paste.co.id Open in urlscan Pro
5.189.137.168 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paste.co.id/4ieUaxeb1e
Submission: On August 15 via manual (August 15th 2021, 6:23:06 am UTC) from ID

Summary HTTP 133 Redirects Links 60 Behaviour Indicators

Summary

This website contacted 43 IPs in 6 countries across 37 domains to perform 133 HTTP transactions. The main IP is 5.189.137.168, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is paste.co.id.
TLS certificate: Issued by R3 on June 22nd 2021. Valid for: 3 months.

This is the only time paste.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	5.189.137.168 5.189.137.168	51167 (CONTABO) (CONTABO)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
6	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
10	139.45.196.145 139.45.196.145	9002 (RETN-AS) (RETN-AS)
19	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	109.203.125.88 109.203.125.88	31727 (NODE4-AS) (NODE4-AS)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4b09	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	139.45.197.234 139.45.197.234	9002 (RETN-AS) (RETN-AS)
1 2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	139.45.197.250 139.45.197.250	9002 (RETN-AS) (RETN-AS)
6	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
1	139.45.197.243 139.45.197.243	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
3	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2606:4700:20:... 2606:4700:20::681a:87b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2	139.45.197.156 139.45.197.156	9002 (RETN-AS) (RETN-AS)
12	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	54.192.219.96 54.192.219.96	16509 (AMAZON-02) (AMAZON-02)
1 3	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a0c:5c81:513... 2a0c:5c81:5139::2	55081 (24SHELLS) (24SHELLS)
3 3	35.157.197.70 35.157.197.70	16509 (AMAZON-02) (AMAZON-02)
1	35.227.247.230 35.227.247.230	15169 (GOOGLE) (GOOGLE)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1 1	109.206.188.82 109.206.188.82	50245 (SERVEREL-AS) (SERVEREL-AS)
2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	104.19.217.61 104.19.217.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.210.178.101 35.210.178.101	19527 (GOOGLE-2) (GOOGLE-2)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
2	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
133	43

16 5.189.137.168 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)

paste.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dozubatan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.196.145 (United Kingdom)

ASN9002 (RETN-AS, GB)

seeptoag.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.19.133.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.203.125.88 (United Kingdom)

ASN31727 (NODE4-AS, GB)
PTR: euk-88894.eukservers.com

www.qrcoder.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4b09 (United States)

ASN13335 (CLOUDFLARENET, US)

iclickcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.234 (United Kingdom)

ASN9002 (RETN-AS, GB)

bedrapiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)

pseepsie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

toglooman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
itgiblean.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)

onmarshtompor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:87b (United States)

ASN13335 (CLOUDFLARENET, US)

static.lalaping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.156 (United Kingdom)

ASN9002 (RETN-AS, GB)

static.cdnativepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.192.219.96 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-54-192-219-96.mrs52.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.42.132 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.197.70 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-197-70.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.247.230 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 230.247.227.35.bc.googleusercontent.com

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.131 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.188.82 (Netherlands) 1 redirects

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.188.82.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.217.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.178.101 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 101.178.210.35.bc.googleusercontent.com

a.volvelle.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.149.0.72 (Ukraine) 1 redirects

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

o.wowreality.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	mgid.com jsc.mgid.com c.mgid.com cdn.mgid.com servicer.mgid.com s-img.mgid.com cm.mgid.com	285 KB
16	paste.co.id paste.co.id	416 KB
10	seeptoag.net seeptoag.net	65 KB
9	google.com adservice.google.com www.google.com	36 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	224 KB
7	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	10 KB
5	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com	11 KB
5	toglooman.com toglooman.com	124 KB
5	inpagepush.com inpagepush.com	32 KB
4	cloudflare.com cdnjs.cloudflare.com	49 KB
3	bidswitch.net 3 redirects x.bidswitch.net	662 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	rtmark.net my.rtmark.net	2 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	pseepsie.com pseepsie.com	45 KB
3	google.de adservice.google.de www.google.de	394 B
2	wowreality.info o.wowreality.info	398 B
2	creativecdn.com 2 redirects creativecdn.com	687 B
2	volvelle.tech 2 redirects a.volvelle.tech	1 KB
2	adtelligent.com 1 redirects s.adtelligent.com sync.adtelligent.com	1 KB
2	cdnativepush.com static.cdnativepush.com	7 KB
2	googletagmanager.com www.googletagmanager.com	80 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
1	itgiblean.com itgiblean.com	326 B
1	lentainform.com cm.lentainform.com	496 B
1	e-volution.ai 1 redirects sync.e-volution.ai	463 B
1	adsrvr.org 1 redirects match.adsrvr.org	473 B
1	idealmedia.io cm.idealmedia.io	413 B
1	4dex.io mp.4dex.io	364 B
1	lalaping.com static.lalaping.com	34 KB
1	onmarshtompor.com onmarshtompor.com	833 B
1	dozubatan.com dozubatan.com	30 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	googleadservices.com partner.googleadservices.com	259 B
1	bedrapiona.com bedrapiona.com	2 KB
1	iclickcdn.com iclickcdn.com	21 KB
1	qrcoder.co.uk www.qrcoder.co.uk
133	37

	Domain	Requested by
16	paste.co.id	paste.co.id cdnjs.cloudflare.com
12	s-img.mgid.com
10	seeptoag.net	paste.co.id seeptoag.net
7	cm.mgid.com	jsc.mgid.com s.adtelligent.com
7	www.google.com	paste.co.id tpc.googlesyndication.com
6	pagead2.googlesyndication.com	paste.co.id pagead2.googlesyndication.com tpc.googlesyndication.com
5	toglooman.com	iclickcdn.com toglooman.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	inpagepush.com	paste.co.id inpagepush.com
4	cdn.mgid.com	jsc.mgid.com
4	cdnjs.cloudflare.com	paste.co.id
3	x.bidswitch.net	3 redirects
3	sb.scorecardresearch.com	1 redirects jsc.mgid.com
3	servicer.mgid.com	jsc.mgid.com
3	c.mgid.com	jsc.mgid.com
3	my.rtmark.net	inpagepush.com onmarshtompor.com paste.co.id
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	pseepsie.com	iclickcdn.com pseepsie.com
2	o.wowreality.info	static.lalaping.com
2	creativecdn.com	2 redirects
2	a.volvelle.tech	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	static.cdnativepush.com	inpagepush.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.googletagmanager.com	paste.co.id www.googletagmanager.com
2	jsc.mgid.com	paste.co.id jsc.mgid.com
2	maxcdn.bootstrapcdn.com	paste.co.id maxcdn.bootstrapcdn.com
1	itgiblean.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	sync.adtelligent.com	1 redirects
1	cm.lentainform.com
1	pixel.rubiconproject.com
1	sync.e-volution.ai	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	match.adsrvr.org	1 redirects
1	cm.idealmedia.io
1	mp.4dex.io
1	s.adtelligent.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	static.lalaping.com	toglooman.com
1	www.google.de	paste.co.id
1	stats.g.doubleclick.net	www.google-analytics.com
1	onmarshtompor.com	iclickcdn.com
1	dozubatan.com	iclickcdn.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	bedrapiona.com	iclickcdn.com
1	iclickcdn.com	paste.co.id
1	www.qrcoder.co.uk	paste.co.id
133	51

This site contains links to these domains. Also see Links.

Domain
widgets.mgid.com
www.mgid.com
twitter.com
huggingface.co
www.bulbapp.com
lesflots-atlantique.fr
calclub.com
socraticmed.net
www.hybrid-analysis.com
www.easymarks.org
www.vibrantbuzz.com
articlepedia.xyz
dcm.shivtr.com
ide.geeksforgeeks.org
www.peeranswer.com
paiza.io
www.4mark.net

Subject Issuer	Validity	Valid
paste.co.id R3	`2021-06-22` - `2021-09-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
inpagepush.com R3	`2021-07-30` - `2021-10-28`	3 months	crt.sh
seeptoag.net R3	`2021-08-11` - `2021-11-09`	3 months	crt.sh
qrcoder.co.uk cPanel, Inc. Certification Authority	`2021-08-14` - `2021-11-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
bedrapiona.com R3	`2021-08-03` - `2021-11-01`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
dozubatan.com R3	`2021-08-10` - `2021-11-08`	3 months	crt.sh
pseepsie.com R3	`2021-05-28` - `2021-08-26`	3 months	crt.sh
toglooman.com R3	`2021-07-09` - `2021-10-07`	3 months	crt.sh
onmarshtompor.com R3	`2021-08-04` - `2021-11-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
cdnativepush.com R3	`2021-07-14` - `2021-10-12`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-08-05` - `2021-11-03`	3 months	crt.sh
mp.4dex.io GTS CA 1D4	`2021-06-26` - `2021-09-24`	3 months	crt.sh
wowreality.info R3	`2021-07-30` - `2021-10-28`	3 months	crt.sh
itgiblean.com R3	`2021-08-10` - `2021-11-08`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://paste.co.id/4ieUaxeb1e
Frame ID: 5C09D090166433C0A0F0D27FB98FD0B4
Requests: 109 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html
Frame ID: 0655BE2ADBB30B2726A895010AA1E08F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1629008567&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629008567504&bpp=4&bdt=363&idt=88&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7814829944796&frm=20&pv=2&ga_vid=1827750385.1629008568&ga_sid=1629008568&ga_hid=185098454&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060566%2C20211866%2C31062297&oid=3&pvsid=1555805492747483&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=104
Frame ID: AED9205AE78245DA4D18724EEA5ACCAE
Requests: 1 HTTP requests in this frame

Frame: https://onmarshtompor.com/fac.php?OAID=34d87b5aae4f48b7908e409265606345&oaidts=1629008567
Frame ID: 97AE6D0B56CEE935EFCBDC4C5FD78C16
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.1227730195~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1629008568&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629008568047&bpp=3&bdt=906&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c9c1b0639c58d24-22b58ae4abc9006c%3AT%3D1629008567%3ART%3D1629008567%3AS%3DALNI_MYGv-J38OpAk9gfK_3xPjiNRS6hvg&prev_fmts=0x0&nras=2&correlator=7814829944796&frm=20&pv=1&ga_vid=1827750385.1629008568&ga_sid=1629008568&ga_hid=185098454&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060566%2C20211866%2C31062297&oid=3&pvsid=1555805492747483&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1EQgetdVFN&p=https%3A//paste.co.id&dtd=12
Frame ID: 64F7F865B965B7742DA25351A7A4F21F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=1213588912&adf=2179270891&pi=t.aa~a.2711115096~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1629008568&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629008568047&bpp=1&bdt=905&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c9c1b0639c58d24-22b58ae4abc9006c%3AT%3D1629008567%3ART%3D1629008567%3AS%3DALNI_MYGv-J38OpAk9gfK_3xPjiNRS6hvg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7814829944796&frm=20&pv=1&ga_vid=1827750385.1629008568&ga_sid=1629008568&ga_hid=185098454&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1705&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060566%2C20211866%2C31062297&oid=3&pvsid=1555805492747483&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=mFiI9C6kyE&p=https%3A//paste.co.id&dtd=17
Frame ID: D3E6124A57B6B4C0CE69F5673941E1D9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=90&adk=2820297975&adf=1011119886&pi=t.aa~a.2711115096~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1629008568&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x90&url=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629008568047&bpp=1&bdt=906&idt=1&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c9c1b0639c58d24-22b58ae4abc9006c%3AT%3D1629008567%3ART%3D1629008567%3AS%3DALNI_MYGv-J38OpAk9gfK_3xPjiNRS6hvg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=7814829944796&frm=20&pv=1&ga_vid=1827750385.1629008568&ga_sid=1629008568&ga_hid=185098454&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2181&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060566%2C20211866%2C31062297&oid=3&pvsid=1555805492747483&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=aTaKIYrspz&p=https%3A//paste.co.id&dtd=20
Frame ID: 6AF106F6B56395E4EEB368D00FBD5072
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 04EB9BC4F7E5227E50771CC2785BB0F5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 6DAB090DC17372BAABB36ADF405E8BBF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4D03670113E4518101D57A66E2EA7EC8
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1629008569046364493551
Frame ID: A25A75B1E415C861099F8E8396717007
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 7C933F146F0653557C972FF97421266C
Requests: 3 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: 3FEE5EB2C1898A8C096E8B17039EBD91
Requests: 2 HTTP requests in this frame

Frame: https://static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/0987259079146.png
Frame ID: CB6FCD9BBD2B1DCDC134E34C601933E1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

133
Requests

100 %
HTTPS

46 %
IPv6

37
Domains

51
Subdomains

43
IPs

6
Countries

1609 kB
Transfer

3950 kB
Size

11
Cookies

60 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.mgid.com/?utm_source=paste.co.id&utm_medium=referral&utm_campaign=widgets&utm_content=997452
Title:

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy
Title:

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164852/i/57333099/0/pp/1/1?h=vN0NeaO0MK7ZgmqzYWt3o-Xnmm5Q9Lv3jZG57x1OP0obCOf8AMmhbTFliWaxJIRz&rid=365cf9b0-fd91-11eb-8adb-d094662c24f7&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164860/i/57333099/0/pp/2/1?h=vN0NeaO0MK7ZgmqzYWt3o-ZtvU1u0pDDuF4CNPunJDRfmIscOp2Tx4TjWRdfALBd&rid=365cf9b0-fd91-11eb-8adb-d094662c24f7&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164845/i/57333099/0/pp/3/1?h=vN0NeaO0MK7ZgmqzYWt3oyBX2rE1PA_Kyep65uEc9vyN07_hkqKq5BP4sAmSTl3F&rid=365cf9b0-fd91-11eb-8adb-d094662c24f7&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164865/i/57333099/0/pp/4/1?h=vN0NeaO0MK7ZgmqzYWt3o-UjhAmL1ifEPjOJdKd_YtB847ICFlsGvkIPNAsEkmsF&rid=365cf9b0-fd91-11eb-8adb-d094662c24f7&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://twitter.com/DuneEspanol
Title: https://twitter.com/DuneEspanol

Search URL Search Domain Scan URL

URL: https://twitter.com/DuneEspanol/status/1426761393370370050
Title: https://twitter.com/DuneEspanol/status/1426761393370370050

Search URL Search Domain Scan URL

URL: https://huggingface.co/Raging-fire-full-version
Title: https://huggingface.co/Raging-fire-full-version

Search URL Search Domain Scan URL

URL: https://huggingface.co/Watch-Raging-Fire-Full-Version-TW
Title: https://huggingface.co/Watch-Raging-Fire-Full-Version-TW

Search URL Search Domain Scan URL

URL: https://huggingface.co/Watch-TheSuicideSquad-2021-PutlockerHD
Title: https://huggingface.co/Watch-TheSuicideSquad-2021-PutlockerHD

Search URL Search Domain Scan URL

URL: https://huggingface.co/123movies-TheSuicideSquad-watch-free
Title: https://huggingface.co/123movies-TheSuicideSquad-watch-free

Search URL Search Domain Scan URL

URL: https://huggingface.co/Watch-Suicide-Squad-2-Full-Movie
Title: https://huggingface.co/Watch-Suicide-Squad-2-Full-Movie

Search URL Search Domain Scan URL

URL: https://huggingface.co/Watch-here-The-Suicide-Squad-full-2021
Title: https://huggingface.co/Watch-here-The-Suicide-Squad-full-2021

Search URL Search Domain Scan URL

URL: https://huggingface.co/Watch-OLD-2021-Full-Free
Title: https://huggingface.co/Watch-OLD-2021-Full-Free

Search URL Search Domain Scan URL

URL: https://huggingface.co/HDq-OLD-2021-Watch-Movie-4K
Title: https://huggingface.co/HDq-OLD-2021-Watch-Movie-4K

Search URL Search Domain Scan URL

URL: https://huggingface.co/123Movies-Watch-Old-2021
Title: https://huggingface.co/123Movies-Watch-Old-2021

Search URL Search Domain Scan URL

URL: https://huggingface.co/WATCH-OLD-FULL-MOVIE-2021
Title: https://huggingface.co/WATCH-OLD-FULL-MOVIE-2021

Search URL Search Domain Scan URL

URL: https://huggingface.co/Repelis-Fre-Guy-2021-Ver-HD
Title: https://huggingface.co/Repelis-Fre-Guy-2021-Ver-HD

Search URL Search Domain Scan URL

URL: https://huggingface.co/Ver-Free-Guy-Pelicula-2021
Title: https://huggingface.co/Ver-Free-Guy-Pelicula-2021

Search URL Search Domain Scan URL

URL: https://huggingface.co/Repelis-Ver-Free-Guy-2021-Pelicula
Title: https://huggingface.co/Repelis-Ver-Free-Guy-2021-Pelicula

Search URL Search Domain Scan URL

URL: https://huggingface.co/Cineboom-CL-FREE-GUY-Ver-Pelicula
Title: https://huggingface.co/Cineboom-CL-FREE-GUY-Ver-Pelicula

Search URL Search Domain Scan URL

URL: https://huggingface.co/Free-Guy-Pelicula-Completa
Title: https://huggingface.co/Free-Guy-Pelicula-Completa

Search URL Search Domain Scan URL

URL: https://huggingface.co/Ver-4K-FREE-GUY-Pelicula-Descargar
Title: https://huggingface.co/Ver-4K-FREE-GUY-Pelicula-Descargar

Search URL Search Domain Scan URL

URL: https://www.bulbapp.com/u/repelis-ver-free-guy-2021-pel%C3%ADcula-completa-online-hd-chile
Title: https://www.bulbapp.com/u/repelis-ver-free-guy-2021-película-completa-online-hd-chile

Search URL Search Domain Scan URL

URL: https://www.bulbapp.com/u/cine-ver-free-guy-2021-pel%C3%ADcula-completa-en-espa%C3%B1ol
Title: https://www.bulbapp.com/u/cine-ver-free-guy-2021-película-completa-en-español

Search URL Search Domain Scan URL

URL: https://www.bulbapp.com/u/%E8%84%AB%E7%A8%BF%E7%8E%A9%E5%AE%B6-%E5%AE%8C%E6%95%B4%E7%89%88%E6%9C%AC-%E7%B7%9A%E4%B8%8A%E7%9C%8B%E7%94%B5%E5%BD%B1-%E5%AE%8C%E6%95%B4%E7%89%88%E5%9C%A8%E7%B7%9A%E5%B0%8F%E9%B4%A8-hd-2021
Title: https://www.bulbapp.com/u/脫稿玩家-完整版本-線上看电影-完整版在線小鴨-hd-2021

Search URL Search Domain Scan URL

URL: https://www.bulbapp.com/u/%E3%80%8A%E8%84%AB%E7%A8%BF%E7%8E%A9%E5%AE%B6%E3%80%8B-%E7%B7%9A%E4%B8%8A%E7%9C%8B%E5%B0%8F%E9%B4%A8%E5%AE%8C%E6%95%B4%E7%89%88%E3%80%90free-guy%E3%80%91-%E5%AE%8C%E6%95%B4%E7%89%88-hd
Title: https://www.bulbapp.com/u/《脫稿玩家》-線上看小鴨完整版【free-guy】-完整版-hd

Search URL Search Domain Scan URL

URL: https://www.bulbapp.com/u/%E6%80%92%E7%81%AB%C2%B7%E9%87%8D%E6%A1%88-%E6%80%92%E7%81%AB%E2%96%B7raging-fire-%E7%B7%9A%E4%B8%8A%E7%9C%8B%E5%AE%8C%E6%95%B4%E7%89%88-2021-%E7%94%B5%E5%BD%B1%E5%9C%A8%E7%BA%BF-%F0%9D%90%87%F0%9D%90%83-%E8%A7%82%E7%9C%8B%E5%92%8C%E4%B8%8B%E8%BD%BD
Title: https://www.bulbapp.com/u/怒火·重案-怒火▷raging-fire-線上看完整版-2021-电影在线-𝐇𝐃-观看和下载

Search URL Search Domain Scan URL

URL: https://www.bulbapp.com/u/%E8%84%AB%E7%A8%BF%E7%8E%A9%E5%AE%B6-free-guy-2021-%E4%B8%8B%E8%BD%BD1080p-%E5%85%8D%E8%B4%B9%E7%BA%BF%E4%B8%8A%E7%9C%8B-2021%E5%B9%B4%E5%AE%8C%E6%95%B4%E7%89%88
Title: https://www.bulbapp.com/u/脫稿玩家-free-guy-2021-下载1080p-免费线上看-2021年完整版

Search URL Search Domain Scan URL

URL: https://www.bulbapp.com/u/%E8%84%AB%E7%A8%BF%E7%8E%A9%E5%AE%B6%E2%96%B7-%E7%B7%9A%E4%B8%8A%E7%9C%8B%E5%AE%8C%E6%95%B4%E7%89%88-2021-%E7%94%B5%E5%BD%B1%E5%9C%A8%E7%BA%BF-%F0%9D%90%87%F0%9D%90%83-%E8%A7%82%E7%9C%8B%E5%92%8C%E4%B8%8B%E8%BD%BD
Title: https://www.bulbapp.com/u/脫稿玩家▷-線上看完整版-2021-电影在线-𝐇𝐃-观看和下载

Search URL Search Domain Scan URL

URL: https://www.bulbapp.com/u/%E8%84%AB%E7%A8%BF%E7%8E%A9%E5%AE%B6-free-guy-%E7%94%B5%E5%BD%B1%E5%AE%8C%E6%95%B4%E7%89%88-%E9%AB%98%E6%B8%85%E7%94%B5%E5%BD%B1-%E5%AE%8C%E6%95%B4%E7%89%88%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B-2021
Title: https://www.bulbapp.com/u/脫稿玩家-free-guy-电影完整版-高清电影-完整版在线观看-2021

Search URL Search Domain Scan URL

URL: https://lesflots-atlantique.fr/en/advert/%ef%bc%88%e9%a6%99%e6%b8%af%e7%94%b5%e5%bd%b1%e7%bd%91%ef%bc%89-%e6%80%92%e7%81%ab%c2%b7%e9%87%8d%e6%a1%88-2021-%e9%ab%98%e6%b8%85%e5%85%8d%e8%b4%b9-%e5%ae%8c%e6%95%b4%e7%89%88%e7%b7%9a%e4%b8%8a/
Title: https://lesflots-atlantique.fr/en/advert/（香港电影网）-怒火·重案-2021-高清免费-完整版線上/

Search URL Search Domain Scan URL

URL: https://lesflots-atlantique.fr/en/advert/%ef%bc%88%e9%a6%99%e6%b8%af%e7%94%b5%e5%bd%b1%e7%bd%91%ef%bc%89-%e8%84%ab%e7%a8%bf%e7%8e%a9%e5%ae%b6-2021-%e9%ab%98%e6%b8%85%e5%85%8d%e8%b4%b9-%e5%ae%8c%e6%95%b4%e7%89%88%e7%b7%9a%e4%b8%8a%e7%9c%8b/
Title: https://lesflots-atlantique.fr/en/advert/（香港电影网）-脫稿玩家-2021-高清免费-完整版線上看/

Search URL Search Domain Scan URL

URL: https://lesflots-atlantique.fr/en/advert/repelis-ver-free-guy-2021pelicula-completa-online-gratis-en-espanol-latino-3/
Title: https://lesflots-atlantique.fr/en/advert/repelis-ver-free-guy-2021pelicula-completa-online-gratis-en-espanol-latino-3/

Search URL Search Domain Scan URL

URL: https://calclub.com/advert/%e8%84%ab%e7%a8%bf%e7%8e%a9%e5%ae%b6-%e5%ae%8c%e6%95%b4%e7%89%88%e6%9c%ac-%e7%b7%9a%e4%b8%8a%e7%9c%8b%e7%94%b5%e5%bd%b1-%e5%ae%8c%e6%95%b4%e7%89%88%e5%9c%a8%e7%b7%9a%e5%b0%8f%e9%b4%a8hd2021/
Title: https://calclub.com/advert/脫稿玩家-完整版本-線上看电影-完整版在線小鴨hd2021/

Search URL Search Domain Scan URL

URL: https://socraticmed.net/groups/watch-here-suicide-squad-2-2021-full-movie-online-free-123movies/
Title: https://socraticmed.net/groups/watch-here-suicide-squad-2-2021-full-movie-online-free-123movies/

Search URL Search Domain Scan URL

URL: https://socraticmed.net/groups/123movies-watch-suicide-squad-2-2021-hd-online-full-free-download/
Title: https://socraticmed.net/groups/123movies-watch-suicide-squad-2-2021-hd-online-full-free-download/

Search URL Search Domain Scan URL

URL: https://socraticmed.net/groups/hdqputlocker-suicide-squad-2-2021-watch-full-movie-online-free/
Title: https://socraticmed.net/groups/hdqputlocker-suicide-squad-2-2021-watch-full-movie-online-free/

Search URL Search Domain Scan URL

URL: https://socraticmed.net/groups/123movies-official-suicide-squad-2-2021-watch-online-movie-full-free-sub-eng/
Title: https://socraticmed.net/groups/123movies-official-suicide-squad-2-2021-watch-online-movie-full-free-sub-eng/

Search URL Search Domain Scan URL

URL: https://www.hybrid-analysis.com/sample/19b3be5bb84376f44abbf05afa4035caa90fcf332dfe5e7de29eb87e1d8bbeba
Title: https://www.hybrid-analysis.com/sample/19b3be5bb84376f44abbf05afa4035caa90fcf332dfe5e7de29eb87e1d8bbeba

Search URL Search Domain Scan URL

URL: https://www.hybrid-analysis.com/sample/19b3be5bb84376f44abbf05afa4035caa90fcf332dfe5e7de29eb87e1d8bbeba/6118a0b9c1678d538e5d5572
Title: https://www.hybrid-analysis.com/sample/19b3be5bb84376f44abbf05afa4035caa90fcf332dfe5e7de29eb87e1d8bbeba/6118a0b9c1678d538e5d5572

Search URL Search Domain Scan URL

URL: http://www.easymarks.org/link/1036598/watch-your-favorite-movies-tv-movies-2021
Title: http://www.easymarks.org/link/1036598/watch-your-favorite-movies-tv-movies-2021

Search URL Search Domain Scan URL

URL: http://www.vibrantbuzz.com/article/1515593/watch-your-favorite-movies-tv-movies-2021-free
Title: http://www.vibrantbuzz.com/article/1515593/watch-your-favorite-movies-tv-movies-2021-free

Search URL Search Domain Scan URL

URL: http://www.vibrantbuzz.com/link/979585/https-twitter-com-duneespanol
Title: http://www.vibrantbuzz.com/link/979585/https-twitter-com-duneespanol

Search URL Search Domain Scan URL

URL: https://articlepedia.xyz/covid-19-in-australia-us/
Title: https://articlepedia.xyz/covid-19-in-australia-us/

Search URL Search Domain Scan URL

URL: https://articlepedia.xyz/watch-free-guy-2021-online-hd-ful-free-123movies/
Title: https://articlepedia.xyz/watch-free-guy-2021-online-hd-ful-free-123movies/

Search URL Search Domain Scan URL

URL: https://dcm.shivtr.com/forum_threads/3578502
Title: https://dcm.shivtr.com/forum_threads/3578502

Search URL Search Domain Scan URL

URL: https://ide.geeksforgeeks.org/YdlGpA0C9z
Title: https://ide.geeksforgeeks.org/YdlGpA0C9z

Search URL Search Domain Scan URL

URL: https://www.peeranswer.com/question/6118a3ac64d813fc5e971263
Title: https://www.peeranswer.com/question/6118a3ac64d813fc5e971263

Search URL Search Domain Scan URL

URL: https://paiza.io/projects/wsRBrTF0KQJUpbcKDMGlTA
Title: https://paiza.io/projects/wsRBrTF0KQJUpbcKDMGlTA

Search URL Search Domain Scan URL

URL: http://www.4mark.net/story/4272006/watch-your-favorite-movies-tv-movies-2021-free
Title: http://www.4mark.net/story/4272006/watch-your-favorite-movies-tv-movies-2021-free

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164920/i/57333099/0/pp/1/1?h=vN0NeaO0MK7ZgmqzYWt3o07KCz3iuNnPJP2Dm4XQY9p13DYGaEzPo33EargwWend&rid=365df27a-fd91-11eb-bcff-d094662c1c35&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164890/i/57333099/0/pp/2/1?h=vN0NeaO0MK7ZgmqzYWt3o55bwzkoINRwtxlCHjU7oPjMp7CA4KN_ZD6kHRmKbi_m&rid=365df27a-fd91-11eb-bcff-d094662c1c35&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164912/i/57333099/0/pp/3/1?h=vN0NeaO0MK7ZgmqzYWt3o0gvkr7KUFjmTgE9tKV5B26aiWuvz67b0uWQ2T2DPFqY&rid=365df27a-fd91-11eb-bcff-d094662c1c35&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193533/i/57333099/0/pp/4/1?h=vN0NeaO0MK7ZgmqzYWt3o_hIai9B0Z05PXMU1ZP5JqIrDAUNwZ5qGLiDZBSjr27J&rid=365df27a-fd91-11eb-bcff-d094662c1c35&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193492/i/57333099/0/pp/1/1?h=vN0NeaO0MK7ZgmqzYWt3o5QaADgCoe0c45hXKwOMEs3RJzY3tNlZobXT2BjMevsK&rid=365cfa30-fd91-11eb-9122-2cea7f875b01&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164888/i/57333099/0/pp/2/1?h=vN0NeaO0MK7ZgmqzYWt3o2fxIohKgTQapH5U-J0tRKxH-8BKSCXhWThbw_BB0o2X&rid=365cfa30-fd91-11eb-9122-2cea7f875b01&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164883/i/57333099/0/pp/3/1?h=vN0NeaO0MK7ZgmqzYWt3o09f3wghoXbn9g3DfseEzMrv6dJNu9VO_4ujzkGa4kGu&rid=365cfa30-fd91-11eb-9122-2cea7f875b01&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193501/i/57333099/0/pp/4/1?h=vN0NeaO0MK7ZgmqzYWt3o8u-wr3N0OJa-ePEtiJm6E81iwgVvKLD2UtInJFuOKxW&rid=365cfa30-fd91-11eb-9122-2cea7f875b01&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 111

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1629008569139&ns_c=UTF-8&cv=3.5&c8=NETFLIX.US%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1629008569139&ns_c=UTF-8&cv=3.5&c8=NETFLIX.US%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&c9=

Request Chain 112

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 114

https://x.bidswitch.net/sync?dsp_id=303&user_id=l7eMR7Hsb3mn HTTP 302
https://mp.4dex.io/setuid?bidder=bidswitch&uid=e931e311-4a2d-47f6-a0d4-0fd572f1a439&gdpr=&gdpr_consent=&us_privacy=

Request Chain 116

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=9aafbfb9-38d5-45e5-9824-c2a7b4ca46cb&ttl=1631600569

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDdlTVI3SHNiM21u&muidn=l7eMR7Hsb3mn HTTP 302
https://cm.mgid.com/google?muidn=l7eMR7Hsb3mn&google_ula={guid},5&google_gid=CAESEM4y7YAvuZk4acQ9YWudin8&google_cver=1

Request Chain 118

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l7eMR7Hsb3mn HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=

Request Chain 120

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=mgid&bsw_uid=e931e311-4a2d-47f6-a0d4-0fd572f1a439 HTTP 302
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid&bsw_uid=e931e311-4a2d-47f6-a0d4-0fd572f1a439 HTTP 302
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=14c29dae-4e1e-402a-bf7a-2e2f4995a99e&ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=e931e311-4a2d-47f6-a0d4-0fd572f1a439&gdpr=&gdpr_consent=&us_privacy=

Request Chain 121

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=IvnUvsSeGmP6xkSwsduf&pi=mgid&tc=1

Request Chain 122

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D HTTP 302
https://cm.mgid.com/m?cdsp=617666&c=2a794492a80cb74e

133 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 4ieUaxeb1e Show response
paste.co.id/ 85 KB
25 KB 3306ms
3170ms Document
text/html 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/4ieUaxeb1e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 809022428e66e3e7b63dba7680b328ddbedd4941a02a8ce0cbe02982e57fbe38

Request headers

:method: GET
:authority: paste.co.id
:scheme: https
:path: /4ieUaxeb1e
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, private
content-type: text/html; charset=UTF-8
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
set-cookie: XSRF-TOKEN=eyJpdiI6ImlBNHZIY0pnbHZFeGFKWHNCam5SRUE9PSIsInZhbHVlIjoiVGZHSlpuc1VpdU5oTTMwek5XdGx5Q0FjZ21OQUhyTFdESng0RlM5SzJDajJ5KzJ6cHNWS2hrYUNjYWxhSVwvNjMiLCJtYWMiOiIzZjI0NmI4MjAzZmIzOTFmZmQ3M2M3OTI5MDdmYTM5MzU5Yjg1YjQyNjExZGVlZjI5OGE3MGY1N2U0OWFiODVhIn0%3D; expires=Sun, 15-Aug-2021 08:22:47 GMT; Max-Age=7200; path=/ pasteshr_session=eyJpdiI6IkYxWlNjSFQ0UWR6QnVCUE9Cc3J1XC9BPT0iLCJ2YWx1ZSI6IlNmWXJlV2xXK0RuZ1hXZWxNT08rOVZcL2NPZ0FlTWQ4c3J1VlI4TzdZMHU1VEczb01zSXZiMVR0WlpONkw1N1lEIiwibWFjIjoiYTM2MDBiNjVlZTA2ZGNmMWEzYTNjOTM1ZDMxZjhhOTMzY2Y2MGJjY2Q3NDM0NmM3MGIxZjQzMDFiODY4MjE3OCJ9; expires=Sun, 15-Aug-2021 08:22:47 GMT; Max-Age=7200; path=/; httponly
content-encoding: gzip
vary: Accept-Encoding
date: Sun, 15 Aug 2021 06:22:47 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 14ms
12ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617
age: 901201
cdn-cachedat: 2021-07-24 08:09:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 40b2c5e257c44c41b18e54bb6d5c182e
cf-ray: 67f05498a86f4a79-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 bootstrap.min.css
paste.co.id/css/ 138 KB
18 KB 179ms
66ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/bootstrap.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

:path: /css/bootstrap.min.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6ImlBNHZIY0pnbHZFeGFKWHNCam5SRUE9PSIsInZhbHVlIjoiVGZHSlpuc1VpdU5oTTMwek5XdGx5Q0FjZ21OQUhyTFdESng0RlM5SzJDajJ5KzJ6cHNWS2hrYUNjYWxhSVwvNjMiLCJtYWMiOiIzZjI0NmI4MjAzZmIzOTFmZmQ3M2M3OTI5MDdmYTM5MzU5Yjg1YjQyNjExZGVlZjI5OGE3MGY1N2U0OWFiODVhIn0%3D; pasteshr_session=eyJpdiI6IkYxWlNjSFQ0UWR6QnVCUE9Cc3J1XC9BPT0iLCJ2YWx1ZSI6IlNmWXJlV2xXK0RuZ1hXZWxNT08rOVZcL2NPZ0FlTWQ4c3J1VlI4TzdZMHU1VEczb01zSXZiMVR0WlpONkw1N1lEIiwibWFjIjoiYTM2MDBiNjVlZTA2ZGNmMWEzYTNjOTM1ZDMxZjhhOTMzY2Y2MGJjY2Q3NDM0NmM3MGIxZjQzMDFiODY4MjE3OCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/4ieUaxeb1e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/4ieUaxeb1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: br
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
etag: "22688-5be452f6-4a15aa;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 18560
expires: Sun, 22 Aug 2021 06:22:47 GMT

GET
H3-29 200 mdb.min.css
paste.co.id/css/ 226 KB
22 KB 168ms
55ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/mdb.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045

Request headers

:path: /css/mdb.min.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6ImlBNHZIY0pnbHZFeGFKWHNCam5SRUE9PSIsInZhbHVlIjoiVGZHSlpuc1VpdU5oTTMwek5XdGx5Q0FjZ21OQUhyTFdESng0RlM5SzJDajJ5KzJ6cHNWS2hrYUNjYWxhSVwvNjMiLCJtYWMiOiIzZjI0NmI4MjAzZmIzOTFmZmQ3M2M3OTI5MDdmYTM5MzU5Yjg1YjQyNjExZGVlZjI5OGE3MGY1N2U0OWFiODVhIn0%3D; pasteshr_session=eyJpdiI6IkYxWlNjSFQ0UWR6QnVCUE9Cc3J1XC9BPT0iLCJ2YWx1ZSI6IlNmWXJlV2xXK0RuZ1hXZWxNT08rOVZcL2NPZ0FlTWQ4c3J1VlI4TzdZMHU1VEczb01zSXZiMVR0WlpONkw1N1lEIiwibWFjIjoiYTM2MDBiNjVlZTA2ZGNmMWEzYTNjOTM1ZDMxZjhhOTMzY2Y2MGJjY2Q3NDM0NmM3MGIxZjQzMDFiODY4MjE3OCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/4ieUaxeb1e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/4ieUaxeb1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: br
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
etag: "38940-5be452f6-4a15a9;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 22616
expires: Sun, 22 Aug 2021 06:22:47 GMT

GET
H3-29 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/ 15 KB
2 KB 12ms
11ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/select2.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 281904
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1624
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-3b5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2IGyJUATzYZnuvtu6%2BieH909D4z%2B3D6f51GlLYsP%2FkZOwVNO%2FUXO75%2FiRAJwy%2BZo3xkIrc0M9i1ux%2FoKdYKj7f%2BwV2rFyaCzKIZ2%2FqbQJ2kzvFXU7FXf7B9nivuPy0S9njOD1obqwL%2B%2BsYuQYh8zPGZw"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 67f05498aee83260-FRA
expires: Fri, 05 Aug 2022 06:22:47 GMT

GET
H3-29 200 special.min.css
paste.co.id/css/skins/ 3 KB
845 B 176ms
63ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/skins/special.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: LiteSpeed /
Resource Hash: d801a7aee4bfe2c958fd643f0cbeec4594298233004ada814fbff90eeb0b1c0b

Request headers

:path: /css/skins/special.min.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6ImlBNHZIY0pnbHZFeGFKWHNCam5SRUE9PSIsInZhbHVlIjoiVGZHSlpuc1VpdU5oTTMwek5XdGx5Q0FjZ21OQUhyTFdESng0RlM5SzJDajJ5KzJ6cHNWS2hrYUNjYWxhSVwvNjMiLCJtYWMiOiIzZjI0NmI4MjAzZmIzOTFmZmQ3M2M3OTI5MDdmYTM5MzU5Yjg1YjQyNjExZGVlZjI5OGE3MGY1N2U0OWFiODVhIn0%3D; pasteshr_session=eyJpdiI6IkYxWlNjSFQ0UWR6QnVCUE9Cc3J1XC9BPT0iLCJ2YWx1ZSI6IlNmWXJlV2xXK0RuZ1hXZWxNT08rOVZcL2NPZ0FlTWQ4c3J1VlI4TzdZMHU1VEczb01zSXZiMVR0WlpONkw1N1lEIiwibWFjIjoiYTM2MDBiNjVlZTA2ZGNmMWEzYTNjOTM1ZDMxZjhhOTMzY2Y2MGJjY2Q3NDM0NmM3MGIxZjQzMDFiODY4MjE3OCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/4ieUaxeb1e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/4ieUaxeb1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: br
last-modified: Wed, 24 Apr 2019 12:08:22 GMT
server: LiteSpeed
etag: "bab-5cc051b6-5052d5;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 778
expires: Sun, 22 Aug 2021 06:22:47 GMT

GET
H3-29 200 app.min.css
paste.co.id/css/ 648 B
288 B 223ms
111ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/app.min.css?v=1.2
Requested by: Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b

Request headers

:path: /css/app.min.css?v=1.2
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6ImlBNHZIY0pnbHZFeGFKWHNCam5SRUE9PSIsInZhbHVlIjoiVGZHSlpuc1VpdU5oTTMwek5XdGx5Q0FjZ21OQUhyTFdESng0RlM5SzJDajJ5KzJ6cHNWS2hrYUNjYWxhSVwvNjMiLCJtYWMiOiIzZjI0NmI4MjAzZmIzOTFmZmQ3M2M3OTI5MDdmYTM5MzU5Yjg1YjQyNjExZGVlZjI5OGE3MGY1N2U0OWFiODVhIn0%3D; pasteshr_session=eyJpdiI6IkYxWlNjSFQ0UWR6QnVCUE9Cc3J1XC9BPT0iLCJ2YWx1ZSI6IlNmWXJlV2xXK0RuZ1hXZWxNT08rOVZcL2NPZ0FlTWQ4c3J1VlI4TzdZMHU1VEczb01zSXZiMVR0WlpONkw1N1lEIiwibWFjIjoiYTM2MDBiNjVlZTA2ZGNmMWEzYTNjOTM1ZDMxZjhhOTMzY2Y2MGJjY2Q3NDM0NmM3MGIxZjQzMDFiODY4MjE3OCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/4ieUaxeb1e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/4ieUaxeb1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: br
last-modified: Fri, 05 Jun 2020 17:06:52 GMT
server: LiteSpeed
etag: "288-5eda7bac-4a15ad;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 222
expires: Sun, 22 Aug 2021 06:22:47 GMT

GET
H3-29 200 prism-okadia.css
paste.co.id/plugins/prismjs/ 13 KB
3 KB 172ms
60ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism-okadia.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6

Request headers

:path: /plugins/prismjs/prism-okadia.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6ImlBNHZIY0pnbHZFeGFKWHNCam5SRUE9PSIsInZhbHVlIjoiVGZHSlpuc1VpdU5oTTMwek5XdGx5Q0FjZ21OQUhyTFdESng0RlM5SzJDajJ5KzJ6cHNWS2hrYUNjYWxhSVwvNjMiLCJtYWMiOiIzZjI0NmI4MjAzZmIzOTFmZmQ3M2M3OTI5MDdmYTM5MzU5Yjg1YjQyNjExZGVlZjI5OGE3MGY1N2U0OWFiODVhIn0%3D; pasteshr_session=eyJpdiI6IkYxWlNjSFQ0UWR6QnVCUE9Cc3J1XC9BPT0iLCJ2YWx1ZSI6IlNmWXJlV2xXK0RuZ1hXZWxNT08rOVZcL2NPZ0FlTWQ4c3J1VlI4TzdZMHU1VEczb01zSXZiMVR0WlpONkw1N1lEIiwibWFjIjoiYTM2MDBiNjVlZTA2ZGNmMWEzYTNjOTM1ZDMxZjhhOTMzY2Y2MGJjY2Q3NDM0NmM3MGIxZjQzMDFiODY4MjE3OCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/4ieUaxeb1e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/4ieUaxeb1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: br
last-modified: Tue, 29 Jan 2019 22:43:52 GMT
server: LiteSpeed
etag: "326d-5c50d728-4c4795;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3354
expires: Sun, 22 Aug 2021 06:22:47 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 26ms
22ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba45b9535d8b81f446e72a0f37425bb253fe5a084d71d58830fb19f48d3f3529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49910
x-xss-protection: 0
server: cafe
etag: 16784155829801746734
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 15 Aug 2021 06:22:47 GMT

GET
H2 200 3509488 Show response
inpagepush.com/400/ 83 KB
30 KB 205ms
87ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3509488

Requested by

Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

28c39ef80bcd100fa6fee14c01dfb0853c6de4dfff7bb58b6d8006a79afc1fda

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 42d172341c6f9dd8d94fe47c522e6c49
pragma: no-cache
date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 ntfc.php Show response
seeptoag.net/ 15 KB
6 KB 169ms
53ms Script
application/javascript 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/ntfc.php?p=3534037
Requested by: Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: aa7b6d5b770a73bfa79bb530f6549221a559d0e366daa55005255ec66ae752db

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 13:13:56 GMT
server: nginx
etag: W/"61127b94-3b23"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H3-29 200 default-avatar.png
paste.co.id/img/ 7 KB
7 KB 118ms
116ms Image
image/png 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paste.co.id/img/default-avatar.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: LiteSpeed /
Resource Hash: d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517

Request headers

:path: /img/default-avatar.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6ImlBNHZIY0pnbHZFeGFKWHNCam5SRUE9PSIsInZhbHVlIjoiVGZHSlpuc1VpdU5oTTMwek5XdGx5Q0FjZ21OQUhyTFdESng0RlM5SzJDajJ5KzJ6cHNWS2hrYUNjYWxhSVwvNjMiLCJtYWMiOiIzZjI0NmI4MjAzZmIzOTFmZmQ3M2M3OTI5MDdmYTM5MzU5Yjg1YjQyNjExZGVlZjI5OGE3MGY1N2U0OWFiODVhIn0%3D; pasteshr_session=eyJpdiI6IkYxWlNjSFQ0UWR6QnVCUE9Cc3J1XC9BPT0iLCJ2YWx1ZSI6IlNmWXJlV2xXK0RuZ1hXZWxNT08rOVZcL2NPZ0FlTWQ4c3J1VlI4TzdZMHU1VEczb01zSXZiMVR0WlpONkw1N1lEIiwibWFjIjoiYTM2MDBiNjVlZTA2ZGNmMWEzYTNjOTM1ZDMxZjhhOTMzY2Y2MGJjY2Q3NDM0NmM3MGIxZjQzMDFiODY4MjE3OCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: paste.co.id
referer: https://paste.co.id/4ieUaxeb1e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/4ieUaxeb1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
last-modified: Wed, 28 Nov 2018 16:58:44 GMT
server: LiteSpeed
etag: "1b2d-5bfec944-90052b;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 6957
expires: Sun, 22 Aug 2021 06:22:47 GMT

GET
H2 200 paste.co.id.997452.js Show response
jsc.mgid.com/p/a/ 2 KB
1 KB 178ms
62ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dfc258187db25a77b8760110cb1dfbd9b13ed139c27b66ea7aa7fffb6055476

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 1655
last-modified: Wed, 11 Aug 2021 13:01:06 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: ZM96RGWWFEMTCVM0
x-amz-id-2: f1RU5sYG6aTXJIRqOSOMw07h0oq770H1eGF8mHreUX85FMEEJkQm4l7ivq04a1wcHUg+YGpoSHA=
cf-bgj: minify
server: cloudflare
etag: W/"eed0b2793fc1188a769da05ae05f7063"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 67f0549b38f14242-AMS
expires: Sun, 15 Aug 2021 09:22:47 GMT

GET
H/1.1 403
Forbidden /
www.qrcoder.co.uk/api/v1/ 0
0 254ms
60ms Image
text/html 109.203.125.88
NODE4-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.qrcoder.co.uk/api/v1/?size=4&text=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e
Requested by: Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 109.203.125.88 , United Kingdom, ASN31727 (NODE4-AS, GB),
Reverse DNS: euk-88894.eukservers.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
28 KB 15ms
15ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 453544
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 27433
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJuaczuUQ3PBEpDD9LeOgQaVEgxv7fgjIfncc2V1TD%2BELJVn%2Bte2kAfWX3z46oQ1%2BWMn%2B9Gh%2BAf5io9RndwuKt%2FbRFZJ0BDolOlV%2F9k3SWolNmQxIr%2Bw%2FftHni2JDKmAstvHqKF5e87oX1jJP%2BITOqW0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 67f05499c8a43260-FRA
expires: Fri, 05 Aug 2022 06:22:47 GMT

GET
H3-29 200 bootstrap.min.js Show response
paste.co.id/js/ 50 KB
13 KB 55ms
55ms Script
application/x-javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/bootstrap.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

:path: /js/bootstrap.min.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6ImlBNHZIY0pnbHZFeGFKWHNCam5SRUE9PSIsInZhbHVlIjoiVGZHSlpuc1VpdU5oTTMwek5XdGx5Q0FjZ21OQUhyTFdESng0RlM5SzJDajJ5KzJ6cHNWS2hrYUNjYWxhSVwvNjMiLCJtYWMiOiIzZjI0NmI4MjAzZmIzOTFmZmQ3M2M3OTI5MDdmYTM5MzU5Yjg1YjQyNjExZGVlZjI5OGE3MGY1N2U0OWFiODVhIn0%3D; pasteshr_session=eyJpdiI6IkYxWlNjSFQ0UWR6QnVCUE9Cc3J1XC9BPT0iLCJ2YWx1ZSI6IlNmWXJlV2xXK0RuZ1hXZWxNT08rOVZcL2NPZ0FlTWQ4c3J1VlI4TzdZMHU1VEczb01zSXZiMVR0WlpONkw1N1lEIiwibWFjIjoiYTM2MDBiNjVlZTA2ZGNmMWEzYTNjOTM1ZDMxZjhhOTMzY2Y2MGJjY2Q3NDM0NmM3MGIxZjQzMDFiODY4MjE3OCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/4ieUaxeb1e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/4ieUaxeb1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: br
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
etag: "c75f-5be452f6-4418f5;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 13341
expires: Sun, 22 Aug 2021 06:22:47 GMT

GET
H3-29 200 mdb.min.js Show response
paste.co.id/js/ 204 KB
59 KB 55ms
54ms Script
application/x-javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/mdb.min.js?v=2
Requested by: Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669

Request headers

:path: /js/mdb.min.js?v=2
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6ImlBNHZIY0pnbHZFeGFKWHNCam5SRUE9PSIsInZhbHVlIjoiVGZHSlpuc1VpdU5oTTMwek5XdGx5Q0FjZ21OQUhyTFdESng0RlM5SzJDajJ5KzJ6cHNWS2hrYUNjYWxhSVwvNjMiLCJtYWMiOiIzZjI0NmI4MjAzZmIzOTFmZmQ3M2M3OTI5MDdmYTM5MzU5Yjg1YjQyNjExZGVlZjI5OGE3MGY1N2U0OWFiODVhIn0%3D; pasteshr_session=eyJpdiI6IkYxWlNjSFQ0UWR6QnVCUE9Cc3J1XC9BPT0iLCJ2YWx1ZSI6IlNmWXJlV2xXK0RuZ1hXZWxNT08rOVZcL2NPZ0FlTWQ4c3J1VlI4TzdZMHU1VEczb01zSXZiMVR0WlpONkw1N1lEIiwibWFjIjoiYTM2MDBiNjVlZTA2ZGNmMWEzYTNjOTM1ZDMxZjhhOTMzY2Y2MGJjY2Q3NDM0NmM3MGIxZjQzMDFiODY4MjE3OCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/4ieUaxeb1e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/4ieUaxeb1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: br
last-modified: Tue, 29 Jan 2019 22:15:46 GMT
server: LiteSpeed
etag: "331d6-5c50d092-441907;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 60235
expires: Sun, 22 Aug 2021 06:22:47 GMT

GET
H3-29 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/ 65 KB
16 KB 18ms
16ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/select2.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 595349
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15668
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-1042e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQ8yPbGEmwtTNZh%2BR7fjiZUJSNhUpGf5WTMZoFiiAZarrnjdW7sI9lnavjnrlfR1v9GkxYToOnEQxO6MfSYNudlqRHHdm0Y8bkuZQ7wRQ2CC5Rq288OlaEzu%2Fd2P9ripRkb%2BwsgHUMUyjgpyJdsNJaf4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 67f0549a59693260-FRA
expires: Fri, 05 Aug 2022 06:22:47 GMT

GET
H3-29 200 ads.js Show response
paste.co.id/js/ 22 B
85 B 75ms
72ms Script
application/x-javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/ads.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140

Request headers

:path: /js/ads.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6ImlBNHZIY0pnbHZFeGFKWHNCam5SRUE9PSIsInZhbHVlIjoiVGZHSlpuc1VpdU5oTTMwek5XdGx5Q0FjZ21OQUhyTFdESng0RlM5SzJDajJ5KzJ6cHNWS2hrYUNjYWxhSVwvNjMiLCJtYWMiOiIzZjI0NmI4MjAzZmIzOTFmZmQ3M2M3OTI5MDdmYTM5MzU5Yjg1YjQyNjExZGVlZjI5OGE3MGY1N2U0OWFiODVhIn0%3D; pasteshr_session=eyJpdiI6IkYxWlNjSFQ0UWR6QnVCUE9Cc3J1XC9BPT0iLCJ2YWx1ZSI6IlNmWXJlV2xXK0RuZ1hXZWxNT08rOVZcL2NPZ0FlTWQ4c3J1VlI4TzdZMHU1VEczb01zSXZiMVR0WlpONkw1N1lEIiwibWFjIjoiYTM2MDBiNjVlZTA2ZGNmMWEzYTNjOTM1ZDMxZjhhOTMzY2Y2MGJjY2Q3NDM0NmM3MGIxZjQzMDFiODY4MjE3OCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/4ieUaxeb1e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/4ieUaxeb1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
last-modified: Sat, 14 Mar 2020 00:25:06 GMT
server: LiteSpeed
etag: "16-5e6c2462-441908;;;"
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 22
expires: Sun, 22 Aug 2021 06:22:47 GMT

GET
H3-29 200 app.min.js Show response
paste.co.id/js/ 1 KB
710 B 75ms
72ms Script
application/x-javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/app.min.js?v=1.5
Requested by: Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93

Request headers

:path: /js/app.min.js?v=1.5
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6ImlBNHZIY0pnbHZFeGFKWHNCam5SRUE9PSIsInZhbHVlIjoiVGZHSlpuc1VpdU5oTTMwek5XdGx5Q0FjZ21OQUhyTFdESng0RlM5SzJDajJ5KzJ6cHNWS2hrYUNjYWxhSVwvNjMiLCJtYWMiOiIzZjI0NmI4MjAzZmIzOTFmZmQ3M2M3OTI5MDdmYTM5MzU5Yjg1YjQyNjExZGVlZjI5OGE3MGY1N2U0OWFiODVhIn0%3D; pasteshr_session=eyJpdiI6IkYxWlNjSFQ0UWR6QnVCUE9Cc3J1XC9BPT0iLCJ2YWx1ZSI6IlNmWXJlV2xXK0RuZ1hXZWxNT08rOVZcL2NPZ0FlTWQ4c3J1VlI4TzdZMHU1VEczb01zSXZiMVR0WlpONkw1N1lEIiwibWFjIjoiYTM2MDBiNjVlZTA2ZGNmMWEzYTNjOTM1ZDMxZjhhOTMzY2Y2MGJjY2Q3NDM0NmM3MGIxZjQzMDFiODY4MjE3OCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/4ieUaxeb1e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/4ieUaxeb1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: br
last-modified: Sat, 14 Mar 2020 00:34:12 GMT
server: LiteSpeed
etag: "5b0-5e6c2684-4418f7;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 643
expires: Sun, 22 Aug 2021 06:22:47 GMT

GET
H3-29 200 prism.js Show response
paste.co.id/plugins/prismjs/ 328 KB
112 KB 75ms
72ms Script
application/x-javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: LiteSpeed /
Resource Hash: af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a

Request headers

:path: /plugins/prismjs/prism.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6ImlBNHZIY0pnbHZFeGFKWHNCam5SRUE9PSIsInZhbHVlIjoiVGZHSlpuc1VpdU5oTTMwek5XdGx5Q0FjZ21OQUhyTFdESng0RlM5SzJDajJ5KzJ6cHNWS2hrYUNjYWxhSVwvNjMiLCJtYWMiOiIzZjI0NmI4MjAzZmIzOTFmZmQ3M2M3OTI5MDdmYTM5MzU5Yjg1YjQyNjExZGVlZjI5OGE3MGY1N2U0OWFiODVhIn0%3D; pasteshr_session=eyJpdiI6IkYxWlNjSFQ0UWR6QnVCUE9Cc3J1XC9BPT0iLCJ2YWx1ZSI6IlNmWXJlV2xXK0RuZ1hXZWxNT08rOVZcL2NPZ0FlTWQ4c3J1VlI4TzdZMHU1VEczb01zSXZiMVR0WlpONkw1N1lEIiwibWFjIjoiYTM2MDBiNjVlZTA2ZGNmMWEzYTNjOTM1ZDMxZjhhOTMzY2Y2MGJjY2Q3NDM0NmM3MGIxZjQzMDFiODY4MjE3OCJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/4ieUaxeb1e
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/4ieUaxeb1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: br
last-modified: Sat, 24 Nov 2018 17:17:38 GMT
server: LiteSpeed
etag: "521a1-5bf987b2-4c4790;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 114523
expires: Sun, 22 Aug 2021 06:22:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
40 KB 33ms
30ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-174907544-1

Requested by

Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ce9e33f409f56f7fc176cb0911ed6eb50a2490f378f8300d3bc6131f366c579

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40909
x-xss-protection: 0
last-modified: Sun, 15 Aug 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 15 Aug 2021 06:22:47 GMT

GET
H2 200 tag.min.js Show response
iclickcdn.com/ 59 KB
21 KB 46ms
20ms Script
text/javascript 2606:4700:20::ac43:4b09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iclickcdn.com/tag.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d155915dc255556fb696d51d847d0070941c6fc2f9ce03d869681b30b9222b24

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
age: 66533
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
x-trace-id: 2aed6761df0eae0954fad2ea08fc66f8
pragma: no-cache
last-modified: Fri, 13 Aug 2021 11:25:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecfuhts9VD9HygzBTaEEs7JOSASNh%2FG5YXuV96lpp8urXX2%2By9w7z%2FwmgFcB8%2Blh9scTzK2jJyv1250%2BhCJoXTQQQ%2FREdSi7qddivq5OtMAWlAqMvmXoPzZpVcsQz3L3sNPhieMKDaa82hM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 67f0549a7ad9d6b1-FRA
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Sun, 15 Aug 2021 11:53:53 GMT

GET
H3-29 200 Roboto-Light.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 66ms
65ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Light.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75

Request headers

sec-fetch-mode: cors
origin: https://paste.co.id
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6ImlBNHZIY0pnbHZFeGFKWHNCam5SRUE9PSIsInZhbHVlIjoiVGZHSlpuc1VpdU5oTTMwek5XdGx5Q0FjZ21OQUhyTFdESng0RlM5SzJDajJ5KzJ6cHNWS2hrYUNjYWxhSVwvNjMiLCJtYWMiOiIzZjI0NmI4MjAzZmIzOTFmZmQ3M2M3OTI5MDdmYTM5MzU5Yjg1YjQyNjExZGVlZjI5OGE3MGY1N2U0OWFiODVhIn0%3D; pasteshr_session=eyJpdiI6IkYxWlNjSFQ0UWR6QnVCUE9Cc3J1XC9BPT0iLCJ2YWx1ZSI6IlNmWXJlV2xXK0RuZ1hXZWxNT08rOVZcL2NPZ0FlTWQ4c3J1VlI4TzdZMHU1VEczb01zSXZiMVR0WlpONkw1N1lEIiwibWFjIjoiYTM2MDBiNjVlZTA2ZGNmMWEzYTNjOTM1ZDMxZjhhOTMzY2Y2MGJjY2Q3NDM0NmM3MGIxZjQzMDFiODY4MjE3OCJ9
:path: /font/roboto/Roboto-Light.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: paste.co.id
referer: https://paste.co.id/css/mdb.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
etag: "c0e4-5be452f6-900467;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 49380
expires: Sun, 22 Aug 2021 06:22:47 GMT

GET
H3-29 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 23ms
14ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://paste.co.id
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617, 617
age: 2438709
cdn-cachedat: 2021-06-08 21:27:38
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: cdafe510690689dc875ca0596a5bcb9b
accept-ranges: bytes
cf-ray: 67f0549a6d424ea3-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 Roboto-Regular.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 134ms
134ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Regular.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: LiteSpeed /
Resource Hash: b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0

Request headers

sec-fetch-mode: cors
origin: https://paste.co.id
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6ImlBNHZIY0pnbHZFeGFKWHNCam5SRUE9PSIsInZhbHVlIjoiVGZHSlpuc1VpdU5oTTMwek5XdGx5Q0FjZ21OQUhyTFdESng0RlM5SzJDajJ5KzJ6cHNWS2hrYUNjYWxhSVwvNjMiLCJtYWMiOiIzZjI0NmI4MjAzZmIzOTFmZmQ3M2M3OTI5MDdmYTM5MzU5Yjg1YjQyNjExZGVlZjI5OGE3MGY1N2U0OWFiODVhIn0%3D; pasteshr_session=eyJpdiI6IkYxWlNjSFQ0UWR6QnVCUE9Cc3J1XC9BPT0iLCJ2YWx1ZSI6IlNmWXJlV2xXK0RuZ1hXZWxNT08rOVZcL2NPZ0FlTWQ4c3J1VlI4TzdZMHU1VEczb01zSXZiMVR0WlpONkw1N1lEIiwibWFjIjoiYTM2MDBiNjVlZTA2ZGNmMWEzYTNjOTM1ZDMxZjhhOTMzY2Y2MGJjY2Q3NDM0NmM3MGIxZjQzMDFiODY4MjE3OCJ9
:path: /font/roboto/Roboto-Regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: paste.co.id
referer: https://paste.co.id/css/mdb.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
etag: "c054-5be452f6-900463;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 49236
expires: Sun, 22 Aug 2021 06:22:47 GMT

GET
H3-29 200 Roboto-Bold.woff2
paste.co.id/font/roboto/ 49 KB
49 KB 57ms
56ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Bold.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716

Request headers

sec-fetch-mode: cors
origin: https://paste.co.id
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6ImlBNHZIY0pnbHZFeGFKWHNCam5SRUE9PSIsInZhbHVlIjoiVGZHSlpuc1VpdU5oTTMwek5XdGx5Q0FjZ21OQUhyTFdESng0RlM5SzJDajJ5KzJ6cHNWS2hrYUNjYWxhSVwvNjMiLCJtYWMiOiIzZjI0NmI4MjAzZmIzOTFmZmQ3M2M3OTI5MDdmYTM5MzU5Yjg1YjQyNjExZGVlZjI5OGE3MGY1N2U0OWFiODVhIn0%3D; pasteshr_session=eyJpdiI6IkYxWlNjSFQ0UWR6QnVCUE9Cc3J1XC9BPT0iLCJ2YWx1ZSI6IlNmWXJlV2xXK0RuZ1hXZWxNT08rOVZcL2NPZ0FlTWQ4c3J1VlI4TzdZMHU1VEczb01zSXZiMVR0WlpONkw1N1lEIiwibWFjIjoiYTM2MDBiNjVlZTA2ZGNmMWEzYTNjOTM1ZDMxZjhhOTMzY2Y2MGJjY2Q3NDM0NmM3MGIxZjQzMDFiODY4MjE3OCJ9
:path: /font/roboto/Roboto-Bold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: paste.co.id
referer: https://paste.co.id/css/mdb.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
etag: "c338-5be452f6-900465;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 49976
expires: Sun, 22 Aug 2021 06:22:47 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/ 252 KB
93 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4712388827405335&plah=paste.co.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95570
x-xss-protection: 0
server: cafe
etag: 10066065015092213272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 15 Aug 2021 06:22:47 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/ Frame 0655 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210809/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk4pp-VdGn9b2Cjw4kuE6_jyW9tGjyVGn3-LvLXfMpB-a5-RLyCxQnv8E3TjA0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 14 Aug 2021 22:05:12 GMT
expires: Sat, 28 Aug 2021 22:05:12 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 29855
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
bedrapiona.com/5/3724584/ 3 KB
2 KB 168ms
55ms XHR
application/json 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/3724584/?oo=1
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 037843c170a4523394cce5f5e73d6f5769d7de9924c6e99f1c919d9c2b024e98

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 5473550a1045598d5af46c7eabedcbf0
pragma: no-cache, no-cache
date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: gzip
server: nginx
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://paste.co.id
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
259 B 63ms
63ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=paste.co.id&callback=_gfp_s_&client=ca-pub-4712388827405335

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4712388827405335&plah=paste.co.id

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

65f4906220b08ddec4711c05713e3cc864bd1e29090b662be92f4f4cf12763c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=paste.co.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paste.co.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AED9 11 KB
5 KB 98ms
97ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1629008567&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629008567504&bpp=4&bdt=363&idt=88&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7814829944796&frm=20&pv=2&ga_vid=1827750385.1629008568&ga_sid=1629008568&ga_hid=185098454&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060566%2C20211866%2C31062297&oid=3&pvsid=1555805492747483&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=104

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9790a962223dc4cd242a9c20d96356c9e0589fbf861ad7349a4aa664e52ff42c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1629008567&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629008567504&bpp=4&bdt=363&idt=88&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7814829944796&frm=20&pv=2&ga_vid=1827750385.1629008568&ga_sid=1629008568&ga_hid=185098454&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060566%2C20211866%2C31062297&oid=3&pvsid=1555805492747483&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=104
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk4pp-VdGn9b2Cjw4kuE6_jyW9tGjyVGn3-LvLXfMpB-a5-RLyCxQnv8E3TjA0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 15 Aug 2021 06:22:47 GMT
server: cafe
content-length: 4590
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7761979199bf20d25fe4726392f9e6c268295e5d179b2bb5a683cb10fb6ad0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854342869989"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27733
x-xss-protection: 0
expires: Sun, 15 Aug 2021 06:22:47 GMT

GET
H3-29 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/ 10 KB
4 KB 13ms
12ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/plugins/prismjs/prism.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 289016
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2905
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e29-29a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJEP7aGFOuhzjsf7NqFtK6xZwK9MHOMtHLkeG2k26ST7%2BoB65Vb0NzR7QYdON%2BV%2Bv6tRceX3aUEsr4nEsP8c2%2BF7gFirHdqlEn1CM6UbqXf4tGx162Xj3Kkt4%2B13TyEiktrHl%2FDCe3oaoRdB14XpDcbM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 67f0549d4d453260-FRA
expires: Fri, 05 Aug 2022 06:22:47 GMT

GET
H2 200 3724582 Show response
dozubatan.com/400/ 83 KB
30 KB 209ms
88ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dozubatan.com/400/3724582

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

9815df3f855ca2ad9a5ede72ef0ae009333d1c35b13bf54d76d497040237a6ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 45096e99db93f1e431ad935afce916b9
pragma: no-cache
date: Sun, 15 Aug 2021 06:22:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 tag.min.js Show response
pseepsie.com/pfe/current/ 15 KB
6 KB 177ms
56ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pseepsie.com/pfe/current/tag.min.js?z=4022315
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 3ccbdd96d449ac73068148c6aee1355929c04a639071892b79a98ea8f710b49b

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:43 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 13:13:52 GMT
server: nginx
etag: W/"61127b90-3bfd"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 1 Show response
toglooman.com/ 7 KB
4 KB 167ms
54ms Script
text/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/1?z=3724583
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 892809346f39c64787b639d62029c1e8b582c18a80557dada858eedc5dfb4683

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:48 GMT
content-encoding: gzip
x-sc: IMmc4yTEv9nWgadkAMmc2iSyzuVqMBHd63rDwaxeIZC19IV3FNohXwpukXFrlj8sTAq4mSKQUXzM5OsEQylnPfsRH7k=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fac.php Show response
onmarshtompor.com/ Frame 97AE 203 B
833 B 230ms
116ms Document
text/html 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/fac.php?OAID=34d87b5aae4f48b7908e409265606345&oaidts=1629008567

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

1625bcb3433fa41c25a9662ce2a69dbf859b9a6b019ef4e919cc2055108fe2e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onmarshtompor.com
:scheme: https
:path: /fac.php?OAID=34d87b5aae4f48b7908e409265606345&oaidts=1629008567
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

server: nginx
date: Sun, 15 Aug 2021 06:22:48 GMT
content-type: text/html; charset=utf8
content-length: 203
x-trace-id: 3d9dd532688aa60089894c486df0735a
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
set-cookie: OAID=34d87b5aae4f48b7908e409265606345; expires=Mon, 15 Aug 2022 06:22:48 GMT; path=/; secure; SameSite=None oaidts=1629008567; expires=Mon, 15 Aug 2022 06:22:48 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff

POST
H3-29 200 get-paste Show response
paste.co.id/ 8 KB
9 KB 1680ms
1679ms XHR
application/json 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/get-paste
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 2eae738f747093b2a339cf4d08736b86302b5e32e53510576ccb5447a4807d4a

Request headers

sec-fetch-mode: cors
origin: https://paste.co.id
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: XSRF-TOKEN=eyJpdiI6ImlBNHZIY0pnbHZFeGFKWHNCam5SRUE9PSIsInZhbHVlIjoiVGZHSlpuc1VpdU5oTTMwek5XdGx5Q0FjZ21OQUhyTFdESng0RlM5SzJDajJ5KzJ6cHNWS2hrYUNjYWxhSVwvNjMiLCJtYWMiOiIzZjI0NmI4MjAzZmIzOTFmZmQ3M2M3OTI5MDdmYTM5MzU5Yjg1YjQyNjExZGVlZjI5OGE3MGY1N2U0OWFiODVhIn0%3D; pasteshr_session=eyJpdiI6IkYxWlNjSFQ0UWR6QnVCUE9Cc3J1XC9BPT0iLCJ2YWx1ZSI6IlNmWXJlV2xXK0RuZ1hXZWxNT08rOVZcL2NPZ0FlTWQ4c3J1VlI4TzdZMHU1VEczb01zSXZiMVR0WlpONkw1N1lEIiwibWFjIjoiYTM2MDBiNjVlZTA2ZGNmMWEzYTNjOTM1ZDMxZjhhOTMzY2Y2MGJjY2Q3NDM0NmM3MGIxZjQzMDFiODY4MjE3OCJ9; __PPU_BACKCLCK_3724584=true
content-length: 63
:path: /get-paste
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: paste.co.id
referer: https://paste.co.id/4ieUaxeb1e
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://paste.co.id/4ieUaxeb1e
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 15 Aug 2021 06:22:49 GMT
server: LiteSpeed
x-ratelimit-remaining: 58
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
set-cookie: XSRF-TOKEN=eyJpdiI6IkR2eDZub0p0UFhaNG95dmJNTUhuTUE9PSIsInZhbHVlIjoiRURqNHRMMnQzUnlxNmd6TFhHTEd0WXpSY0ZsN0RwdHdBeDZiWHlGRFhpdTRhVEtMQnpyOE5kdVBxRHJvaUo4WSIsIm1hYyI6ImFiODA2M2VlOWUzNDZlMjQ4MWM0N2EzNTkzYmM1YmY2OGM4NzUzMjU0ZjUyZTgwZGEyOGExODYzNTExZDg3NzMifQ%3D%3D; expires=Sun, 15-Aug-2021 08:22:49 GMT; Max-Age=7200; path=/ pasteshr_session=eyJpdiI6Iklvb2hRcXNpb0ZIWnp0UHJyNWN5ZlE9PSIsInZhbHVlIjoiNG5rVG9FaE1uR1VncUFuRUNsZkpcL0ZtQXJQOXVHNWhxNTZGak9Uakl6T3JCSXRYd2VDRmp2YmJwSkp3eWlVUGEiLCJtYWMiOiJiN2ZlNDdlNDA2ODJhNjNmYzQ2Yjk5OWU1ZTMyMjg4MTNjZmE3MzExM2U5NGI0MTIxZWE0ODc4NDIwZmM5ZDRlIn0%3D; expires=Sun, 15-Aug-2021 08:22:49 GMT; Max-Age=7200; path=/; httponly
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 zone Show response
seeptoag.net/ 696 B
980 B 54ms
53ms Fetch
application/json 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/zone?pub=0&zone_id=3534037&is_mobile=false&domain=paste.co.id&var=&ymid=&var_3=

Requested by

Host: seeptoag.net
URL: https://seeptoag.net/ntfc.php?p=3534037

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

05aac4daed2f382b848ccb60a6d71e5aca949cd9f9c8a45dedb8c92123dc073c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: e64c652ba89c55513f6da5f9aa64bfe0
date: Sun, 15 Aug 2021 06:22:47 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 696

GET
H2 200 universal.min.js Show response
seeptoag.net/pfe/current/ 106 KB
38 KB 177ms
64ms Fetch
application/javascript 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/pfe/current/universal.min.js?v=3.1.309
Requested by: Host: seeptoag.net
URL: https://seeptoag.net/ntfc.php?p=3534037
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 35751fd45cc96fc57e090b12cb1e4be8c29c99c930cc679874c6a9009c64b2f1

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:48 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 13:13:56 GMT
server: nginx
etag: W/"61127b94-1a71b"
content-type: application/javascript
access-control-allow-origin: https://paste.co.id
cache-control: no-cache
access-control-allow-credentials: true

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137362802-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-174907544-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2603fd21cab12d15dc63ad9db6368d6874de54d5f15bf90191d1fcdbe05b978d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40929
x-xss-protection: 0
last-modified: Sun, 15 Aug 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 15 Aug 2021 06:22:47 GMT

GET
H3-29 200 paste.co.id.997452.es6.js Show response
jsc.mgid.com/p/a/ 229 KB
64 KB 141ms
69ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 367ea4a2337e669a6eeec1f614332c274bb6bb42706d0676516bd43c0c4ac0f5

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:48 GMT
content-encoding: br
cf-cache-status: HIT
age: 1655
last-modified: Wed, 11 Aug 2021 13:01:06 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 11CXMGF7BE7R9ZHG
x-amz-id-2: 0xtPTgHB/wHf9660SoPT9OcVmUVdP/+9OORXAJzMN5U27Od/cKGF1hocDsjfVQ16q1bVKjvb96o=
cf-bgj: minify
server: cloudflare
etag: W/"66d496ae6cda6046a274cae77419fd34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 67f0549e3d884c55-AMS
expires: Sun, 15 Aug 2021 09:22:48 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=paste.co.id

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 15 Aug 2021 06:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paste.co.id

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 15 Aug 2021 06:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 64F7 436 B
232 B 72ms
71ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.1227730195~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1629008568&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629008568047&bpp=3&bdt=906&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c9c1b0639c58d24-22b58ae4abc9006c%3AT%3D1629008567%3ART%3D1629008567%3AS%3DALNI_MYGv-J38OpAk9gfK_3xPjiNRS6hvg&prev_fmts=0x0&nras=2&correlator=7814829944796&frm=20&pv=1&ga_vid=1827750385.1629008568&ga_sid=1629008568&ga_hid=185098454&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060566%2C20211866%2C31062297&oid=3&pvsid=1555805492747483&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1EQgetdVFN&p=https%3A//paste.co.id&dtd=12

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a386063aa65786c63bd34620a5c41db370aac4f41da95196435b67f79505f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.1227730195~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1629008568&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629008568047&bpp=3&bdt=906&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c9c1b0639c58d24-22b58ae4abc9006c%3AT%3D1629008567%3ART%3D1629008567%3AS%3DALNI_MYGv-J38OpAk9gfK_3xPjiNRS6hvg&prev_fmts=0x0&nras=2&correlator=7814829944796&frm=20&pv=1&ga_vid=1827750385.1629008568&ga_sid=1629008568&ga_hid=185098454&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1381&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060566%2C20211866%2C31062297&oid=3&pvsid=1555805492747483&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1EQgetdVFN&p=https%3A//paste.co.id&dtd=12
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk4pp-VdGn9b2Cjw4kuE6_jyW9tGjyVGn3-LvLXfMpB-a5-RLyCxQnv8E3TjA0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 15 Aug 2021 06:22:48 GMT
server: cafe
content-length: 212
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D3E6 436 B
231 B 77ms
77ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=1213588912&adf=2179270891&pi=t.aa~a.2711115096~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1629008568&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629008568047&bpp=1&bdt=905&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c9c1b0639c58d24-22b58ae4abc9006c%3AT%3D1629008567%3ART%3D1629008567%3AS%3DALNI_MYGv-J38OpAk9gfK_3xPjiNRS6hvg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7814829944796&frm=20&pv=1&ga_vid=1827750385.1629008568&ga_sid=1629008568&ga_hid=185098454&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1705&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060566%2C20211866%2C31062297&oid=3&pvsid=1555805492747483&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=mFiI9C6kyE&p=https%3A//paste.co.id&dtd=17

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06e2b53476f3d29ccba94a06f1b4f1759a6884fa64accac8d98d1c6c32ea2e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=1213588912&adf=2179270891&pi=t.aa~a.2711115096~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1629008568&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629008568047&bpp=1&bdt=905&idt=-M&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c9c1b0639c58d24-22b58ae4abc9006c%3AT%3D1629008567%3ART%3D1629008567%3AS%3DALNI_MYGv-J38OpAk9gfK_3xPjiNRS6hvg&prev_fmts=0x0%2C1200x280&nras=3&correlator=7814829944796&frm=20&pv=1&ga_vid=1827750385.1629008568&ga_sid=1629008568&ga_hid=185098454&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1705&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060566%2C20211866%2C31062297&oid=3&pvsid=1555805492747483&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=mFiI9C6kyE&p=https%3A//paste.co.id&dtd=17
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk4pp-VdGn9b2Cjw4kuE6_jyW9tGjyVGn3-LvLXfMpB-a5-RLyCxQnv8E3TjA0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 15 Aug 2021 06:22:48 GMT
server: cafe
content-length: 211
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6AF1 436 B
233 B 85ms
84ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=90&adk=2820297975&adf=1011119886&pi=t.aa~a.2711115096~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1629008568&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x90&url=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629008568047&bpp=1&bdt=906&idt=1&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c9c1b0639c58d24-22b58ae4abc9006c%3AT%3D1629008567%3ART%3D1629008567%3AS%3DALNI_MYGv-J38OpAk9gfK_3xPjiNRS6hvg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=7814829944796&frm=20&pv=1&ga_vid=1827750385.1629008568&ga_sid=1629008568&ga_hid=185098454&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2181&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060566%2C20211866%2C31062297&oid=3&pvsid=1555805492747483&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=aTaKIYrspz&p=https%3A//paste.co.id&dtd=20

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1dac04b01c214f149c0bc46bb191036f3d7c0552daae90c2f53d0b1e818d21d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&h=90&adk=2820297975&adf=1011119886&pi=t.aa~a.2711115096~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1629008568&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x90&url=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629008568047&bpp=1&bdt=906&idt=1&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1c9c1b0639c58d24-22b58ae4abc9006c%3AT%3D1629008567%3ART%3D1629008567%3AS%3DALNI_MYGv-J38OpAk9gfK_3xPjiNRS6hvg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=7814829944796&frm=20&pv=1&ga_vid=1827750385.1629008568&ga_sid=1629008568&ga_hid=185098454&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2181&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C31060566%2C20211866%2C31062297&oid=3&pvsid=1555805492747483&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=aTaKIYrspz&p=https%3A//paste.co.id&dtd=20
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk4pp-VdGn9b2Cjw4kuE6_jyW9tGjyVGn3-LvLXfMpB-a5-RLyCxQnv8E3TjA0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 15 Aug 2021 06:22:48 GMT
server: cafe
content-length: 213
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137362802-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 4147
date: Sun, 15 Aug 2021 05:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Sun, 15 Aug 2021 07:13:41 GMT

GET
H2 200 e7a959b3ff1528f9d4a38ed63f661a7b Show response
toglooman.com/27/ 362 KB
119 KB 82ms
82ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://toglooman.com/27/e7a959b3ff1528f9d4a38ed63f661a7b

Requested by

Host: toglooman.com
URL: https://toglooman.com/1?z=3724583

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

18da111eb5ece7a9f442894197a95bdc0fe92c7327fcb5a1b4451ed615f9f70f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 30 Jul 2021 07:48:38 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age:290304000, public
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Fri, 29 Aug 2081 07:48:38 GMT

GET
H2 200 38 Show response
toglooman.com/42/ 0
495 B 143ms
142ms Script
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/42/38?z=3724583
Requested by: Host: toglooman.com
URL: https://toglooman.com/1?z=3724583
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:48 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 zone Show response
pseepsie.com/ 665 B
949 B 58ms
57ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pseepsie.com/zone?pub=0&zone_id=4022315&is_mobile=false&domain=paste.co.id&var=&ymid=&var_3=

Requested by

Host: pseepsie.com
URL: https://pseepsie.com/pfe/current/tag.min.js?z=4022315

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ab8f37f741cf32cd630a5c5a074982b5687c96f14705d01b3fb6abd764ca5704

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 8774a2a41c9791b3487262bb40292c5a
date: Sun, 15 Aug 2021 06:22:43 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 665

GET
H2 200 universal.min.js Show response
pseepsie.com/pfe/current/ 106 KB
38 KB 177ms
65ms Fetch
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pseepsie.com/pfe/current/universal.min.js?v=3.1.309
Requested by: Host: pseepsie.com
URL: https://pseepsie.com/pfe/current/tag.min.js?z=4022315
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 35751fd45cc96fc57e090b12cb1e4be8c29c99c930cc679874c6a9009c64b2f1

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:48 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 13:13:56 GMT
server: nginx
etag: W/"61127b94-1a71b"
content-type: application/javascript
access-control-allow-origin: https://paste.co.id
cache-control: no-cache
access-control-allow-credentials: true

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=185098454&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&ul=en-us&de=UTF-8&dt=NETFLIX.US%20-%20Paste.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=535186985&gjid=1644156385&cid=1827750385.1629008568&tid=UA-137362802-1&_gid=223466922.1629008568&_r=1&gtm=2ou8b0&z=1922921911

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=185098454&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&ul=en-us&de=UTF-8&dt=NETFLIX.US%20-%20Paste.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAUABAAAAAC~&jid=1676008010&gjid=1013275122&cid=1827750385.1629008568&tid=UA-174907544-1&_gid=223466922.1629008568&_r=1&gtm=2ou8b0&z=1187759598

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
85 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-137362802-1&cid=1827750385.1629008568&jid=535186985&gjid=1644156385&_gid=223466922.1629008568&_u=YAhAAUAAAAAAAC~&z=1622820157

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 15 Aug 2021 06:22:48 GMT
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
111 B 17ms
16ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-137362802-1&cid=1827750385.1629008568&jid=535186985&_u=YAhAAUAAAAAAAC~&z=651491151

Requested by

Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-137362802-1&cid=1827750385.1629008568&jid=535186985&_u=YAhAAUAAAAAAAC~&z=651491151

Requested by

Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 175ms
59ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

0f6a786478d82fb0747ea4be72cb7140198d3042cd48bf1a1c69d9de8a3b1721

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:48 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 img.gif
my.rtmark.net/ Frame 97AE 43 B
491 B 131ms
59ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=34d87b5aae4f48b7908e409265606345

Requested by

Host: onmarshtompor.com
URL: https://onmarshtompor.com/fac.php?OAID=34d87b5aae4f48b7908e409265606345&oaidts=1629008567

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://onmarshtompor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:48 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 online.js Show response
static.lalaping.com/ 84 KB
34 KB 38ms
14ms Script
application/javascript 2606:4700:20::681a:87b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lalaping.com/online.js?ver=2.0.0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/e7a959b3ff1528f9d4a38ed63f661a7b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:87b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 17:10:39 GMT
server: cloudflare
age: 5959
etag: W/"5fbbed0f-14f3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=doEtCfx7%2B4q8y4y%2FaA1xkWp0KtzRM6LNmyJf2EO%2BBTLW4sUnc0pSt0%2Byefz%2B%2BYadwKP5X8dmvTfp442R8idC0OQ2PD3SQAnoU0uUGfJISlJila2%2F69uFHxccvYLrp6ijr0AGFbSZFtYu08Tob2aZgaY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67f054a00d054a5c-FRA

POST
H2 204 9 Show response
toglooman.com/ 0
506 B 55ms
55ms XHR
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=3724583&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=8&sah=1200&drf=&hil=2&ist=0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/e7a959b3ff1528f9d4a38ed63f661a7b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:48 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 9
toglooman.com/ Frame 0
0 217ms
56ms Preflight 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=3724583&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=8&sah=1200&drf=&hil=2&ist=0
Protocol: H2
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 15 Aug 2021 06:22:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://paste.co.id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 custom
seeptoag.net/ Frame 0
0 59ms
58ms Preflight
text/plain 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: H2
Server: 139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 15 Aug 2021 06:22:48 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

POST
H2 200 custom Show response
seeptoag.net/ 39 B
322 B 55ms
53ms Fetch
application/json 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: c97c3b40c362241a001e613d6383f5af
date: Sun, 15 Aug 2021 06:22:48 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 59ms
59ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=d45e6247f21f4583bf2d8bdd8ad7f428&zoneId=3534037&checkDuplicate=true&ymid=&var=

Requested by

Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2d8d454f48d0f9a93a7cafe7de7313ee18873ebdd6293db800c3b85c697ccf2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:48 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3-29 200 googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 5 KB
5 KB 15ms
14ms Image
image/png 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5087
x-xss-protection: 0
expires: Sun, 15 Aug 2021 06:22:48 GMT

GET
H3-29 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 16ms
14ms Image
image/png 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5969
x-xss-protection: 0
expires: Sun, 15 Aug 2021 06:22:48 GMT

GET
H3-29 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 13 KB
13 KB 17ms
16ms Image
image/png 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13504
x-xss-protection: 0
expires: Sun, 15 Aug 2021 06:22:48 GMT

GET
H3-29 200 googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 7 KB
7 KB 16ms
15ms Image
image/png 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
expires: Sun, 15 Aug 2021 06:22:48 GMT

GET
H3-29 200 googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 4 KB
4 KB 16ms
16ms Image
image/png 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3934
x-xss-protection: 0
expires: Sun, 15 Aug 2021 06:22:48 GMT

GET
H2 200 3509488 Show response
inpagepush.com/500/ 4 KB
2 KB 62ms
62ms XHR
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3509488?excludes=&oaid=4ca996ee02854a06b3a6016228c81388&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=8&pl=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e1b6ef9150f5c24f7cee453563b768021e71631942c38864496162c14cef0e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 66a6946d73c8a5e9d013f40eb058bd2f
pragma: no-cache
date: Sun, 15 Aug 2021 06:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H2 200 3509488
inpagepush.com/500/ Frame 0
0 160ms
52ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 15 Aug 2021 06:22:47 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://paste.co.id
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 defaultSkin.min.js Show response
seeptoag.net/pfe/current/ 56 KB
19 KB 67ms
67ms Fetch
application/javascript 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/pfe/current/defaultSkin.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:48 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 13:13:56 GMT
server: nginx
etag: W/"61127b94-df63"
content-type: application/javascript
access-control-allow-origin: https://paste.co.id
cache-control: no-cache
access-control-allow-credentials: true

OPTIONS
H2 200 custom
seeptoag.net/ Frame 0
0 57ms
57ms Preflight
text/plain 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: H2
Server: 139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 15 Aug 2021 06:22:48 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba45b9535d8b81f446e72a0f37425bb253fe5a084d71d58830fb19f48d3f3529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49910
x-xss-protection: 0
server: cafe
etag: 16784155829801746734
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 15 Aug 2021 06:22:48 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 17ms
17ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210809&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8f2d5fcc19c20f7d74b6717348dc6491901cc8bc62b121607d79d1e49c3b9f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 15 Aug 2021 06:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8560
x-xss-protection: 0

POST
H2 200 custom Show response
seeptoag.net/ 39 B
322 B 53ms
53ms Fetch
application/json 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 9f9f42f9c1f89c3e3e5560f534bbd057
date: Sun, 15 Aug 2021 06:22:48 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sun, 15 Aug 2021 06:22:48 GMT

GET
DATA 200
OK truncated
/ Frame 04EB 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H2 200 custom
seeptoag.net/ Frame 0
0 56ms
56ms Preflight
text/plain 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: H2
Server: 139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 15 Aug 2021 06:22:48 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

POST
H2 200 custom Show response
seeptoag.net/ 39 B
322 B 53ms
53ms Fetch
application/json 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/4ieUaxeb1e

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: df5521ff7c1b808a06052f103f833697
date: Sun, 15 Aug 2021 06:22:48 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 6DAB 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sat, 14 Aug 2021 22:53:34 GMT
expires: Sun, 14 Aug 2022 22:53:34 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 26954
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4D03 783 B
532 B 18ms
18ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

54bb0f0d91ef1fda384317352da6d7a7035fa12c2f4886984223d6a7b8f9a298

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lbtXND1FsU8u1OfREN9MAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

expires: Sun, 15 Aug 2021 06:22:48 GMT
date: Sun, 15 Aug 2021 06:22:48 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-lbtXND1FsU8u1OfREN9MAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DAB 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gNlTKBZ5R8AAOiwGb4ScEkJ-hJdRSD5i8Nb9VbYnj7U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80d95328167947c0003a2c066f849c12427e849751483e62f0d6fd55b6278fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 05:28:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13306
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 05:28:24 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
281 B 123ms
115ms Script
text/plain 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1629008568536350415720&uniqId=00dd0&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&lu=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&sessionId=6118b2b9-12499&pageView=1&pvid=17b487a20d8a3791311&site=414527&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f054a19e994242-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 64ms
62ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:48 GMT
content-encoding: br
cf-cache-status: HIT
age: 1076
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 26D5PESFJ3W3C6DA
x-amz-id-2: eutjixPqny2kLtVDkSPgrFz3u2lxc4FXrDErS9xMhTrXgSAmhHeBctWPt+h98HIq6AOxJRjeSOM=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 67f054a1deee4242-AMS
expires: Mon, 16 Aug 2021 06:22:48 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
904 B 62ms
61ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:48 GMT
content-encoding: br
cf-cache-status: HIT
age: 2760
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 67f054a1deec4242-AMS
expires: Mon, 16 Aug 2021 06:22:48 GMT

GET
H/1.1 200
OK 0987259079146.png
static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/ 3 KB
4 KB 233ms
56ms Image
image/png 139.45.197.156
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/0987259079146.png
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c82db013fed13514116da0fca58e0a4ee83721d82a892d7ddab12cf2461aa2b0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 15 Aug 2021 06:22:48 GMT
Last-Modified: Thu, 15 Oct 2020 16:08:39 GMT
Server: nginx
ETag: "5f887407-c2f"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 3119

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 29ms
28ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210809&jk=1555805492747483&bg=!-Pul-7_NAAbOj6irzo87ACkAdvg8WnHma4XTpJuDBF-QmOq-3l5ynb0ln4rKOuO3fx1ZyFgo11XBtAIAAACVUgAAAApoAQcKAMyBErK3KOSMQBCR_jsopjMJF7GefkKEpMXA9063WoFrMc6kECqmHXA59E2VYdqCe80gAnSTeG7hvAs_TxApPaBLcChYk9XXDLKeC0x7TkXTn8sYWdqs3kAotw6ywJhGV2bqYzoJiplX-P13UbdXXQlPNJJ9-DbchBK4Ik-3qlQt9QpkBCy9VobGzzF20ocGknFBQBiBthgbdB8uCTVBGQJDZDMGV0YNMnA8NOo-zWmdPtpGsvxa_Sh09Vfc1HRlVudK221yat5AxJGNe6uZAmznmCfO3S12frE-XL7Fs7UEjey_S9hNTEisksy1QfBtxXGHZ-SUJDNVgjipJfvYp1FX6CxJvzkiDtQ1VQAZBZdYMx3NpXyljsqrUMhwWRPeRTqml7tty2FwGpNVGd4SZzk-cWS4zewBC0aYo9WuvM6wtnS6Y_WIpHS1T2yf2DfAukBbdZXaZzHT81NbO3mSq7tSHHXn2wrtmHG06v1oncmOEruyWWARHvSijNT9381xVhrdb8LF5pqALypo9oRdgbun-zEYU85K-LwG8axkMQM4awxhoI7Ztrv1pAv-nUOcFEJ4k9EZe8rjMYORRkXBzKB5DKNnM-J8yLNJg3bpv6gYP7mCcTxwswp3D6XWz0hYe1ruBN0QZ_M5-dq-5uR3wz0BTBYVz6LrmU6ERjXeqe1ckXc92ar_qux3-v-MO4VPFsSkd_xkwenmD2LRMtmgJPnHJeDtgCqxaW-L7MRSbg6HWefxbSS9gb6gtzoIl9sV1IeH5M8biK7hS7i_AuJlj4tIJ5nCYVVPCvbvuFue5ukuCxvFNXs7-Gk-sZE4_O5UcMTMe3_MdnIk8HkfQ-gTgPrbJRTG1SQbdNiQYpH3-iHDADlil_2EsPXT6_uPYV9cnj5wZ-XGO4aEgYIkRiQ4PUT7-XKgs-EKYkkTCIZ1zz-jXwN7QRWzQw2hB-8UAZqLTYYCcWJVoPW5oLogA0vo_NxnxbcTAGUUDz4n2OgjQM8Owh3uiNuIuA07LtQKmWoCHzXiwW6V6s3pZA_OByDdUqjVZ8fUHFRIYkWBBlZvd58zgnrJmKTjqw6GcxFNecmUaDsOxz2uRQYLOw2sDQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 109ms
106ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?pv=5&cbuster=1629008568854515612486&uniqId=00dd0&niet=4g&nisd=false&jsv=es6&w=840&h=249&p3_w=201&p3_h=203&maxw_3=201&maxh_3=203&cols=4&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&lu=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&sessionId=6118b2b9-12499&pageView=1&pvid=17b487a20d8a3791311&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5352a55960f1a7cfd65755494826c383ffa2d218c7dd5fc12c97d068fe217c

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f054a388874242-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 114ms
113ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?w=840&h=249&p3_w=201&p3_h=203&maxw_3=201&maxh_3=203&cols=4&pv=5&cbuster=162900856885445651984&uniqId=03899&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&lu=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&sessionId=6118b2b9-12499&pageView=0&pvid=17b487a20d8a3791311&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c83e2f82550ff4c8374b20c37551fb72a430f4a27405c54dcce727785c443ca

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f054a388884242-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 108ms
107ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?w=255&h=441&p3_w=90&p3_h=177&maxw_3=90&maxh_3=177&cols=2&pv=5&cbuster=1629008568854219633710&uniqId=115d0&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&lu=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&sessionId=6118b2b9-12499&pageView=0&pvid=17b487a20d8a3791311&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bef4e4346c2bfdd0f1cb7be5e922acf490b850eefe84672014125e2be79b042

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f054a388894242-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 69ms
69ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:49 GMT
content-encoding: br
cf-cache-status: HIT
age: 1077
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 26D5PESFJ3W3C6DA
x-amz-id-2: eutjixPqny2kLtVDkSPgrFz3u2lxc4FXrDErS9xMhTrXgSAmhHeBctWPt+h98HIq6AOxJRjeSOM=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 67f054a44bf84c55-AMS
expires: Mon, 16 Aug 2021 06:22:49 GMT

GET
H3-29 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 70ms
69ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:49 GMT
content-encoding: br
cf-cache-status: HIT
age: 2761
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 67f054a44bfa4c55-AMS
expires: Mon, 16 Aug 2021 06:22:49 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC81MTkxYzA2OTg5NGRjNmYzN...
s-img.mgid.com/g/8164852/492x328/-/ 22 KB
22 KB 260ms
142ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164852/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC81MTkxYzA2OTg5NGRjNmYzNTQ3ZDA4ODNmMWMyYmJkOC5qcGc.webp?v=1629008568-tjgqq1-_QxaislTm6mBQbjdk9ycDitfMXT1sLQ9jODo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f24df750dbf6833dcce069a043790635ecb6f58c6b3ee581f8ef8b0cbb7526bc

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:49 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:37:56 GMT
x-mg-request-uuid: 1a0a91cb-5645-4b7d-bdfc-576f1395e806
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67f054a4faa000fc-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 22402
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2QyYzViNjdkODVlNDE3ZDM0YWVmN2Q3YjhiZGEwZmJjLmpwZWc.webp
s-img.mgid.com/g/8164860/492x328/0x0x831x554/ 9 KB
10 KB 191ms
73ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164860/492x328/0x0x831x554/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2QyYzViNjdkODVlNDE3ZDM0YWVmN2Q3YjhiZGEwZmJjLmpwZWc.webp?v=1629008568-F_Atsp0MEss4tuiR88qRF_vs4efkGAZhiM0zhiGV1I4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89e8c9f38453550ebee24fafe934daad8cc913a3e55b941db1b72a97b49554ac

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:49 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:38:16 GMT
x-mg-request-uuid: 0409bb0f-2eb0-4e40-8ef3-fd3a4ef6b01d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67f054a4fa9d00fc-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9726
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2E5M2RiOGJlNTg5ZDYxZGFmYmRmMmNlM2U0MDdlOTBmLmpwZWc.webp
s-img.mgid.com/g/8164845/492x328/0x0x1083x722/ 24 KB
25 KB 295ms
177ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164845/492x328/0x0x1083x722/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2E5M2RiOGJlNTg5ZDYxZGFmYmRmMmNlM2U0MDdlOTBmLmpwZWc.webp?v=1629008568--nIp8ayA532HfsEax2UrQSZMHCTZ1qkhiKIHNHJ60Lo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71f4b05dbf75a7e80faa7bf2c09428d1089d1ca8bb390a188c008c876bcabe2d

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:49 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 11:33:58 GMT
x-mg-request-uuid: cfc75c73-aa32-478d-bb4a-34fddc6bde71
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67f054a4fa9e00fc-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 24792
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp
s-img.mgid.com/g/8164865/492x328/0x0x900x600/ 21 KB
22 KB 261ms
144ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164865/492x328/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp?v=1629008568-kxB6HqQ2FRAHU79yUWr3KEo9IbC7DIA-h3Q4PCmeqcc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab2ce846645a378c14a61fb0d42a9ef4078e67db914d2d85ecd47c855fecfcc0

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:49 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:33:59 GMT
x-mg-request-uuid: e68afe8e-260d-43cf-9239-330cd57f23aa
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67f054a4faa500fc-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 21960
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2I0MWU3ZTY0MDJhNzY1YzcxNDk5ZmE4ZGI4ZTM3YmUxLmpwZWc.webp
s-img.mgid.com/g/8193492/492x328/0x0x728x485/ 29 KB
30 KB 222ms
106ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193492/492x328/0x0x728x485/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2I0MWU3ZTY0MDJhNzY1YzcxNDk5ZmE4ZGI4ZTM3YmUxLmpwZWc.webp?v=1629008568-3JTVzbftWkXyoXDlIHKZAfEsE356we1zb9WGqy-co_8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0496a22875ff611c9a1f8c81bed099d167e85ebe733686160052f326d71c1fc1

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:49 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:26:09 GMT
x-mg-request-uuid: 51f5ac26-2e45-40e8-bdc1-d222d5457bc1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67f054a4faa400fc-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 30000
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2E4NDA5NTEwMTIzMTAwNWVmMTM2YjAzM2UyMDFlNTU5LnBuZw.webp
s-img.mgid.com/g/8164888/492x328/0x82x614x409/ 13 KB
13 KB 192ms
77ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164888/492x328/0x82x614x409/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2E4NDA5NTEwMTIzMTAwNWVmMTM2YjAzM2UyMDFlNTU5LnBuZw.webp?v=1629008568-9_ZGN3Rbpu6faLYYEF0uewiX8txybu_2tpvW5kU1pbY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecea4b30252d5bc011c7f9cafcac4239a9eb11f2dd8cd9dbc073073f875e8af8

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:49 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:57:34 GMT
x-mg-request-uuid: 98cfebdf-e4b5-47ee-a329-a50d149766b7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67f054a4faa300fc-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13280
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp
s-img.mgid.com/g/8164883/492x328/0x0x492x328/ 12 KB
12 KB 163ms
163ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164883/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp?v=1629008568-5kCoWosDxIfDo9Y4tJis0RerPjY1II0fpgteRMwGyNA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a63c2e07501d472fb7b360f00b8eae5dc9908378b75f54a1169916801e09cf45

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:49 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 11:34:19 GMT
x-mg-request-uuid: f5bbbdc7-2137-45cc-b558-81f321db3947
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67f054a53ada00fc-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12446
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp
s-img.mgid.com/g/8193501/492x328/16x0x492x328/ 10 KB
10 KB 126ms
125ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193501/492x328/16x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1629008568-Hu-KNG9koF_Np_KbpcVnPmSAcfr5MRVKKPhY62YXCI4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df205e3074c950bfb046901fe741685bfcebbe84986dcf38d06a531796a1aa89

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:49 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:22:12 GMT
x-mg-request-uuid: 2eb35476-6856-40ee-aeda-ceddd987fc3c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67f054a53adb00fc-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10296
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDYvMTAxOTI0LzExZWEyMDkxYmFhZWUzYjA1NTIxZmI4NmUxMTQ0YTAxLmpwZWc.webp
s-img.mgid.com/g/8164920/492x328/0x0x603x402/ 10 KB
10 KB 236ms
144ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164920/492x328/0x0x603x402/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDYvMTAxOTI0LzExZWEyMDkxYmFhZWUzYjA1NTIxZmI4NmUxMTQ0YTAxLmpwZWc.webp?v=1629008568-kwZwdLhOH0BdB17DvMy-bKhGnClgDZBgNvJJXs_Tdt0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6af808ed9e7bff50752fa079ce83791261e95d70f058589b92c0427355680380

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:49 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:26:24 GMT
x-mg-request-uuid: a637a240-f578-464b-9920-766594643b1c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67f054a51ac900fc-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10134
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzllOTNiZTE1MDgyNTBmNGU2M2M1ZDM5OWFhOGU0ZTA4LmpwZWc.webp
s-img.mgid.com/g/8164890/492x328/0x0x900x600/ 10 KB
10 KB 249ms
156ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164890/492x328/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzllOTNiZTE1MDgyNTBmNGU2M2M1ZDM5OWFhOGU0ZTA4LmpwZWc.webp?v=1629008568-0PECYz8KVpJiG9dErCZQXXByQj0DpDJFcRBvPq482W0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eb3b9de71c245edbae191d4a29ed5ddea11a3a6bc9c58941077aaef99f0c74b

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:49 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:54:55 GMT
x-mg-request-uuid: f358bc6c-38e6-45e2-9f68-c8116bfbce8d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67f054a51aca00fc-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10004
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp
s-img.mgid.com/g/8164912/492x328/0x0x1081x720/ 12 KB
13 KB 236ms
143ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164912/492x328/0x0x1081x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp?v=1629008568-YdZcfqgqhIQ0PWUJRMxUUMVgvL5iRO4asTH5TwhemO4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d290daa6e15ba87ab2163d78a8d1f73ab6e9dd6d9c3e6c165eec487b0beaae05

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:49 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:25:56 GMT
x-mg-request-uuid: ddc6dff4-79cc-48da-9c39-0e1859ecbb39
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67f054a4fa9b00fc-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12780
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0LzhhODJhNjRlMDkzY2I5ZTcwMGU3ZjMxZTQzYmNlMTMzLmpwZWc.webp
s-img.mgid.com/g/8193533/492x328/0x79x1041x694/ 28 KB
29 KB 224ms
131ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193533/492x328/0x79x1041x694/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0LzhhODJhNjRlMDkzY2I5ZTcwMGU3ZjMxZTQzYmNlMTMzLmpwZWc.webp?v=1629008568-7CyXGuMwDUoF04K1Fa262onuMVwus3d6WytWJcVvU24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b6a8201393a7d86ac6afb0e682a2fb8494d79a40e013fd679aebad86a3d2157

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:49 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:52:46 GMT
x-mg-request-uuid: 93560259-a5ef-4698-aeb4-040a6d68fd46
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67f054a4fa9c00fc-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 29002
server: cloudflare

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
894 B 111ms
103ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1629008569034107043708
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9e5d125996daf936a5f8c8e84c3acd49d9dffdd24ed4ddbb393b2cd85892f20

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: e93ea0d8-3a61-450d-a5d6-2e5c9ff77c75
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f054a4a9f94242-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame A25A 19 B
164 B 106ms
106ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1629008569046364493551
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 73079efb-7f28-4d09-95dc-92010e6cf464
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f054a4b9ff4242-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 61ms
61ms Script
application/javascript 54.192.219.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.219.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-219-96.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 05:58:50 GMT
via: 1.1 0d8fb9ea76ca48d1884fa97507d30086.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1440
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: MRS52-P2
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: IKGK57MzPB27DQEjUvI8YY7Ruhfqoj-Z5PBMPVIoi0lAWkHLZJb0fw==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1629008569139&ns_c=UTF-8&cv=3.5&c8=NETFLIX.US%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1629008569139&ns_c=UTF-8&cv=3.5&c8=NETFLIX.US%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&c9=

64 B
330 B

80ms
80ms

Image
image/gif

54.192.219.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1629008569139&ns_c=UTF-8&cv=3.5&c8=NETFLIX.US%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.219.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-219-96.mrs52.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 06:22:49 GMT
via: 1.1 0d8fb9ea76ca48d1884fa97507d30086.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-P2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: RYaNSOzIcjppB1Z7Kgs0iASSwX-8UGckWkbnY2s6eRZGperUmz_n3w==

Redirect headers

date: Sun, 15 Aug 2021 06:22:49 GMT
via: 1.1 0d8fb9ea76ca48d1884fa97507d30086.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-P2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1629008569139&ns_c=UTF-8&cv=3.5&c8=NETFLIX.US%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&c9=
content-length: 197
x-amz-cf-id: b1wf4pJ4uBk6CtuSh3JfgbOi5rIddmYMi_NVG0yw2BROkegxqnTcjQ==

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 7C93
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

281 B
554 B

144ms
49ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1629008569034107043708
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://paste.co.id/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 15 Aug 2021 06:22:49 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Sun, 15 Aug 2021 06:22:49 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 3FEE 1 KB
879 B 84ms
25ms Document
text/html 2a0c:5c81:5139::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=658327
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1629008569034107043708
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://paste.co.id/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

Server: VertaMedia 1.0
Date: Sun, 15 Aug 2021 06:22:48 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 600
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H2

200

setuid
mp.4dex.io/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l7eMR7Hsb3mn
https://mp.4dex.io/setuid?bidder=bidswitch&uid=e931e311-4a2d-47f6-a0d4-0fd572f1a439&gdpr=&gdpr_consent=&us_privacy=

0
364 B

146ms
52ms

Image
text/plain

35.227.247.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mp.4dex.io/setuid?bidder=bidswitch&uid=e931e311-4a2d-47f6-a0d4-0fd572f1a439&gdpr=&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.247.230 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 230.247.227.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:49 GMT
via: 1.1 google
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
expires: 0

Redirect headers

location: //mp.4dex.io/setuid?bidder=bidswitch&uid=e931e311-4a2d-47f6-a0d4-0fd572f1a439&gdpr=&gdpr_consent=&us_privacy=
date: Sun, 15 Aug 2021 06:22:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
413 B 227ms
112ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l7eMR7Hsb3mn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:49 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 67f054a609edfa88-AMS
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=9aafbfb9-38d5-45e5-9824-c2a7b4ca46cb&ttl=1631600569

43 B
506 B

108ms
108ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=9aafbfb9-38d5-45e5-9824-c2a7b4ca46cb&ttl=1631600569
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:49 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 85d482e1-c4ff-484a-87fd-7975a20c762b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f054a5bd804c55-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:49 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=9aafbfb9-38d5-45e5-9824-c2a7b4ca46cb&ttl=1631600569
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H3-29

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDdlTVI3SHNiM21u&muidn=l7eMR7Hsb3mn
https://cm.mgid.com/google?muidn=l7eMR7Hsb3mn&google_ula={guid},5&google_gid=CAESEM4y7YAvuZk4acQ9YWudin8&google_cver=1

0
369 B

99ms
99ms

Image
text/plain

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l7eMR7Hsb3mn&google_ula={guid},5&google_gid=CAESEM4y7YAvuZk4acQ9YWudin8&google_cver=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f054a5ad774c55-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l7eMR7Hsb3mn&google_ula={guid},5&google_gid=CAESEM4y7YAvuZk4acQ9YWudin8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l7eMR7Hsb3mn
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=

0
239 B

47ms
46ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Sun, 15 Aug 2021 06:22:49 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
496 B 223ms
102ms Image
image/gif 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l7eMR7Hsb3mn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:49 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 67f054a61e654c43-AMS
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=mgid&bsw_uid=e931e311-4a2d-47f6-a0d4-0fd572f1a439
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid&bsw_uid=e931e311-4a2d-47f6-a0d4-0fd572f1a439
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=14c29dae-4e1e-402a-bf7a-2e2f4995a99e&ssp=mgid
https://cm.mgid.com/m?cdsp=433145&c=e931e311-4a2d-47f6-a0d4-0fd572f1a439&gdpr=&gdpr_consent=&us_privacy=

43 B
553 B

107ms
106ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=e931e311-4a2d-47f6-a0d4-0fd572f1a439&gdpr=&gdpr_consent=&us_privacy=
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:49 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: e97613c4-d34d-4da5-827f-8d26d6620aa9
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f054a979c14c55-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=e931e311-4a2d-47f6-a0d4-0fd572f1a439&gdpr=&gdpr_consent=&us_privacy=
date: Sun, 15 Aug 2021 06:22:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=IvnUvsSeGmP6xkSwsduf&pi=mgid&tc=1

43 B
522 B

106ms
105ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=IvnUvsSeGmP6xkSwsduf&pi=mgid&tc=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:49 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: f261cd46-697d-40b1-af7e-86563843497c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f054a6ded44c55-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=IvnUvsSeGmP6xkSwsduf&pi=mgid&tc=1
pragma: no-cache
date: Sun, 15 Aug 2021 06:22:49 GMT, Sun, 15 Aug 2021 06:22:49 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

m
cm.mgid.com/ Frame 3FEE
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
https://cm.mgid.com/m?cdsp=617666&c=2a794492a80cb74e

43 B
538 B

105ms
104ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=617666&c=2a794492a80cb74e
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=658327
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:49 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: da3f270c-a0bc-434d-b723-b2c1bb2d91ef
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f054a8c9124c55-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

Location: https://cm.mgid.com/m?cdsp=617666&c=2a794492a80cb74e
Date: Sun, 15 Aug 2021 06:22:49 GMT
Server: VertaMedia 1.0
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7C93 31 KB
10 KB 56ms
55ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 5e27739c2f7752512553d5df05a3b9dc949e841ff7d649a5f63cf2139b46ae9e

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 15 Aug 2021 06:22:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=74287
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9360
Expires: Mon, 16 Aug 2021 03:00:56 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 7C93 284 B
536 B 194ms
49ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/jpg

OPTIONS
H/1.1 200
OK add
o.wowreality.info/api/log/ Frame 0
0 161ms
52ms Preflight 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Protocol: HTTP/1.1
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sun, 15 Aug 2021 06:22:49 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://paste.co.id

POST
H/1.1 200
OK add Show response
o.wowreality.info/api/log/ 0
398 B 211ms
98ms XHR
text/plain 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Requested by: Host: static.lalaping.com
URL: https://static.lalaping.com/online.js?ver=2.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

Date: Sun, 15 Aug 2021 06:22:49 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length: 0

GET
H3-29 200 c
c.mgid.com/ 43 B
434 B 147ms
147ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=202|213|8|vN0NeaO0MK7ZgmqzYWt3o-ZtvU1u0pDDuF4CNPunJDRfmIscOp2Tx4TjWRdfALBd&fw=1&extjs=66044&v=202|213|40|vN0NeaO0MK7ZgmqzYWt3o-Xnmm5Q9Lv3jZG57x1OP0obCOf8AMmhbTFliWaxJIRz&v=202|213|8|vN0NeaO0MK7ZgmqzYWt3o-UjhAmL1ifEPjOJdKd_YtB847ICFlsGvkIPNAsEkmsF&v=202|213|8|vN0NeaO0MK7ZgmqzYWt3oyBX2rE1PA_Kyep65uEc9vyN07_hkqKq5BP4sAmSTl3F&cid=997452&h2=s6DTIq8_dmTag7EPnAov6dSbCPv8f3qqI9uObWc_aRA*&rid=365cf9b0-fd91-11eb-8adb-d094662c24f7&tt=Direct&iv=11&pageImp=1&pvid=17b487a20d8a3791311&cbuster=1629008570313629921580&tpl=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:50 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 61e36b2c-cd63-4fda-a0f5-da9844169150
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f054ac9cbb4c55-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H3-29 200 c
c.mgid.com/ 43 B
434 B 170ms
170ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?pv=3&v=90|203|24|vN0NeaO0MK7ZgmqzYWt3o2fxIohKgTQapH5U-J0tRKxH-8BKSCXhWThbw_BB0o2X&fw=1&extjs=66044&v=90|203|24|vN0NeaO0MK7ZgmqzYWt3o5QaADgCoe0c45hXKwOMEs3RJzY3tNlZobXT2BjMevsK&cid=997452&h2=s6DTIq8_dmTag7EPnAov6dSbCPv8f3qqI9uObWc_aRA*&rid=365cfa30-fd91-11eb-9122-2cea7f875b01&tt=Direct&iv=11&pageImp=0&pvid=17b487a20d8a3791311&cbuster=162900857040311832764&tpl=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 15 Aug 2021 06:22:50 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: b4ea6b83-6888-4816-9e6a-6c0b04d259d3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67f054ad2d504c55-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 200 SOt_YnYZUb2IiLEJyuW7OYDS37B48w1M_cKHVburLI2CanuvaHsHtVob37P76Uz3uI9_5hmxsGEM0149pmE8-d1GvCgLT3FkUyNU4Ax8q4hExHmi5u7R2kMpwrRB9GnpQWCp2twU4TvoRbQdeLa2D7KkoQbhc3lOwYe2YGrun8l027ObJ6rEfIFbz8J8ov7ti-p8U...
itgiblean.com/impression/ 43 B
326 B 173ms
57ms Image
image/gif 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itgiblean.com/impression/SOt_YnYZUb2IiLEJyuW7OYDS37B48w1M_cKHVburLI2CanuvaHsHtVob37P76Uz3uI9_5hmxsGEM0149pmE8-d1GvCgLT3FkUyNU4Ax8q4hExHmi5u7R2kMpwrRB9GnpQWCp2twU4TvoRbQdeLa2D7KkoQbhc3lOwYe2YGrun8l027ObJ6rEfIFbz8J8ov7ti-p8UgBKTtVpddGc3wsrLHWe14uh4WF0TZjS4jLj0N1rYH8RXwtDrKtYPr6wgdA8j_FRRA==?_z=3509488&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=13&pl=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 413dcab076312066c6e74fe3b09b09c9
pragma: no-cache
date: Sun, 15 Aug 2021 06:22:58 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
content-length: 43
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 0987259079146.png
static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/ Frame CB6F 3 KB
4 KB 57ms
57ms Image
image/png 139.45.197.156
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/0987259079146.png
Requested by: Host: inpagepush.com
URL: https://inpagepush.com/400/3509488
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c82db013fed13514116da0fca58e0a4ee83721d82a892d7ddab12cf2461aa2b0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 15 Aug 2021 06:22:58 GMT
Last-Modified: Thu, 15 Oct 2020 16:08:39 GMT
Server: nginx
ETag: "5f887407-c2f"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 3119

GET
H2 204 3509488 Show response
inpagepush.com/500/ 0
440 B 60ms
60ms XHR
text/plain 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3509488?excludes=8093040&oaid=4ca996ee02854a06b3a6016228c81388&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=14&pl=https%3A%2F%2Fpaste.co.id%2F4ieUaxeb1e&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 6e33f19807a83c25c8502a855641d3e2
pragma: no-cache
date: Sun, 15 Aug 2021 06:22:58 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H2 200 3509488
inpagepush.com/500/ Frame 0
0 52ms
52ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 15 Aug 2021 06:22:56 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://paste.co.id
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

Verdicts & Comments Add Verdict or Comment

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
onmarshtompor.com/	1970-01-20 05:15:44	Name: oaidts Value: 1629008567
onmarshtompor.com/	1970-01-20 05:15:44	Name: OAID Value: 34d87b5aae4f48b7908e409265606345
.doubleclick.net/	1970-01-20 05:51:44	Name: IDE Value: AHWqTUk4pp-VdGn9b2Cjw4kuE6_jyW9tGjyVGn3-LvLXfMpB-a5-RLyCxQnv8E3TjA0
.paste.co.id/	1970-01-19 20:30:08	Name: _gat_gtag_UA_137362802_1 Value: 1
.paste.co.id/	1970-01-19 20:31:34	Name: _gid Value: GA1.3.223466922.1629008568
.paste.co.id/	1970-01-19 20:30:08	Name: _gat_gtag_UA_174907544_1 Value: 1
.paste.co.id/	1970-01-20 14:01:20	Name: _ga Value: GA1.3.1827750385.1629008568
.paste.co.id/	1970-01-20 05:51:44	Name: __gads Value: ID=1c9c1b0639c58d24-22b58ae4abc9006c:T=1629008567:RT=1629008567:S=ALNI_MYGv-J38OpAk9gfK_3xPjiNRS6hvg
.paste.co.id/	1970-01-19 20:30:12	Name: __PPU_BACKCLCK_3724584 Value: true
paste.co.id/	1970-01-19 20:30:15	Name: pasteshr_session Value: eyJpdiI6IkYxWlNjSFQ0UWR6QnVCUE9Cc3J1XC9BPT0iLCJ2YWx1ZSI6IlNmWXJlV2xXK0RuZ1hXZWxNT08rOVZcL2NPZ0FlTWQ4c3J1VlI4TzdZMHU1VEczb01zSXZiMVR0WlpONkw1N1lEIiwibWFjIjoiYTM2MDBiNjVlZTA2ZGNmMWEzYTNjOTM1ZDMxZjhhOTMzY2Y2MGJjY2Q3NDM0NmM3MGIxZjQzMDFiODY4MjE3OCJ9
paste.co.id/	1970-01-19 20:30:15	Name: XSRF-TOKEN Value: eyJpdiI6ImlBNHZIY0pnbHZFeGFKWHNCam5SRUE9PSIsInZhbHVlIjoiVGZHSlpuc1VpdU5oTTMwek5XdGx5Q0FjZ21OQUhyTFdESng0RlM5SzJDajJ5KzJ6cHNWS2hrYUNjYWxhSVwvNjMiLCJtYWMiOiIzZjI0NmI4MjAzZmIzOTFmZmQ3M2M3OTI5MDdmYTM5MzU5Yjg1YjQyNjExZGVlZjI5OGE3MGY1N2U0OWFiODVhIn0%3D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	(Line 1) Message: SDK installer already started

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.volvelle.tech
adservice.google.com
adservice.google.de
bedrapiona.com
c.mgid.com
cdn.mgid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
dozubatan.com
eus.rubiconproject.com
googleads.g.doubleclick.net
iclickcdn.com
inpagepush.com
itgiblean.com
jsc.mgid.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
mp.4dex.io
my.rtmark.net
o.wowreality.info
onmarshtompor.com
pagead2.googlesyndication.com
partner.googleadservices.com
paste.co.id
pixel.rubiconproject.com
pseepsie.com
s-img.mgid.com
s.adtelligent.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
seeptoag.net
servicer.mgid.com
static.cdnativepush.com
static.lalaping.com
stats.g.doubleclick.net
sync.adtelligent.com
sync.e-volution.ai
toglooman.com
token.rubiconproject.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.qrcoder.co.uk
x.bidswitch.net
104.16.199.73
104.19.133.78
104.19.136.78
104.19.217.61
109.203.125.88
109.206.188.82
139.45.195.254
139.45.195.8
139.45.196.145
139.45.197.156
139.45.197.234
139.45.197.237
139.45.197.239
139.45.197.243
139.45.197.250
142.250.185.226
185.184.8.65
23.37.42.132
2606:4700:20::681a:87b
2606:4700:20::ac43:4b09
2606:4700::6810:135e
2606:4700::6812:acf
2a00:1450:4001:800::2002
2a00:1450:4001:803::2002
2a00:1450:4001:803::2004
2a00:1450:4001:803::200e
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c07::9c
2a0c:5c81:5139::2
35.157.197.70
35.210.178.101
35.227.247.230
5.189.137.168
54.192.219.96
62.149.0.72
69.173.144.139
76.223.111.131
037843c170a4523394cce5f5e73d6f5769d7de9924c6e99f1c919d9c2b024e98
0496a22875ff611c9a1f8c81bed099d167e85ebe733686160052f326d71c1fc1
05aac4daed2f382b848ccb60a6d71e5aca949cd9f9c8a45dedb8c92123dc073c
06e2b53476f3d29ccba94a06f1b4f1759a6884fa64accac8d98d1c6c32ea2e49
073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669
0f6a786478d82fb0747ea4be72cb7140198d3042cd48bf1a1c69d9de8a3b1721
140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1625bcb3433fa41c25a9662ce2a69dbf859b9a6b019ef4e919cc2055108fe2e6
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
18da111eb5ece7a9f442894197a95bdc0fe92c7327fcb5a1b4451ed615f9f70f
2603fd21cab12d15dc63ad9db6368d6874de54d5f15bf90191d1fcdbe05b978d
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
28c39ef80bcd100fa6fee14c01dfb0853c6de4dfff7bb58b6d8006a79afc1fda
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d8d454f48d0f9a93a7cafe7de7313ee18873ebdd6293db800c3b85c697ccf2a
2eae738f747093b2a339cf4d08736b86302b5e32e53510576ccb5447a4807d4a
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
35751fd45cc96fc57e090b12cb1e4be8c29c99c930cc679874c6a9009c64b2f1
36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6
367ea4a2337e669a6eeec1f614332c274bb6bb42706d0676516bd43c0c4ac0f5
3ccbdd96d449ac73068148c6aee1355929c04a639071892b79a98ea8f710b49b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
54bb0f0d91ef1fda384317352da6d7a7035fa12c2f4886984223d6a7b8f9a298
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
5e27739c2f7752512553d5df05a3b9dc949e841ff7d649a5f63cf2139b46ae9e
5f5352a55960f1a7cfd65755494826c383ffa2d218c7dd5fc12c97d068fe217c
65f4906220b08ddec4711c05713e3cc864bd1e29090b662be92f4f4cf12763c5
6a386063aa65786c63bd34620a5c41db370aac4f41da95196435b67f79505f77
6af808ed9e7bff50752fa079ce83791261e95d70f058589b92c0427355680380
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c83e2f82550ff4c8374b20c37551fb72a430f4a27405c54dcce727785c443ca
71f4b05dbf75a7e80faa7bf2c09428d1089d1ca8bb390a188c008c876bcabe2d
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
7761979199bf20d25fe4726392f9e6c268295e5d179b2bb5a683cb10fb6ad0d2
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5
7bef4e4346c2bfdd0f1cb7be5e922acf490b850eefe84672014125e2be79b042
809022428e66e3e7b63dba7680b328ddbedd4941a02a8ce0cbe02982e57fbe38
80d95328167947c0003a2c066f849c12427e849751483e62f0d6fd55b6278fb5
8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045
892809346f39c64787b639d62029c1e8b582c18a80557dada858eedc5dfb4683
89e8c9f38453550ebee24fafe934daad8cc913a3e55b941db1b72a97b49554ac
8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716
8dfc258187db25a77b8760110cb1dfbd9b13ed139c27b66ea7aa7fffb6055476
8eb3b9de71c245edbae191d4a29ed5ddea11a3a6bc9c58941077aaef99f0c74b
900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93
94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75
9790a962223dc4cd242a9c20d96356c9e0589fbf861ad7349a4aa664e52ff42c
9815df3f855ca2ad9a5ede72ef0ae009333d1c35b13bf54d76d497040237a6ff
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
9b6a8201393a7d86ac6afb0e682a2fb8494d79a40e013fd679aebad86a3d2157
9ce9e33f409f56f7fc176cb0911ed6eb50a2490f378f8300d3bc6131f366c579
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a63c2e07501d472fb7b360f00b8eae5dc9908378b75f54a1169916801e09cf45
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa7b6d5b770a73bfa79bb530f6549221a559d0e366daa55005255ec66ae752db
ab2ce846645a378c14a61fb0d42a9ef4078e67db914d2d85ecd47c855fecfcc0
ab8f37f741cf32cd630a5c5a074982b5687c96f14705d01b3fb6abd764ca5704
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
b8f2d5fcc19c20f7d74b6717348dc6491901cc8bc62b121607d79d1e49c3b9f1
ba45b9535d8b81f446e72a0f37425bb253fe5a084d71d58830fb19f48d3f3529
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
c82db013fed13514116da0fca58e0a4ee83721d82a892d7ddab12cf2461aa2b0
d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9
d155915dc255556fb696d51d847d0070941c6fc2f9ce03d869681b30b9222b24
d290daa6e15ba87ab2163d78a8d1f73ab6e9dd6d9c3e6c165eec487b0beaae05
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517
d801a7aee4bfe2c958fd643f0cbeec4594298233004ada814fbff90eeb0b1c0b
d9e5d125996daf936a5f8c8e84c3acd49d9dffdd24ed4ddbb393b2cd85892f20
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df205e3074c950bfb046901fe741685bfcebbe84986dcf38d06a531796a1aa89
e1b6ef9150f5c24f7cee453563b768021e71631942c38864496162c14cef0e27
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ecea4b30252d5bc011c7f9cafcac4239a9eb11f2dd8cd9dbc073073f875e8af8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1dac04b01c214f149c0bc46bb191036f3d7c0552daae90c2f53d0b1e818d21d
f24df750dbf6833dcce069a043790635ecb6f58c6b3ee581f8ef8b0cbb7526bc
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

paste.co.id Open in urlscan Pro 5.189.137.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

133 Requests

100 %HTTPS

46 %IPv6

37 Domains

51 Subdomains

43 IPs

6 Countries

1609 kBTransfer

3950 kBSize

11 Cookies

60 Outgoing links

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paste.co.id Open in urlscan Pro
5.189.137.168 Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

100 %
HTTPS

46 %
IPv6

37
Domains

51
Subdomains

43
IPs

6
Countries

1609 kB
Transfer

3950 kB
Size

11
Cookies

133 HTTP transactions
1 data transactions