=840x280&url=https%3A%2F%2Fpaste.co.id%2F2FapNfakHM&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1593820665669&bpp=1&bdt=256&idt=863&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C840x280&nras=1&correlator=6207894430119&frm=20&pv=1&ga_vid=1479136358.1593820666&ga_sid=1593820666&ga_hid=1447860343&ga_fc=0&iag=0&icsg=9412999784691&dssz=29&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=2452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C42530493%2C42530495%2C42530499%2C42530501&oid=3&pvsid=297144689403037&pem=638&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=BMXjGok5Ap&p=https%3A//paste.co.id&dtd=866
Frame ID: 6920650659C2EB5DE8289757E3018F3F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=600&slotname=3374289680&adk=1935312948&adf=64888922&w=255&fwrn=4&fwrnh=100&lmt=1593820666&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=255x600&url=https%3A%2F%2Fpaste.co.id%2F2FapNfakHM&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1593820665671&bpp=1&bdt=257&idt=869&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C840x280%2C840x280&nras=1&correlator=6207894430119&frm=20&pv=1&ga_vid=1479136358.1593820666&ga_sid=1593820666&ga_hid=1447860343&ga_fc=0&iag=0&icsg=9412999784691&dssz=29&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=924&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C42530493%2C42530495%2C42530499%2C42530501&oid=3&pvsid=297144689403037&pem=638&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QJB7AA7KXj&p=https%3A//paste.co.id&dtd=871
Frame ID: D1ABCB153855970E10087F7E8FF47307
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1593820666596488408433
Frame ID: C15F13064338C6B0CCCF6649E78148A3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: 3D1BE0E3F6D2B2DE63D8A65FC9D1CBEC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 25B779A41C593842821D838F99086801
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: FFB516F96A2CE5F5A9B442AC882122FD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

script /clipboard(?:-([\d.]+))?(?:\.min)?\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

70
Requests

99 %
HTTPS

47 %
IPv6

27
Domains

39
Subdomains

20
IPs

9
Countries

945 kB
Transfer

2496 kB
Size

11
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://cookie-consent.app.forthe.top/why-websites-use-cookies/
Title: Learn More

Search URL Search Domain Scan URL

URL: https://online.fliphtml5.com/bqqbf/kkin/
Title: https://online.fliphtml5.com/bqqbf/kkin/

Search URL Search Domain Scan URL

URL: https://online.fliphtml5.com/bqqbf/txzj/
Title: https://online.fliphtml5.com/bqqbf/txzj/

Search URL Search Domain Scan URL

URL: https://online.fliphtml5.com/bqqbf/dplr/
Title: https://online.fliphtml5.com/bqqbf/dplr/

Search URL Search Domain Scan URL

URL: https://www.flexiquiz.com/SC/N/e4d1158a-63a8-4d8b-ab14-94ac511faf66
Title: https://www.flexiquiz.com/SC/N/e4d1158a-63a8-4d8b-ab14-94ac511faf66

Search URL Search Domain Scan URL

URL: https://www.flexiquiz.com/SC/N/b936f0ad-4337-4fe2-b113-206d073fa72e
Title: https://www.flexiquiz.com/SC/N/b936f0ad-4337-4fe2-b113-206d073fa72e

Search URL Search Domain Scan URL

URL: https://teespring.com/dls-2020-hack-dream-league-s
Title: https://teespring.com/dls-2020-hack-dream-league-s

Search URL Search Domain Scan URL

URL: https://teespring.com/dls-2020-unlimted-coins-hack
Title: https://teespring.com/dls-2020-unlimted-coins-hack

Search URL Search Domain Scan URL

URL: https://teespring.com/dls-2020-mod-apk-dream-leagu
Title: https://teespring.com/dls-2020-mod-apk-dream-leagu

Search URL Search Domain Scan URL

URL: https://www.hackerrank.com/dream-league-soccer-hack-2020-dls-2020-hack-unlimited-coins
Title: https://www.hackerrank.com/dream-league-soccer-hack-2020-dls-2020-hack-unlimited-coins

Search URL Search Domain Scan URL

URL: https://www.mifare.net/support/forum/users/dls2020hack/
Title: https://www.mifare.net/support/forum/users/dls2020hack/

Search URL Search Domain Scan URL

URL: https://triberr.com/dls-2020-hack
Title: https://triberr.com/dls-2020-hack

Search URL Search Domain Scan URL

URL: https://uijar.com/dls-2020-hack
Title: https://uijar.com/dls-2020-hack

Search URL Search Domain Scan URL

URL: https://www.spreaker.com/user/dls-2020-hack
Title: https://www.spreaker.com/user/dls-2020-hack

Search URL Search Domain Scan URL

URL: https://clyp.it/user/spg52050
Title: https://clyp.it/user/spg52050

Search URL Search Domain Scan URL

URL: https://www.teamapp.com/clubs/520914
Title: https://www.teamapp.com/clubs/520914

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=paste.co.id&utm_medium=referral&utm_campaign=widgets&utm_content=914924

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/6232179/i/126987/0/pp/1/1?h=vqhVMVig0vxvBhLV1uAeGyJaFNgi_jn3YxcN0HwLW9ScSUz1VtppPZ5Bg2IfPt4B&rid=fe249c8e-bd88-11ea-8dd6-d094662c24f7&tt=Direct&cpm=1&gbpp=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/6214235/i/126987/0/pp/2/1?h=0GGEEYO-hC7cF30_Jb0ag31Eoa5LP4YqKX-hNYy5d_h989viGcH5yXCynj3-2VPB&rid=fe249c8e-bd88-11ea-8dd6-d094662c24f7&tt=Direct&cpm=1&gbpp=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/4684472/i/126987/0/pp/3/1?h=ta2h0AE0uirvn3U6IKg6tLFoHYnHfqU_iauvTjrRWAIQbsYE2d5XQja9xhF7-Kzo&rid=fe249c8e-bd88-11ea-8dd6-d094662c24f7&tt=Direct&cpm=1&gbpp=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/6167935/i/126987/0/pp/4/1?h=yxHeOoHIKuOIBpVlaK_0_2E_Gz2nLN22zQczN1f2op3adWEavXqN3fLN1l2TKKPZ&rid=fe249c8e-bd88-11ea-8dd6-d094662c24f7&tt=Direct&cpm=1&gbpp=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.facebook.com/detroit.co.id
Title:

Search URL Search Domain Scan URL

URL: https://instagram.com/detroit.co.id
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1447860343&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2F2FapNfakHM&ul=en-us&de=UTF-8&dt=Untitled%20-%20Pasted.id%20-%20%231%20paste%20tool%20indonesia!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAUAB~&jid=149618531&gjid=568774602&cid=1479136358.1593820666&tid=UA-137362802-1&_gid=1227936705.1593820667&_r=1&gtm=2ou6o0&z=1278210054 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-137362802-1&cid=1479136358.1593820666&jid=149618531&_gid=1227936705.1593820667&gjid=568774602&_v=j83&z=1278210054 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137362802-1&cid=1479136358.1593820666&jid=149618531&_v=j83&z=1278210054 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137362802-1&cid=1479136358.1593820666&jid=149618531&_v=j83&z=1278210054&slf_rd=1&random=2904922931

Request Chain 57

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 302
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 59

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=7329f681-b2d2-4a62-85a0-01d4363edcb3 HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=7329f681-b2d2-4a62-85a0-01d4363edcb3 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=4c5854a4-fe11-4ed8-9e91-12f027fad007

Request Chain 60

https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://cm.mgid.com/m?cdsp=501036&c=0b24bc90-def4-52ba-858a-cb25db750edf

Request Chain 61

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=cfb4b996-f246-43e1-a66c-e5a9a5164206

Request Chain 62

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=P6K86C7AYYKXgE0NZugE&pi=mgid&tc=1

Request Chain 64

https://csync.loopme.me/?redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D433143%26c%3D%7Bdevice_id%7D HTTP 307
https://cm.mgid.com/m?cdsp=433143&c=fe121f4d-a92c-400a-853d-ce3aa861ef79

Request Chain 65

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azYzS0VuUEhBb1Zn&muidn=k63KEnPHAoVg HTTP 302
https://cm.mgid.com/google?muidn=k63KEnPHAoVg&google_ula={guid},5&google_gid=CAESENjMibaIfnv_nF20ZnPTNOs&google_cver=1

Request Chain 66

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=7a34f808-85e0-4b85-93e5-0314e13b80b6&ttl=1596412666

Request Chain 67

https://x.bidswitch.net/sync?dsp_id=303&user_id=k63KEnPHAoVg HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k63KEnPHAoVg HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4c5854a4-fe11-4ed8-9e91-12f027fad007

70 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 2FapNfakHM Show response
paste.co.id/ 23 KB
6 KB 2914ms
2886ms Document
text/html 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.7 PleskLin
Resource Hash: c1f38b2083d2949213e8e27b93755a4631a066e62e49b23e4ac9993baadd8b29

Request headers

:method: GET
:authority: paste.co.id
:scheme: https
:path: /2FapNfakHM
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 03 Jul 2020 23:57:45 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d8f12d04cd63189877036847bc1db75751593820662; expires=Sun, 02-Aug-20 23:57:42 GMT; path=/; domain=.paste.co.id; HttpOnly; SameSite=Lax XSRF-TOKEN=eyJpdiI6IktcL2hleVhWMEVENERneUk2TjN4S2d3PT0iLCJ2YWx1ZSI6IjdDQ09uUGpqTXVYQWVxVjlySE8rOU10T2Jka3RydWpRYlwvSnlrNDNHYkwyVkJwaWNrbEhtY3pjNzRIM3EyTlJ5IiwibWFjIjoiYWEyZmNiYzQzY2Q0OTcxOGE1NDJkMjEwYWNmMDM4NDQxODU5ODQwYjYxZmJkYjk0MjNkZDRhOTRhNDQ2MWExMCJ9; expires=Sat, 04-Jul-2020 01:57:45 GMT; Max-Age=7200; path=/ pasteshr_session=eyJpdiI6IjN5eERDSmEwTytadnJHRFpTWm56bEE9PSIsInZhbHVlIjoiV1hlNXR6dkdwSmVPcDhZWHF1VkE3SkVIbE15MlhCUVRKaG1KUWlNSVh3Kzc0WktTek5HNzZLdExPaHk3eE1TciIsIm1hYyI6ImNjMzIyNDdiYWQ4YzNmNzc2NjA3YjFmNGE2YzM4MGExMzFjMjkxNjk1ODJmMzg5NTU2YzAwY2IzODQ2NzQxMjYifQ%3D%3D; expires=Sat, 04-Jul-2020 01:57:45 GMT; Max-Age=7200; path=/; httponly
x-powered-by: PHP/7.4.7 PleskLin
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
cf-cache-status: DYNAMIC
cf-request-id: 03b8b662fd0000c2bd02a89200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5ad48ce4cb15c2bd-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 2yqJvyfZ1Uh-2lN7LZ_VejZFsEM.js Show response
paste.co.id/cdn-cgi/apps/head/ 15 KB
5 KB 15ms
12ms Script
application/javascript 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/cdn-cgi/apps/head/2yqJvyfZ1Uh-2lN7LZ_VejZFsEM.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 748851c4d2e38c4f7587afb6b6e54dfc26e7329018d27911115f1840e251d4a8

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:45 GMT
content-encoding: br
cf-cache-status: HIT
age: 21580
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2E9C9255E94912D8
x-amz-id-2: Cz87FEy2yb0DFcX9hniUcG96sFlU2eDSjpRd63baQb0QFUHfcdZp/t6AVvvj43nyRGPDn2vDA9A=
last-modified: Thu, 09 Apr 2020 07:01:53 GMT
server: cloudflare
etag: W/"b41983019dc124823e0cbe364e0a102d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: FzzEO.YKJ_vU2aF7romPpg.vx2TIcrhF
cf-request-id: 03b8b66e4c0000c2bd02b02200000001
cf-ray: 5ad48cf6ec8ac2bd-FRA

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 29ms
10ms Stylesheet
text/css 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
status: 200
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 bootstrap.min.css
paste.co.id/css/ 138 KB
19 KB 64ms
62ms Stylesheet
text/css 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/bootstrap.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:45 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Nov 2018 09:15:02 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"5be3fe96-22688"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5ad48cf6dc84c2bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 03b8b66e4b0000c2bd02afe200000001

GET
H2 200 mdb.min.css
paste.co.id/css/ 226 KB
23 KB 75ms
73ms Stylesheet
text/css 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/mdb.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:45 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Nov 2018 09:15:02 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"5be3fe96-38940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5ad48cf6ec86c2bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 03b8b66e4c0000c2bd02aff200000001

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/ 15 KB
2 KB 32ms
14ms Stylesheet
text/css 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/select2.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:45 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6119322
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 03b8b66e5c00001f51df8b4200000001
served-in-seconds: 0.000
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:26:42 GMT
server: cloudflare
etag: W/"5afd4ad2-3b5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5ad48cf6f8e31f51-FRA
expires: Wed, 23 Jun 2021 23:57:45 GMT

GET
H2 200 style.min.css
paste.co.id/css/ 3 KB
1 KB 65ms
63ms Stylesheet
text/css 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/style.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 59d3b0f41ff8ed0ab160bbe4df8c72cfcbd729ee6e97f23c1a8ff1913b78ad52

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:45 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 29 Mar 2020 14:37:15 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"5e80b29b-b1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5ad48cf6ec87c2bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 03b8b66e4c0000c2bd02b00200000001

GET
H2 200 prism-okadia.css
paste.co.id/plugins/prismjs/ 13 KB
3 KB 57ms
56ms Stylesheet
text/css 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism-okadia.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:45 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 29 Jan 2019 16:43:52 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"5c5082c8-326d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5ad48cf6ec89c2bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 03b8b66e4c0000c2bd02b01200000001

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 113 KB
40 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47e1adf42f6bca4482f1745cf3a99434d9192adb3d5f67ea8f0ecb4319a4d46a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 41316
x-xss-protection: 0
server: cafe
etag: 8588831523089118732
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 03 Jul 2020 23:57:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
33 KB 34ms
31ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137362802-1

Requested by

Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ee0995d2fb72037a255f4037d09cef5ea44a73b6b74e228f43972ce5f656467

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:45 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33698
x-xss-protection: 0
last-modified: Fri, 03 Jul 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Jul 2020 23:57:45 GMT

GET
H2 200 KX3CTmWGGs.png
paste.co.id/uploads/ 5 KB
5 KB 69ms
67ms Image
image/png 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paste.co.id/uploads/KX3CTmWGGs.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: bf8eeec0243213e8b5d4caf858a57977c915a8d8b004991ba9260603d2c0d920

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:45 GMT
cf-cache-status: REVALIDATED
x-powered-by: PleskLin
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4938
cf-request-id: 03b8b66ea40000c2bd02b0a200000001
last-modified: Mon, 25 Feb 2019 12:32:06 GMT
server: cloudflare
etag: "5c73e046-134a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ad48cf76cfbc2bd-FRA

GET
H2 200 default-avatar.png
paste.co.id/img/ 7 KB
7 KB 71ms
69ms Image
image/png 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paste.co.id/img/default-avatar.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:45 GMT
cf-cache-status: REVALIDATED
x-powered-by: PleskLin
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6957
cf-request-id: 03b8b66ea40000c2bd02b0b200000001
last-modified: Wed, 28 Nov 2018 10:58:44 GMT
server: cloudflare
etag: "5bfe74e4-1b2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ad48cf76cfcc2bd-FRA

GET
H2 200 paste.co.id.914924.js Show response
jsc.mgid.com/p/a/ 150 KB
40 KB 74ms
37ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f681c2cf287fb35c6ebd748daabeb0d5c6ded3ef45d759bfb7840c910199e5d7

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:45 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 20240200338B898D
cf-polished: origSize=153970
status: 200
last-modified: Fri, 26 Jun 2020 17:46:50 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: yb/OjEzEomZERcLDGCwjET9XPra6DjYlPazuOPiDQ8DA5oLOFHnoSEQWsuF7Nh0Pl7ysrBX3ov4=
cf-bgj: minify
server: cloudflare
etag: W/"fa925cd515223286328d6a495c7ee304"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 03b8b66ed10000cc3689a6f200000001
cf-ray: 5ad48cf7bb11cc36-ZRH
expires: Sat, 04 Jul 2020 00:57:45 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
29 KB 16ms
16ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:45 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6124715
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 03b8b66e8d00001f51df8b6200000001
served-in-seconds: 0.003
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:21:00 GMT
server: cloudflare
etag: W/"5afd497c-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5ad48cf749301f51-FRA
expires: Wed, 23 Jun 2021 23:57:45 GMT

GET
H2 200 bootstrap.min.js Show response
paste.co.id/js/ 50 KB
13 KB 66ms
65ms Script
application/javascript 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/bootstrap.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:45 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Nov 2018 09:15:02 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"5be3fe96-c75f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5ad48cf75ce7c2bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 03b8b66e980000c2bd02b07200000001

GET
H2 200 mdb.min.js Show response
paste.co.id/js/ 204 KB
60 KB 73ms
70ms Script
application/javascript 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/mdb.min.js?v=2
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:45 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 29 Jan 2019 16:15:46 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"5c507c32-331d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5ad48cf76cf8c2bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 03b8b66ea40000c2bd02b08200000001

GET
H2 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/ 65 KB
17 KB 17ms
14ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/select2.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:45 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3720836
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 03b8b66ea400001f51df8b7200000001
served-in-seconds: 0.002
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:26:42 GMT
server: cloudflare
etag: W/"5afd4ad2-1042e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5ad48cf769581f51-FRA
expires: Wed, 23 Jun 2021 23:57:45 GMT

GET
H2 200 prism.js Show response
paste.co.id/plugins/prismjs/ 328 KB
114 KB 74ms
71ms Script
application/javascript 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:45 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 24 Nov 2018 11:17:38 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"5bf93352-521a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5ad48cf76cf9c2bd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 03b8b66ea40000c2bd02b09200000001

GET
H2 200 99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add Show response
lovelydrum.com/ 91 KB
28 KB 337ms
231ms Script
text/javascript 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lovelydrum.com/99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add

Requested by

Host: paste.co.id
URL: https://paste.co.id/cdn-cgi/apps/head/2yqJvyfZ1Uh-2lN7LZ_VejZFsEM.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

111.91.190.35.bc.googleusercontent.com

Software

Resource Hash

58764a5074326144cead9446de3532dd261bafc6c4c666c243c0b0fcf68a402c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "d16065cb42c8b39d1292e4ea2f3122f560cdf95bd6a851caafe95fdddf214f6a"
vary: Accept-Encoding, Accept-Language
x-hostname: jane
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, must-revalidate, max-age=21600
date: Fri, 03 Jul 2020 23:57:45 GMT
timing-allow-origin: *

GET
H2 200 ODDUj0AVpwTFCkac0C-t0V4Mg-4.js Show response
paste.co.id/cdn-cgi/apps/body/ 150 KB
42 KB 19ms
17ms Script
application/javascript 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/cdn-cgi/apps/body/ODDUj0AVpwTFCkac0C-t0V4Mg-4.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/cdn-cgi/apps/head/2yqJvyfZ1Uh-2lN7LZ_VejZFsEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c84459f0c92349eac14ab94fa19f3dace511b376e32e84cf3b41e96a67730ff

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:45 GMT
content-encoding: br
cf-cache-status: HIT
age: 210818
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 392E05BC051C17B0
x-amz-id-2: /2hb7Ppq0BFRVYu+wOEjat2S/PeM+No2rQjnOuGNCY55YGNx4mRc9rPMkug8TMoa3J//5PvPO1E=
last-modified: Thu, 09 Apr 2020 07:01:53 GMT
server: cloudflare
etag: W/"a204e0ca2fbab92074b1b60e5111cc70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: jjfCmrRnJA2UeSB7s0B3k.91AXU7Ac5O
cf-request-id: 03b8b66ea50000c2bd02b0c200000001
cf-ray: 5ad48cf76cfdc2bd-FRA

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 25ms
7ms Font
font/woff2 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://paste.co.id

Response headers

date: Fri, 03 Jul 2020 23:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
status: 200
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 77171

GET
H2 200 Roboto-Regular.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 61ms
60ms Font
font/woff2 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Regular.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/css/mdb.min.css
Origin: https://paste.co.id

Response headers

date: Fri, 03 Jul 2020 23:57:45 GMT
cf-cache-status: REVALIDATED
x-powered-by: PleskLin
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49236
cf-request-id: 03b8b66eab0000c2bd02b0e200000001
last-modified: Thu, 08 Nov 2018 09:15:02 GMT
server: cloudflare
etag: "5be3fe96-c054"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ad48cf77d06c2bd-FRA

GET
H2 200 Roboto-Light.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 59ms
58ms Font
font/woff2 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Light.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/css/mdb.min.css
Origin: https://paste.co.id

Response headers

date: Fri, 03 Jul 2020 23:57:45 GMT
cf-cache-status: REVALIDATED
x-powered-by: PleskLin
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49380
cf-request-id: 03b8b66eab0000c2bd02b0f200000001
last-modified: Thu, 08 Nov 2018 09:15:02 GMT
server: cloudflare
etag: "5be3fe96-c0e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ad48cf77d07c2bd-FRA

GET
H2 200 Roboto-Bold.woff2
paste.co.id/font/roboto/ 49 KB
49 KB 64ms
64ms Font
font/woff2 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Bold.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/css/mdb.min.css
Origin: https://paste.co.id

Response headers

date: Fri, 03 Jul 2020 23:57:45 GMT
cf-cache-status: REVALIDATED
x-powered-by: PleskLin
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49976
cf-request-id: 03b8b66ed00000c2bd02b10200000001
last-modified: Thu, 08 Nov 2018 09:15:02 GMT
server: cloudflare
etag: "5be3fe96-c338"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ad48cf7bd3ec2bd-FRA

GET
DATA 200
OK truncated
/ 1 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13f49578079ce90bfc63c1d271af36739f07745ff0b709361ad2c1e43e53a39b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 17ms
16ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=paste.co.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Jul 2020 23:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 14ms
13ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paste.co.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Jul 2020 23:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/ 218 KB
82 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8140bf7ea45bfdc0f29a695bd93fc79c9388e63ddef0b5e5784e7faaf361c4a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 83971
x-xss-protection: 0
server: cafe
etag: 9757296405404450426
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Jul 2020 23:57:45 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200624/r20190131/ Frame 7248 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200624/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200624/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/2FapNfakHM
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/2FapNfakHM

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 25 Jun 2020 04:47:33 GMT
expires: Thu, 09 Jul 2020 04:47:33 GMT
content-type: text/html; charset=UTF-8
etag: 4448614309292777386
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 760212
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/ 10 KB
3 KB 11ms
11ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/plugins/prismjs/prism.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 21234068
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 03b8b6710100001f51df8d0200000001
served-in-seconds: 0.000
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:18:30 GMT
server: cloudflare
etag: W/"5afd48e6-29a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5ad48cfb3cf31f51-FRA
expires: Wed, 23 Jun 2021 23:57:46 GMT

GET
DATA 200
OK truncated
/ 198 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44288f73f147364037a1125b227d89a6dbb9cd022e92b235dc7f06cbd84e7fc9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137362802-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 3687
date: Fri, 03 Jul 2020 22:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Sat, 04 Jul 2020 00:56:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a20070fc475f7befb15e531f7212f19fa7502ee9a53fcabf36d42a09ac9260b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 03 Jul 2020 23:18:50 GMT
server: ESF
date: Fri, 03 Jul 2020 23:57:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Jul 2020 23:57:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
670 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 03 Jul 2020 22:03:56 GMT
server: ESF
date: Fri, 03 Jul 2020 23:57:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Jul 2020 23:57:46 GMT

GET
DATA 200
OK truncated
/ 418 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f96c53b9b03f4b4ab67841c2ffd39ec588c945206edb5d8f6e7725859e29f69d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 Build-Passing-%2361ba65.svg
img.shields.io/badge/ Frame 63CF 0
0 52ms
33ms Document
image/svg+xml 2606:4700:3037::681c:1415
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.shields.io/badge/Build-Passing-%2361ba65.svg?label=Build&color=61ba65&logo=&style=flat&cacheSeconds=3600
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681c:1415 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: img.shields.io
:scheme: https
:path: /badge/Build-Passing-%2361ba65.svg?label=Build&color=61ba65&logo=&style=flat&cacheSeconds=3600
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: object
referer: https://paste.co.id/2FapNfakHM
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/2FapNfakHM

Response headers

status: 200
date: Fri, 03 Jul 2020 23:57:46 GMT
content-type: image/svg+xml;charset=utf-8
set-cookie: __cfduid=d3c9bf73eb59588a252116f91920ea02d1593820666; expires=Sun, 02-Aug-20 23:57:46 GMT; path=/; domain=.shields.io; HttpOnly; SameSite=Lax
cache-control: max-age=86400, s-maxage=86400
last-modified: Thu, 02 Jul 2020 17:33:06 GMT
via: 1.1 vegur
cf-cache-status: HIT
age: 21577
cf-request-id: 03b8b672040000dfcb691b7200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5ad48cfcd849dfcb-FRA
content-encoding: br

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Origin: https://paste.co.id

Response headers

date: Fri, 12 Jun 2020 00:19:42 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 1899484
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Sat, 12 Jun 2021 00:19:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Origin: https://paste.co.id

Response headers

date: Fri, 12 Jun 2020 20:41:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 1826170
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 12 Jun 2021 20:41:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Origin: https://paste.co.id

Response headers

date: Wed, 10 Jun 2020 14:25:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 2021559
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Thu, 10 Jun 2021 14:25:07 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 51E5 0
0 56ms
55ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1593820666&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fpaste.co.id%2F2FapNfakHM&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1593820665642&bpp=18&bdt=228&idt=729&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6207894430119&frm=20&pv=2&ga_vid=1479136358.1593820666&ga_sid=1593820666&ga_hid=1447860343&ga_fc=0&iag=0&icsg=154226796787&dssz=27&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C42530493%2C42530495%2C42530499%2C42530501&oid=3&pvsid=297144689403037&pem=638&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=778

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1593820666&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fpaste.co.id%2F2FapNfakHM&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1593820665642&bpp=18&bdt=228&idt=729&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6207894430119&frm=20&pv=2&ga_vid=1479136358.1593820666&ga_sid=1593820666&ga_hid=1447860343&ga_fc=0&iag=0&icsg=154226796787&dssz=27&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C42530493%2C42530495%2C42530499%2C42530501&oid=3&pvsid=297144689403037&pem=638&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=778
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/2FapNfakHM
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/2FapNfakHM

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 03 Jul 2020 23:57:46 GMT
server: cafe
content-length: 578
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Jul-2020 00:12:46 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 03 Jul 2020 23:57:46 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 25ms
14ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1eb2a67b402b9d8fb0035220fb9a9221bf0cb27d1f57ae0ffd21246d93a6b03f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1593663588964027"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27666
x-xss-protection: 0
expires: Fri, 03 Jul 2020 23:57:46 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 1 Show response
servicer.mgid.com/914924/ 3 KB
2 KB 75ms
73ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/914924/1?w=844&h=207&cols=2&pv=5&cbuster=1593820666482559302020&uniqId=0d472&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fpaste.co.id%2F2FapNfakHM&pageView=1&pvid=173171d5a7296937b41&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c1589027a3f50541641265dce959aee064e886c9ec60cb34b07bfb77e15cdd2

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jul 2020 23:57:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5ad48cfd9ad7cc36-ZRH
content-type: application/x-javascript; charset=utf-8
cf-request-id: 03b8b6727d0000cc3689a8b200000001

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0C20 0
0 92ms
91ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&slotname=3374289680&adk=2423028384&adf=2347387144&w=840&fwrn=4&fwrnh=100&lmt=1593820666&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=840x280&url=https%3A%2F%2Fpaste.co.id%2F2FapNfakHM&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1593820665664&bpp=5&bdt=250&idt=820&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6207894430119&frm=20&pv=1&ga_vid=1479136358.1593820666&ga_sid=1593820666&ga_hid=1447860343&ga_fc=0&iag=0&icsg=9412999784691&dssz=29&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=77&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C42530493%2C42530495%2C42530499%2C42530501&oid=3&pvsid=297144689403037&pem=638&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=0Sme4GKAK4&p=https%3A//paste.co.id&dtd=826

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&slotname=3374289680&adk=2423028384&adf=2347387144&w=840&fwrn=4&fwrnh=100&lmt=1593820666&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=840x280&url=https%3A%2F%2Fpaste.co.id%2F2FapNfakHM&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1593820665664&bpp=5&bdt=250&idt=820&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6207894430119&frm=20&pv=1&ga_vid=1479136358.1593820666&ga_sid=1593820666&ga_hid=1447860343&ga_fc=0&iag=0&icsg=9412999784691&dssz=29&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=77&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C42530493%2C42530495%2C42530499%2C42530501&oid=3&pvsid=297144689403037&pem=638&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=0Sme4GKAK4&p=https%3A//paste.co.id&dtd=826
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/2FapNfakHM
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/2FapNfakHM

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 03 Jul 2020 23:57:46 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: IDE=AHWqTUkx-JYmi9fNOJI7-_LhbMn5ahVw420P18HHXnHWuErPv8TRiBlo1Ybt72kD; expires=Wed, 28-Jul-2021 23:57:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 03 Jul 2020 23:57:46 GMT
cache-control: private

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1447860343&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2F2FapNfakHM&ul=en-us&de=UTF-8&dt=Untitled%20-%20Pasted.id%20-%20%231%20paste%20tool%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-137362802-1&cid=1479136358.1593820666&jid=149618531&_gid=1227936705.1593820667&gjid=568774602&_v=j83&z=1278210054
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137362802-1&cid=1479136358.1593820666&jid=149618531&_v=j83&z=1278210054
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137362802-1&cid=1479136358.1593820666&jid=149618531&_v=j83&z=1278210054&slf_rd=1&random=2904922931

42 B
106 B

17ms
16ms

Image
image/gif

2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137362802-1&cid=1479136358.1593820666&jid=149618531&_v=j83&z=1278210054&slf_rd=1&random=2904922931

Requested by

Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jul 2020 23:57:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 03 Jul 2020 23:57:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137362802-1&cid=1479136358.1593820666&jid=149618531&_v=j83&z=1278210054&slf_rd=1&random=2904922931
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 6920 0
0 54ms
54ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&slotname=3374289680&adk=2423028384&adf=3360776472&w=840&fwrn=4&fwrnh=100&lmt=1593820666&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=840x280&url=https%3A%2F%2Fpaste.co.id%2F2FapNfakHM&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1593820665669&bpp=1&bdt=256&idt=863&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C840x280&nras=1&correlator=6207894430119&frm=20&pv=1&ga_vid=1479136358.1593820666&ga_sid=1593820666&ga_hid=1447860343&ga_fc=0&iag=0&icsg=9412999784691&dssz=29&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=2452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C42530493%2C42530495%2C42530499%2C42530501&oid=3&pvsid=297144689403037&pem=638&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=BMXjGok5Ap&p=https%3A//paste.co.id&dtd=866

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&slotname=3374289680&adk=2423028384&adf=3360776472&w=840&fwrn=4&fwrnh=100&lmt=1593820666&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=840x280&url=https%3A%2F%2Fpaste.co.id%2F2FapNfakHM&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1593820665669&bpp=1&bdt=256&idt=863&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C840x280&nras=1&correlator=6207894430119&frm=20&pv=1&ga_vid=1479136358.1593820666&ga_sid=1593820666&ga_hid=1447860343&ga_fc=0&iag=0&icsg=9412999784691&dssz=29&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=2452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C42530493%2C42530495%2C42530499%2C42530501&oid=3&pvsid=297144689403037&pem=638&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=BMXjGok5Ap&p=https%3A//paste.co.id&dtd=866
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/2FapNfakHM
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/2FapNfakHM

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 03 Jul 2020 23:57:46 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: IDE=AHWqTUltqJMPnpvrGfJGhsifSVQXx-dIFwKURv94bPsXhibsx8gymCigwDPnOXGg; expires=Wed, 28-Jul-2021 23:57:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 03 Jul 2020 23:57:46 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame D1AB 0
0 88ms
87ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=600&slotname=3374289680&adk=1935312948&adf=64888922&w=255&fwrn=4&fwrnh=100&lmt=1593820666&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=255x600&url=https%3A%2F%2Fpaste.co.id%2F2FapNfakHM&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1593820665671&bpp=1&bdt=257&idt=869&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C840x280%2C840x280&nras=1&correlator=6207894430119&frm=20&pv=1&ga_vid=1479136358.1593820666&ga_sid=1593820666&ga_hid=1447860343&ga_fc=0&iag=0&icsg=9412999784691&dssz=29&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=924&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C42530493%2C42530495%2C42530499%2C42530501&oid=3&pvsid=297144689403037&pem=638&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QJB7AA7KXj&p=https%3A//paste.co.id&dtd=871

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&h=600&slotname=3374289680&adk=1935312948&adf=64888922&w=255&fwrn=4&fwrnh=100&lmt=1593820666&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=255x600&url=https%3A%2F%2Fpaste.co.id%2F2FapNfakHM&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1593820665671&bpp=1&bdt=257&idt=869&shv=r20200624&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C840x280%2C840x280&nras=1&correlator=6207894430119&frm=20&pv=1&ga_vid=1479136358.1593820666&ga_sid=1593820666&ga_hid=1447860343&ga_fc=0&iag=0&icsg=9412999784691&dssz=29&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=924&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066428%2C42530493%2C42530495%2C42530499%2C42530501&oid=3&pvsid=297144689403037&pem=638&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=3&uci=a!3&fsb=1&xpc=QJB7AA7KXj&p=https%3A//paste.co.id&dtd=871
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/2FapNfakHM
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/2FapNfakHM

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 03 Jul 2020 23:57:46 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: IDE=AHWqTUkg6hnlu2Y73Cbur3joP_Bwl24FMWDiZXf4tPNwfxmDDUFqVDbK8-gh9azq; expires=Wed, 28-Jul-2021 23:57:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 03 Jul 2020 23:57:46 GMT
cache-control: private

GET
H2 200 Bqfexc Show response
ad.doubleclick.net/ddm/adj/Aafc/ 11 B
776 B 82ms
30ms Script
text/javascript 172.217.23.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/Aafc/Bqfexc

Requested by

Host: lovelydrum.com
URL: https://lovelydrum.com/99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f134.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jul 2020 23:57:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 2 KB
788 B 70ms
69ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=159382066658950125663
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b08e5fe9ec56e2796a5d666f972d7870635fc23ce3de1f34845f359fb35b450a

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jul 2020 23:57:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5ad48cfe3c04cc36-ZRH
content-type: application/javascript
cf-request-id: 03b8b672e70000cc3689a8e200000001

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans
Origin: https://paste.co.id

Response headers

date: Thu, 11 Jun 2020 13:03:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 1940062
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Fri, 11 Jun 2021 13:03:24 GMT

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame C15F 186 B
518 B 70ms
69ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1593820666596488408433
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e83fc3dc542e7be4f58dea74a3d729956bf590acec4c8521de9dc8a74b276c6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jul 2020 23:57:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5ad48cfe4c17cc36-ZRH
content-type: application/javascript
cf-request-id: 03b8b672ee0000cc3689a8f200000001

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 25ms
22ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:46 GMT
content-encoding: br
cf-cache-status: HIT
age: 3730
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 03b8b672fd0000cc3689a94200000001
cf-ray: 5ad48cfe6c41cc36-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvNDM5MDI5Lzk2NDk4N2UwOGMzMTM2MjQxMDc0OTUzYjc0NzI3ZjY3LmpwZw**.webp
s-img.mgid.com/g/6232179/370x200/0x0x492x328/ 12 KB
12 KB 25ms
23ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/6232179/370x200/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvNDM5MDI5Lzk2NDk4N2UwOGMzMTM2MjQxMDc0OTUzYjc0NzI3ZjY3LmpwZw**.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bd7d4a40279c9f844000d83a704e6195dbed80cfa5ab60b32209ef7026bd404

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:46 GMT
cf-cache-status: HIT
age: 37724
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12288
cf-request-id: 03b8b672fd0000cc3689a92200000001
last-modified: Fri, 03 Jul 2020 13:29:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5ad48cfe6c3ecc36-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvNDAzNjM3L2VkMGYzNDAxN2EzMzc5NmQwNzI0NmVmNTBkZTMxOGM2LmpwZw**.webp
s-img.mgid.com/g/6214235/370x200/0x0x492x328/ 6 KB
6 KB 28ms
26ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/6214235/370x200/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvNDAzNjM3L2VkMGYzNDAxN2EzMzc5NmQwNzI0NmVmNTBkZTMxOGM2LmpwZw**.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b875fb9e752a404aa479f590db78bc29e6da06eca8ad8c4426458053944e761

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:46 GMT
cf-cache-status: HIT
age: 27676
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5930
cf-request-id: 03b8b672fc0000cc3689a91200000001
last-modified: Thu, 02 Jul 2020 09:49:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5ad48cfe6c3dcc36-ZRH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTIvMjU3MDkzLzgzOGQ1ODcwYWRjMGFjZTEyZmYxMmU2YjRjMDk4YmRhLmpwZWc*.webp
s-img.mgid.com/g/4684472/370x200/0x0x492x328/ 3 KB
3 KB 34ms
32ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4684472/370x200/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTIvMjU3MDkzLzgzOGQ1ODcwYWRjMGFjZTEyZmYxMmU2YjRjMDk4YmRhLmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 249a4c7e17d39687ec462a8fe3f4907d75a7ab434f3e2498050c49dbb752f621

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:46 GMT
cf-cache-status: HIT
last-modified: Mon, 22 Jun 2020 18:36:26 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5ad48cfe6c3acc36-ZRH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2892
cf-request-id: 03b8b672fc0000cc3689a90200000001

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvNDAzNjM3LzRmOTE4NzM5ZjlmZDNmYTNkM2RlN2Y0YzA4MTI4NDAwLnBuZw**.webp
s-img.mgid.com/g/6167935/370x200/97x0x635x423/ 14 KB
14 KB 21ms
19ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/6167935/370x200/97x0x635x423/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvNDAzNjM3LzRmOTE4NzM5ZjlmZDNmYTNkM2RlN2Y0YzA4MTI4NDAwLnBuZw**.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 542da48a409763dde3a8bec76fae5d8c92583f8d5c8c8a1fde43f78c940ca231

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:46 GMT
cf-cache-status: HIT
age: 131987
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14136
cf-request-id: 03b8b672fd0000cc3689a93200000001
last-modified: Thu, 25 Jun 2020 01:35:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5ad48cfe6c3fcc36-ZRH

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame 3D1B 0
0 7ms
5ms Document
text/html 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: lovelydrum.com
URL: https://lovelydrum.com/99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/2FapNfakHM
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/2FapNfakHM

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1479
date: Fri, 12 Jun 2020 13:10:56 GMT
expires: Sat, 12 Jun 2021 13:10:56 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1853210
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 25B7
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

63ms
21ms

Document
text/html

104.109.78.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?cbuster=159382066658950125663
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://paste.co.id/2FapNfakHM
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/2FapNfakHM

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Fri, 29 May 2020 23:03:21 GMT
Content-Encoding: gzip
Content-Length: 9232
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=39484
Expires: Sat, 04 Jul 2020 10:55:50 GMT
Date: Fri, 03 Jul 2020 23:57:46 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Fri, 03 Jul 2020 23:57:46 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
328 B 179ms
57ms Image
image/gif 23.105.245.5
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=k63KEnPHAoVg
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.105.245.5 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jul 2020 23:57:46 GMT
server: nginx/1.19.0
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=7329f681-b2d2-4a62-85a0-01d4363edcb3
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=7329f681-b2d2-4a62-85a0-01d4363edcb3
https://cm.mgid.com/m?cdsp=433145&c=4c5854a4-fe11-4ed8-9e91-12f027fad007

43 B
198 B

70ms
69ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=4c5854a4-fe11-4ed8-9e91-12f027fad007
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jul 2020 23:57:46 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5ad48d000ea8cc36-ZRH
content-type: image/gif
cf-request-id: 03b8b674070000cc3689aa7200000001

Redirect headers

status: 302
date: Fri, 03 Jul 2020 23:57:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //cm.mgid.com/m?cdsp=433145&c=4c5854a4-fe11-4ed8-9e91-12f027fad007
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D&crf=1
https://cm.mgid.com/m?cdsp=501036&c=0b24bc90-def4-52ba-858a-cb25db750edf

43 B
182 B

69ms
69ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501036&c=0b24bc90-def4-52ba-858a-cb25db750edf
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jul 2020 23:57:46 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5ad48cff9e15cc36-ZRH
content-type: image/gif
cf-request-id: 03b8b673c20000cc3689aa1200000001

Redirect headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: https://cm.mgid.com/m?cdsp=501036&c=0b24bc90-def4-52ba-858a-cb25db750edf

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=cfb4b996-f246-43e1-a66c-e5a9a5164206

43 B
333 B

69ms
69ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=cfb4b996-f246-43e1-a66c-e5a9a5164206
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jul 2020 23:57:47 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5ad48d034ae9cc36-ZRH
content-type: image/gif
cf-request-id: 03b8b676110000cc3689ac3200000001

Redirect headers

date: Fri, 03 Jul 2020 23:57:47 GMT
via: 1.1 google
status: 302
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: //cm.mgid.com/m?cdsp=287839&c=cfb4b996-f246-43e1-a66c-e5a9a5164206
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=P6K86C7AYYKXgE0NZugE&pi=mgid&tc=1

43 B
182 B

68ms
68ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=P6K86C7AYYKXgE0NZugE&pi=mgid&tc=1
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jul 2020 23:57:46 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5ad48cffbe35cc36-ZRH
content-type: image/gif
cf-request-id: 03b8b673d30000cc3689aa2200000001

Redirect headers

status: 302
pragma: no-cache
date: Fri, 03 Jul 2020 23:57:46 GMT, Fri, 03 Jul 2020 23:57:46 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://cm.mgid.com/m?cdsp=501037&c=P6K86C7AYYKXgE0NZugE&pi=mgid&tc=1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
558 B 120ms
68ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=k63KEnPHAoVg
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jul 2020 23:57:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5ad48cff1d96cc42-ZRH
content-type: image/gif
cf-request-id: 03b8b6736f0000cc42b92bd200000001

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D433143%26c%3D%7Bdevice_id%7D
https://cm.mgid.com/m?cdsp=433143&c=fe121f4d-a92c-400a-853d-ce3aa861ef79

43 B
190 B

73ms
72ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433143&c=fe121f4d-a92c-400a-853d-ce3aa861ef79
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jul 2020 23:57:46 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5ad48cff4daecc36-ZRH
content-type: image/gif
cf-request-id: 03b8b673900000cc3689a9f200000001

Redirect headers

status: 307
date: Fri, 03 Jul 2020 23:57:46 GMT
content-length: 0
location: https://cm.mgid.com/m?cdsp=433143&c=fe121f4d-a92c-400a-853d-ce3aa861ef79

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azYzS0VuUEhBb1Zn&muidn=k63KEnPHAoVg
https://cm.mgid.com/google?muidn=k63KEnPHAoVg&google_ula={guid},5&google_gid=CAESENjMibaIfnv_nF20ZnPTNOs&google_cver=1

0
397 B

69ms
69ms

Image
text/plain

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=k63KEnPHAoVg&google_ula={guid},5&google_gid=CAESENjMibaIfnv_nF20ZnPTNOs&google_cver=1
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jul 2020 23:57:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5ad48cfefd24cc36-ZRH
content-type: text/plain
cf-request-id: 03b8b6735e0000cc3689a99200000001

Redirect headers

pragma: no-cache
date: Fri, 03 Jul 2020 23:57:46 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=k63KEnPHAoVg&google_ula={guid},5&google_gid=CAESENjMibaIfnv_nF20ZnPTNOs&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=7a34f808-85e0-4b85-93e5-0314e13b80b6&ttl=1596412666

43 B
198 B

71ms
71ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=7a34f808-85e0-4b85-93e5-0314e13b80b6&ttl=1596412666
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jul 2020 23:57:46 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5ad48cffee7fcc36-ZRH
content-type: image/gif
cf-request-id: 03b8b673f40000cc3689aa6200000001

Redirect headers

pragma: no-cache
date: Fri, 03 Jul 2020 23:57:46 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=7a34f808-85e0-4b85-93e5-0314e13b80b6&ttl=1596412666
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=k63KEnPHAoVg
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k63KEnPHAoVg
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4c5854a4-fe11-4ed8-9e91-12f027fad007

1 B
997 B

34ms
34ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4c5854a4-fe11-4ed8-9e91-12f027fad007
Requested by: Host: paste.co.id
URL: https://paste.co.id/2FapNfakHM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Fri, 03 Jul 2020 23:57:46 GMT
X-lat: Pug23022:0:305
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

status: 302
date: Fri, 03 Jul 2020 23:57:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4c5854a4-fe11-4ed8-9e91-12f027fad007
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET tr.php
udata.mixmarket.biz/ Frame C15F 0
0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 17ms
16ms XHR
application/json 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200624&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c6131bfc615a6b54bd162869f5786e8398c2ee8c72a122b864c4a881a54b50a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Jul 2020 23:57:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5607
x-xss-protection: 0

POST
H2 200 v2hof2F3iprA_tBYXmuh3_3phk4p7oPSBHGTlaWBU2Yf0d32HzGlHTJWS678QsGPpmQNAB8c9 Show response
lovelydrum.com/ 216 B
607 B 94ms
32ms Fetch
application/json 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lovelydrum.com/v2hof2F3iprA_tBYXmuh3_3phk4p7oPSBHGTlaWBU2Yf0d32HzGlHTJWS678QsGPpmQNAB8c9

Requested by

Host: lovelydrum.com
URL: https://lovelydrum.com/99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

111.91.190.35.bc.googleusercontent.com

Software

Resource Hash

29a1e5e40e193ee1ad85eaaa18c0df3ac907a263968d181cfe77989fd4d775a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
status: 200
date: Fri, 03 Jul 2020 23:57:47 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: jane
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Fri, 03 Jul 2020 23:57:46 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200624/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 03 Jul 2020 23:57:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 03 Jul 2020 23:57:47 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame FFB5 0
0 6ms
6ms Document
text/html 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/2FapNfakHM
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/2FapNfakHM

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 03 Jul 2020 23:31:13 GMT
expires: Sat, 03 Jul 2021 23:31:13 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1594
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 14ms
13ms Image
image/gif 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200624&jk=297144689403037&bg=!qaqlqrJY-QL2qo4ZNxQCAAAAS1IAAAAMmQF8P3aoJukkKEpw_oZbpkkKiUiYzEyBy8-cvpxb7yWPAQEwuRzR6Ji8otYCVaWiT-cOwsM51TL38m05unzrAVD3ep7l8sCXjATw-JhJ083qpn3yjWLEQrGjHvsIG8vpLvV5Bgs2ABgllE5H11nQOEgXj_f7SFXYfPXBbiqDzNXw3NkTpHwKZgVXJPn7fsGZtuUWvQE4xoV3SpLEXhqyZ0bTT9PS0nl9VkcjRfg3t5MIhT31fo6egaLZRHvdjSxLMoHTsNEas-IPNPOV0QWjVp13INQ0Mpdy9-AejMUzZMpfm_faVj_T538pDN_-fqt7nC_XGWS30xpwPHkk_ikp_OnKMwIB6j_6YMNOV2sG1GU_AiJ17R0tzVL8GJDoD2u8N4Cf2610imE1Tdq5auCRpuPtblLQ0j2WFwP70RHaMp4pb6ynkY9VSyy_KPlHxaB07bUfOBTIoT5X0AVn8gshztkMXhtrcO5_vnf5EjqCKYneQPlDqGh5NeSPygFEO4c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/2FapNfakHM
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Jul 2020 23:57:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: udata.mixmarket.biz
URL: https://udata.mixmarket.biz/tr.php?syncnet=28&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D311971%26mode%3Dinverse%26c%3D%24UID

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
eus.rubiconproject.com/	1970-01-19 12:53:16	Name: pux Value: 1512%3D92088%262231%3D92088%262249%3D92088%262307%3D92088%262974%3D92088%263778%3D92088%262249-DV360-Hosted%3D92088%26brx%3D92088%26
.doubleclick.net/	1970-01-19 20:05:16	Name: IDE Value: AHWqTUkg6hnlu2Y73Cbur3joP_Bwl24FMWDiZXf4tPNwfxmDDUFqVDbK8-gh9azq
paste.co.id/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C914924%22%3A%7B%22page%22%3A1%2C%22time%22%3A1593820666587%7D%7D
.rubiconproject.com/	1970-01-19 19:29:16	Name: audit Value: 1\|wcr5BTlzHjEeZFQTm32ShGT7JXeCG5CGTyKXcATt6ZUcWV3CTTmANZD+zFLBlvD8mzH3eIoRDYbqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.rubiconproject.com/	1970-01-19 19:29:16	Name: khaos Value: KC6VO9B5-1L-5EPT
.paste.co.id/	1970-01-19 10:43:40	Name: _gat_gtag_UA_137362802_1 Value: 1
.paste.co.id/	1970-01-20 04:14:52	Name: _ga Value: GA1.3.1479136358.1593820666
.paste.co.id/	1970-01-19 11:26:52	Name: __cfduid Value: d8f12d04cd63189877036847bc1db75751593820662
paste.co.id/	1970-01-19 10:43:47	Name: pasteshr_session Value: eyJpdiI6IjN5eERDSmEwTytadnJHRFpTWm56bEE9PSIsInZhbHVlIjoiV1hlNXR6dkdwSmVPcDhZWHF1VkE3SkVIbE15MlhCUVRKaG1KUWlNSVh3Kzc0WktTek5HNzZLdExPaHk3eE1TciIsIm1hYyI6ImNjMzIyNDdiYWQ4YzNmNzc2NjA3YjFmNGE2YzM4MGExMzFjMjkxNjk1ODJmMzg5NTU2YzAwY2IzODQ2NzQxMjYifQ%3D%3D
.paste.co.id/	1970-01-19 10:45:07	Name: _gid Value: GA1.3.1227936705.1593820667
paste.co.id/	1970-01-19 10:43:47	Name: XSRF-TOKEN Value: eyJpdiI6IktcL2hleVhWMEVENERneUk2TjN4S2d3PT0iLCJ2YWx1ZSI6IjdDQ09uUGpqTXVYQWVxVjlySE8rOU10T2Jka3RydWpRYlwvSnlrNDNHYkwyVkJwaWNrbEhtY3pjNzRIM3EyTlJ5IiwibWFjIjoiYWEyZmNiYzQzY2Q0OTcxOGE1NDJkMjEwYWNmMDM4NDQxODU5ODQwYjYxZmJkYjk0MjNkZDRhOTRhNDQ2MWExMCJ9

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js(Line 9) Message: [object HTMLImageElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.betweendigital.com
adservice.google.com
adservice.google.de
ams.creativecdn.com
bidswitch-eu.splicky.com
cdn.mgid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
csync.loopme.me
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img.shields.io
jsc.mgid.com
lovelydrum.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
paste.co.id
rtb-usw.mfadsrvr.com
s-img.mgid.com
secure-assets.rubiconproject.com
servicer.mgid.com
simage2.pubmatic.com
stats.g.doubleclick.net
tpc.googlesyndication.com
udata.mixmarket.biz
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
udata.mixmarket.biz
104.109.78.125
104.16.221.74
104.19.133.78
138.201.34.178
172.217.23.134
184.30.212.16
185.184.8.30
185.64.190.80
188.42.196.115
2001:4de0:ac19::1:b:3b
216.58.208.34
23.105.245.5
2606:4700:3034::681f:4ec2
2606:4700:3037::681c:1415
2606:4700::6810:84e5
2a00:1450:4001:801::200a
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
2a00:1450:4001:815::2001
2a00:1450:4001:818::2003
2a00:1450:4001:819::2003
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::2004
2a00:1450:4001:821::2002
2a00:1450:400c:c00::9d
35.190.91.111
35.212.212.222
52.57.243.126
63.32.144.14
88.99.98.226
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
13f49578079ce90bfc63c1d271af36739f07745ff0b709361ad2c1e43e53a39b
140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1c1589027a3f50541641265dce959aee064e886c9ec60cb34b07bfb77e15cdd2
1eb2a67b402b9d8fb0035220fb9a9221bf0cb27d1f57ae0ffd21246d93a6b03f
249a4c7e17d39687ec462a8fe3f4907d75a7ab434f3e2498050c49dbb752f621
29a1e5e40e193ee1ad85eaaa18c0df3ac907a263968d181cfe77989fd4d775a8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6
3b875fb9e752a404aa479f590db78bc29e6da06eca8ad8c4426458053944e761
3ee0995d2fb72037a255f4037d09cef5ea44a73b6b74e228f43972ce5f656467
44288f73f147364037a1125b227d89a6dbb9cd022e92b235dc7f06cbd84e7fc9
47e1adf42f6bca4482f1745cf3a99434d9192adb3d5f67ea8f0ecb4319a4d46a
542da48a409763dde3a8bec76fae5d8c92583f8d5c8c8a1fde43f78c940ca231
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
58764a5074326144cead9446de3532dd261bafc6c4c666c243c0b0fcf68a402c
59d3b0f41ff8ed0ab160bbe4df8c72cfcbd729ee6e97f23c1a8ff1913b78ad52
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5bd7d4a40279c9f844000d83a704e6195dbed80cfa5ab60b32209ef7026bd404
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
748851c4d2e38c4f7587afb6b6e54dfc26e7329018d27911115f1840e251d4a8
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c6131bfc615a6b54bd162869f5786e8398c2ee8c72a122b864c4a881a54b50a
7e83fc3dc542e7be4f58dea74a3d729956bf590acec4c8521de9dc8a74b276c6
8140bf7ea45bfdc0f29a695bd93fc79c9388e63ddef0b5e5784e7faaf361c4a0
8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045
8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716
8c84459f0c92349eac14ab94fa19f3dace511b376e32e84cf3b41e96a67730ff
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a20070fc475f7befb15e531f7212f19fa7502ee9a53fcabf36d42a09ac9260b2
a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a
b08e5fe9ec56e2796a5d666f972d7870635fc23ce3de1f34845f359fb35b450a
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
bf8eeec0243213e8b5d4caf858a57977c915a8d8b004991ba9260603d2c0d920
c1f38b2083d2949213e8e27b93755a4631a066e62e49b23e4ac9993baadd8b29
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f681c2cf287fb35c6ebd748daabeb0d5c6ded3ef45d759bfb7840c910199e5d7
f96c53b9b03f4b4ab67841c2ffd39ec588c945206edb5d8f6e7725859e29f69d
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

paste.co.id Open in urlscan Pro 2606:4700:3034::681f:4ec2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

70 Requests

99 %HTTPS

47 %IPv6

27 Domains

39 Subdomains

20 IPs

9 Countries

945 kBTransfer

2496 kBSize

11 Cookies

23 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paste.co.id Open in urlscan Pro
2606:4700:3034::681f:4ec2 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

99 %
HTTPS

47 %
IPv6

27
Domains

39
Subdomains

20
IPs

9
Countries

945 kB
Transfer

2496 kB
Size

11
Cookies

70 HTTP transactions
5 data transactions