paste.co.id Open in urlscan Pro
2606:4700:3037::ac43:ae34 Public Scan

URL:
https://paste.co.id/wpwbjv7xEy
Submission: On July 28 via api (July 28th 2020, 3:38:37 pm UTC) from US

Summary HTTP 70 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 21 IPs in 7 countries across 26 domains to perform 70 HTTP transactions. The main IP is 2606:4700:3037::ac43:ae34, located in United States and belongs to CLOUDFLARENET, US. The main domain is paste.co.id.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 10th 2020. Valid for: a year.

This is the only time paste.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2606:4700:303... 2606:4700:3037::ac43:ae34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2606:4700::68... 2606:4700::6810:84e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
15	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.190.91.111 35.190.91.111	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::ac43:813c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.21.230 172.217.21.230	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1 2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2 2	52.215.98.88 52.215.98.88	16509 (AMAZON-02) (AMAZON-02)
5 5	35.157.13.31 35.157.13.31	16509 (AMAZON-02) (AMAZON-02)
2 2	136.243.75.11 136.243.75.11	24940 (HETZNER-AS) (HETZNER-AS)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	67.231.251.189 67.231.251.189	40244 (TURNKEY-I...) (TURNKEY-INTERNET)
1	204.44.79.1 204.44.79.1	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	35.212.212.222 35.212.212.222	19527 (GOOGLE-2) (GOOGLE-2)
1	23.105.245.4 23.105.245.4	7979 (SERVERS-COM) (SERVERS-COM)
70	21

15 2606:4700:3037::ac43:ae34 (United States)

ASN13335 (CLOUDFLARENET, US)

paste.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.19.133.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.111 (Mountain View, United States)

ASN15169 (GOOGLE, US)

lovelydrum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:813c (United States)

ASN13335 (CLOUDFLARENET, US)

img.shields.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.230 (United States)

ASN15169 (GOOGLE, US)

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.98.88 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.157.13.31 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.75.11 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.231.251.189 (Latham, United States) 1 redirects

ASN40244 (TURNKEY-INTERNET, US)

pixel.s3xified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.44.79.1 (Los Angeles, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)

b.admedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, NL)

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (Mountain View, United States) 2 redirects

ASN19527 (GOOGLE-2, US)

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.245.4 (Russian Federation)

ASN7979 (SERVERS-COM, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	mgid.com jsc.mgid.com servicer.mgid.com cm.mgid.com cdn.mgid.com s-img.mgid.com c.mgid.com	114 KB
15	paste.co.id paste.co.id	442 KB
8	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net cm.g.doubleclick.net	1 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	137 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
4	gstatic.com fonts.gstatic.com	42 KB
4	cloudflare.com cdnjs.cloudflare.com	52 KB
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	826 B
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	adhigh.net 2 redirects px.adhigh.net	937 B
2	adsrvr.org 2 redirects match.adsrvr.org	906 B
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	279 B
2	googleapis.com fonts.googleapis.com	2 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	google.com 1 redirects adservice.google.com www.google.com	492 B
2	google.de adservice.google.de www.google.de	935 B
2	lovelydrum.com lovelydrum.com	29 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
1	lentainform.com cm.lentainform.com	328 B
1	admedia.com b.admedia.com	317 B
1	s3xified.com 1 redirects pixel.s3xified.com	372 B
1	idealmedia.io cm.idealmedia.io	556 B
1	googletagservices.com www.googletagservices.com	27 KB
1	shields.io img.shields.io
1	googletagmanager.com www.googletagmanager.com	34 KB
0	mixmarket.biz Failed udata.mixmarket.biz Failed
70	26

	Domain	Requested by
15	paste.co.id	paste.co.id
7	cm.mgid.com	jsc.mgid.com paste.co.id
5	x.bidswitch.net	5 redirects
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	pagead2.googlesyndication.com	paste.co.id pagead2.googlesyndication.com
4	s-img.mgid.com	paste.co.id
4	fonts.gstatic.com	jsc.mgid.com
4	cdnjs.cloudflare.com	paste.co.id
3	tpc.googlesyndication.com	lovelydrum.com pagead2.googlesyndication.com tpc.googlesyndication.com
2	rtb-usw.mfadsrvr.com	2 redirects
2	px.adhigh.net	2 redirects
2	match.adsrvr.org	2 redirects
2	fonts.googleapis.com	jsc.mgid.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	lovelydrum.com	paste.co.id lovelydrum.com
2	maxcdn.bootstrapcdn.com	paste.co.id
1	c.mgid.com	paste.co.id
1	cm.lentainform.com	paste.co.id
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	b.admedia.com	paste.co.id
1	pixel.s3xified.com	1 redirects
1	cm.idealmedia.io	paste.co.id
1	cm.g.doubleclick.net	1 redirects
1	eus.rubiconproject.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	cdn.mgid.com	paste.co.id
1	ad.doubleclick.net	lovelydrum.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	www.google.de	paste.co.id
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	servicer.mgid.com	jsc.mgid.com
1	img.shields.io	paste.co.id
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	jsc.mgid.com	paste.co.id
1	www.googletagmanager.com	paste.co.id
0	udata.mixmarket.biz Failed	paste.co.id
70	39

This site contains links to these domains. Also see Links.

Domain
cookie-consent.app.forthe.top
pastelink.net
pasteshr.com
paiza.io
pasteio.com
paste.ofcode.org
www.avis.ne.jp
paste.ee
slexy.org
pastebin.com
paste2.org
bpa.st
notes.io
0paste.com
www.textsnip.com
ideone.com
bitbin.it
widgets.mgid.com
www.mgid.com
www.facebook.com
instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-10` - `2021-07-10`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
lovelydrum.com Let's Encrypt Authority X3	`2020-07-06` - `2020-10-04`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.admedia.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-27` - `2022-03-02`	2 years	crt.sh
*.lentainform.com Go Daddy Secure Certificate Authority - G2	`2020-01-09` - `2021-01-20`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://paste.co.id/wpwbjv7xEy
Frame ID: 75A01FE911A10A69EC3B76E4302CDA9F
Requests: 63 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200723/r20190131/zrt_lookup.html
Frame ID: F249DC7E2C3A9A2002CDB65884F856E2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/gen_204?id=rmvasftr&type=false
Frame ID: 20FED0932647F7B5A0313B765B504954
Requests: 1 HTTP requests in this frame

Frame: https://img.shields.io/badge/Build-Passing-%2361ba65.svg?label=Build&color=61ba65&logo=&style=flat&cacheSeconds=3600
Frame ID: AD53582EA9694E990DB42336B14F6DAA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1595950699&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fpaste.co.id%2Fwpwbjv7xEy&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1595950698634&bpp=69&bdt=187&idt=691&shv=r20200723&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4948405346777&frm=20&pv=2&ga_vid=1358644517.1595950699&ga_sid=1595950699&ga_hid=1484453313&ga_fc=0&iag=0&icsg=616906762483&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=188883154829049&pem=202&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=707
Frame ID: 78F4FEEE334346451C056762CC5B872D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&slotname=3374289680&adk=2423028384&adf=2347387144&w=840&fwrn=4&fwrnh=100&lmt=1595950699&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=840x280&url=https%3A%2F%2Fpaste.co.id%2Fwpwbjv7xEy&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1595950698706&bpp=5&bdt=259&idt=668&shv=r20200723&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4948405346777&frm=20&pv=1&ga_vid=1358644517.1595950699&ga_sid=1595950699&ga_hid=1484453313&ga_fc=0&iag=0&icsg=37651999238387&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=77&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=188883154829049&pem=202&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=swcT2tuqIj&p=https%3A//paste.co.id&dtd=675
Frame ID: D12D6C750D98838C5BC4F8044BF6138A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&slotname=3374289680&adk=2423028384&adf=3360776472&w=840&fwrn=4&fwrnh=100&lmt=1595950699&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=840x280&url=https%3A%2F%2Fpaste.co.id%2Fwpwbjv7xEy&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1595950698711&bpp=2&bdt=264&idt=680&shv=r20200723&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C840x280&nras=1&correlator=4948405346777&frm=20&pv=1&ga_vid=1358644517.1595950699&ga_sid=1595950699&ga_hid=1484453313&ga_fc=0&iag=0&icsg=37651999238387&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=188883154829049&pem=202&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=0OhDRypEeT&p=https%3A//paste.co.id&dtd=684
Frame ID: 63E4125C8D8A14541B6E5CB80FBF73BF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=600&slotname=3374289680&adk=1935312948&adf=64888922&w=255&fwrn=4&fwrnh=100&lmt=1595950699&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=255x600&url=https%3A%2F%2Fpaste.co.id%2Fwpwbjv7xEy&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1595950698713&bpp=1&bdt=266&idt=687&shv=r20200723&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C840x280%2C840x280&nras=1&correlator=4948405346777&frm=20&pv=1&ga_vid=1358644517.1595950699&ga_sid=1595950699&ga_hid=1484453313&ga_fc=0&iag=0&icsg=37651999238387&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=708&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=188883154829049&pem=202&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Hu6eKvhGEH&p=https%3A//paste.co.id&dtd=690
Frame ID: 52C0EA6F8C9C0F44BA2C88AF5C892687
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=159595069941815912858
Frame ID: F24A7EB1A99F1C8469C0FDCBA274A94B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: 1F7F8D7CDE4D388E83BFEADAD9D933B7
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 8E3D828F7A885517AD2F4EBE3F5645C0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 12A5FD9798CB81D3D2234848DC70771A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

70
Requests

99 %
HTTPS

52 %
IPv6

26
Domains

39
Subdomains

21
IPs

7
Countries

982 kB
Transfer

2590 kB
Size

9
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://cookie-consent.app.forthe.top/why-websites-use-cookies/
Title: Learn More

Search URL Search Domain Scan URL

URL: https://pastelink.net/1ueht
Title: https://pastelink.net/1ueht

Search URL Search Domain Scan URL

URL: https://pasteshr.com/8FjJpIcxxK
Title: https://pasteshr.com/8FjJpIcxxK

Search URL Search Domain Scan URL

URL: https://paiza.io/projects/DLYA_2WmFJqr8CgchcT-xw?language=php
Title: https://paiza.io/projects/DLYA_2WmFJqr8CgchcT-xw?language=php

Search URL Search Domain Scan URL

URL: https://pasteio.com/xCmaSdWYLq8Z
Title: https://pasteio.com/xCmaSdWYLq8Z

Search URL Search Domain Scan URL

URL: https://paste.ofcode.org/9jrFqnFDqDVphw4f4yZaF2
Title: https://paste.ofcode.org/9jrFqnFDqDVphw4f4yZaF2

Search URL Search Domain Scan URL

URL: http://www.avis.ne.jp/cgi-usr/pasoken_bbs.cgi?cmd=regist
Title: http://www.avis.ne.jp/cgi-usr/pasoken_bbs.cgi?cmd=regist

Search URL Search Domain Scan URL

URL: https://paste.ee/p/Ol8Y3
Title: https://paste.ee/p/Ol8Y3

Search URL Search Domain Scan URL

URL: https://slexy.org/view/s20bEl6znq
Title: https://slexy.org/view/s20bEl6znq

Search URL Search Domain Scan URL

URL: https://pastebin.com/udBLkEXs
Title: https://pastebin.com/udBLkEXs

Search URL Search Domain Scan URL

URL: https://paste2.org/COn09D04
Title: https://paste2.org/COn09D04

Search URL Search Domain Scan URL

URL: https://bpa.st/MPMA
Title: https://bpa.st/MPMA

Search URL Search Domain Scan URL

URL: https://notes.io/9RsK
Title: https://notes.io/9RsK

Search URL Search Domain Scan URL

URL: https://0paste.com/76732
Title: https://0paste.com/76732

Search URL Search Domain Scan URL

URL: http://www.textsnip.com/eexql5
Title: http://www.textsnip.com/eexql5

Search URL Search Domain Scan URL

URL: https://ideone.com/bs4Qzi
Title: https://ideone.com/bs4Qzi

Search URL Search Domain Scan URL

URL: https://bitbin.it/zfIi7CeK/
Title: https://bitbin.it/zfIi7CeK/

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=paste.co.id&utm_medium=referral&utm_campaign=widgets&utm_content=914924

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/4023131/i/126987/0/pp/1/1?h=-3n6iR01ESclGOl6W70TGXt3-9NX6oQSPOb1PKePpBZs7TmvxdkDZNgkMQL0GyWz&rid=5ca36dd6-d0e8-11ea-ab6c-d094662c24f7&tt=Direct&cpm=1&gbpp=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805479/i/126987/0/pp/2/1?h=-3n6iR01ESclGOl6W70TGR39ikwOp3C_vzsRg9rh3bualVRjhOShumb7hgqISLn2&rid=5ca36dd6-d0e8-11ea-ab6c-d094662c24f7&tt=Direct&cpm=1&gbpp=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/4415110/i/126987/0/pp/3/1?h=-3n6iR01ESclGOl6W70TGb8z1-F_2AhBTOyf8x-HVEFsDqcnErazD3RTmBkrbafT&rid=5ca36dd6-d0e8-11ea-ab6c-d094662c24f7&tt=Direct&cpm=1&gbpp=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805450/i/126987/0/pp/4/1?h=-3n6iR01ESclGOl6W70TGWXC0EgmkF_-jFw3DKpns1bgJpNs2YNhF01EIoBe0R3n&rid=5ca36dd6-d0e8-11ea-ab6c-d094662c24f7&tt=Direct&cpm=1&gbpp=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.facebook.com/detroit.co.id
Title:

Search URL Search Domain Scan URL

URL: https://instagram.com/detroit.co.id
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1484453313&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2Fwpwbjv7xEy&ul=en-us&de=UTF-8&dt=Untitled%20-%20Pasted.id%20-%20%231%20paste%20tool%20indonesia!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1216361964&gjid=126071855&cid=1358644517.1595950699&tid=UA-137362802-1&_gid=1748550238.1595950699&_r=1&gtm=2ou7f0&z=95714089 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-137362802-1&cid=1358644517.1595950699&jid=1216361964&_gid=1748550238.1595950699&gjid=126071855&_v=j83&z=95714089 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137362802-1&cid=1358644517.1595950699&jid=1216361964&_v=j83&z=95714089 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137362802-1&cid=1358644517.1595950699&jid=1216361964&_v=j83&z=95714089&slf_rd=1&random=1893644448

Request Chain 58

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 302
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 59

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azZzamlzUTNtbUM4&muidn=k6sjisQ3mmC8 HTTP 302
https://cm.mgid.com/google?muidn=k6sjisQ3mmC8&google_ula={guid},5&google_gid=CAESEF4ft4WBF8wJCNJIGfGZ8nc&google_cver=1

Request Chain 60

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=dd00e287-1f92-4363-8e1f-363147309c4a&ttl=1598542699

Request Chain 61

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid HTTP 302
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid&bounced=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=9&user_id=uMQh6DzT0z4c.AikABlFzlhMUAQ&expires=30&ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=31b58381-d475-44e7-bb4e-d7e6d514a0d8

Request Chain 63

https://x.bidswitch.net/sync?dsp_id=303&user_id=k6sjisQ3mmC8 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k6sjisQ3mmC8 HTTP 302
https://pixel.s3xified.com/dspsync/?pid=bidswitch&buid=31b58381-d475-44e7-bb4e-d7e6d514a0d8 HTTP 302
https://b.admedia.com/sync/uid/?uid=0baa9a417f5d50f5d2c16b0c420034ab

Request Chain 64

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=jzkRgECPyRzAFvBcM2iq&pi=mgid&tc=1

Request Chain 65

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=c29eb3af-6d77-4149-b9b4-b4773e5c0a75

70 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request wpwbjv7xEy Show response
paste.co.id/ 23 KB
6 KB 13297ms
13263ms Document
text/html 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/wpwbjv7xEy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.8 PleskLin

Resource Hash

e15158fa64838e18b0fb92ace523a4e4340d33667bc5a3aa529ded44cb94dd56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

:method: GET
:authority: paste.co.id
:scheme: https
:path: /wpwbjv7xEy
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 28 Jul 2020 15:38:18 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=db3b8edb346986264371633d8de03aaa71595950685; expires=Thu, 27-Aug-20 15:38:05 GMT; path=/; domain=.paste.co.id; HttpOnly; SameSite=Lax XSRF-TOKEN=eyJpdiI6IlBpbkREbFBMalZYNmtTQ1BqY1FTVnc9PSIsInZhbHVlIjoidkdRSTZrOFdYTVJVS2JCSTRiczc3V01INE5WUzkyNVJCTlFcL3dPRjBjelpyaFY0cFBjRkdMc3Z4UU9kZm5ZYjMiLCJtYWMiOiI5ODVjZDIyMTUzMmI3NGY0Y2JlMWJlYTQ1ZmU5ZmRlNjMyMzI2NGEwZjBmMzlkYzYzNTYxMzgxYmUxNTkzYzMwIn0%3D; expires=Tue, 28-Jul-2020 17:38:18 GMT; Max-Age=7200; path=/ pasteshr_session=eyJpdiI6IkpCUUw5NWZcL0lpVG5LOGMxZFRMd0pnPT0iLCJ2YWx1ZSI6IjgwZXBOMWdpSGd5NzlaRFwvenBpK3NpZ3JJb1FrY05ROXptWTdyazBzUWZwYlwvckIxRkdIMjU5ajRaNUJEWlwveFMiLCJtYWMiOiIxNjFmNzNhMGIxMTJjYTcyMmZiNjdiZGExMThlYWU4ZTE5MDNkOWRlY2JmMzZiNjhhYjA3ZTNmOGFhMzk0NzVjIn0%3D; expires=Tue, 28-Jul-2020 17:38:18 GMT; Max-Age=7200; path=/; httponly
x-powered-by: PHP/7.4.8 PleskLin
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
strict-transport-security: max-age=15768000; includeSubDomains
cf-cache-status: DYNAMIC
cf-request-id: 0437abf3fe0000beb020a29200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5b9faf666b08beb0-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 2yqJvyfZ1Uh-2lN7LZ_VejZFsEM.js Show response
paste.co.id/cdn-cgi/apps/head/ 15 KB
5 KB 20ms
18ms Script
application/javascript 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/cdn-cgi/apps/head/2yqJvyfZ1Uh-2lN7LZ_VejZFsEM.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 748851c4d2e38c4f7587afb6b6e54dfc26e7329018d27911115f1840e251d4a8

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 604289
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 090D10E5D2CED4FD
x-amz-id-2: 8y50VI2nXzr5pCv8CO75rvHgjGtn7epYuy+FufxxkWmyvVzzcbxpw7NuKnvDVOiCbQDAo8eGMpw=
last-modified: Thu, 09 Apr 2020 07:01:53 GMT
server: cloudflare
etag: W/"b41983019dc124823e0cbe364e0a102d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: FzzEO.YKJ_vU2aF7romPpg.vx2TIcrhF
cf-request-id: 0437ac27d50000beb02094c200000001
cf-ray: 5b9fafb95a61beb0-FRA

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 27ms
9ms Stylesheet
text/css 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
status: 200
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 bootstrap.min.css
paste.co.id/css/ 138 KB
19 KB 22ms
21ms Stylesheet
text/css 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/bootstrap.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 5936
x-powered-by: PleskLin
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0437ac27d40000beb020948200000001
last-modified: Thu, 08 Nov 2018 09:15:02 GMT
server: cloudflare
etag: W/"5be3fe96-22688"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5b9fafb95a59beb0-FRA

GET
H2 200 mdb.min.css
paste.co.id/css/ 226 KB
23 KB 33ms
31ms Stylesheet
text/css 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/css/mdb.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 5936
x-powered-by: PleskLin
status: 200
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0437ac27d40000beb020949200000001
last-modified: Thu, 08 Nov 2018 09:15:02 GMT
server: cloudflare
etag: W/"5be3fe96-38940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5b9fafb95a5bbeb0-FRA

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/ 15 KB
2 KB 31ms
14ms Stylesheet
text/css 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/select2.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 8249355
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0437ac27e5000017568a144200000001
served-in-seconds: 0.000
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:26:42 GMT
server: cloudflare
etag: W/"5afd4ad2-3b5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5b9fafb96d231756-FRA
expires: Sun, 18 Jul 2021 15:38:18 GMT

GET
H2 200 style.min.css
paste.co.id/css/ 3 KB
1 KB 19ms
18ms Stylesheet
text/css 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/css/style.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

59d3b0f41ff8ed0ab160bbe4df8c72cfcbd729ee6e97f23c1a8ff1913b78ad52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 5936
x-powered-by: PleskLin
status: 200
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0437ac27d40000beb02094a200000001
last-modified: Sun, 29 Mar 2020 14:37:15 GMT
server: cloudflare
etag: W/"5e80b29b-b1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5b9fafb95a5dbeb0-FRA

GET
H2 200 prism-okadia.css
paste.co.id/plugins/prismjs/ 13 KB
3 KB 21ms
21ms Stylesheet
text/css 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism-okadia.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 3661
x-powered-by: PleskLin
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0437ac27d40000beb02094b200000001
last-modified: Tue, 29 Jan 2019 16:43:52 GMT
server: cloudflare
etag: W/"5c5082c8-326d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 5b9fafb95a5ebeb0-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 118 KB
42 KB 43ms
21ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a199cb40ea76c8c39fcc6bad8c8297799fdc20e8586a58a1b1650267805f30db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42540
x-xss-protection: 0
server: cafe
etag: 16835310940961625101
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 28 Jul 2020 15:38:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 85 KB
34 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137362802-1

Requested by

Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

55ec4b7938698c5998ba1090318f0740816a59b514968392092e0eb98b5364cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:18 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34212
x-xss-protection: 0
last-modified: Tue, 28 Jul 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Jul 2020 15:38:18 GMT

GET
H2 200 KX3CTmWGGs.png
paste.co.id/uploads/ 5 KB
5 KB 15ms
13ms Image
image/png 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paste.co.id/uploads/KX3CTmWGGs.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

bf8eeec0243213e8b5d4caf858a57977c915a8d8b004991ba9260603d2c0d920

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:18 GMT
cf-cache-status: HIT
age: 5932
x-powered-by: PleskLin
status: 200
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4938
cf-request-id: 0437ac28010000beb020951200000001
last-modified: Mon, 25 Feb 2019 12:32:06 GMT
server: cloudflare
etag: "5c73e046-134a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5b9fafb99ab9beb0-FRA

GET
H2 200 default-avatar.png
paste.co.id/img/ 7 KB
7 KB 16ms
14ms Image
image/png 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paste.co.id/img/default-avatar.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:18 GMT
cf-cache-status: HIT
age: 3661
x-powered-by: PleskLin
status: 200
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6957
cf-request-id: 0437ac28010000beb020952200000001
last-modified: Wed, 28 Nov 2018 10:58:44 GMT
server: cloudflare
etag: "5bfe74e4-1b2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5b9fafb99ababeb0-FRA

GET
H2 200 paste.co.id.914924.js Show response
jsc.mgid.com/p/a/ 223 KB
61 KB 164ms
82ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2468d0067cd2ed6950aaefc1ec974a9137a00cd6827cb4ce982ca48311456c64

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 3661
cf-polished: origSize=228036
status: 200
last-modified: Thu, 23 Jul 2020 13:20:39 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7432036D2B3299F8
x-amz-id-2: fs7l1hJxTATyoSHzQ5DZ7acr9joox7Y1xH77v3WXAw5ouqZIlKQ55yg6HvEC/oAEEcugrueo38k=
cf-bgj: minify
server: cloudflare
etag: W/"57256e5a5bebe4c5a30a0421ebb8b404"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 0437ac286300000d46201c0200000001
cf-ray: 5b9fafba38180d46-ARN
expires: Tue, 28 Jul 2020 16:38:18 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
29 KB 18ms
18ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 8254748
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0437ac27f5000017568a146200000001
served-in-seconds: 0.003
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:21:00 GMT
server: cloudflare
etag: W/"5afd497c-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5b9fafb98d7f1756-FRA
expires: Sun, 18 Jul 2021 15:38:18 GMT

GET
H2 200 bootstrap.min.js Show response
paste.co.id/js/ 50 KB
13 KB 18ms
18ms Script
application/javascript 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/js/bootstrap.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 5936
x-powered-by: PleskLin
status: 200
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0437ac27f80000beb02094d200000001
last-modified: Thu, 08 Nov 2018 09:15:02 GMT
server: cloudflare
etag: W/"5be3fe96-c75f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5b9fafb98aa3beb0-FRA

GET
H2 200 mdb.min.js Show response
paste.co.id/js/ 204 KB
59 KB 33ms
31ms Script
application/javascript 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/js/mdb.min.js?v=2

Requested by

Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 5936
x-powered-by: PleskLin
status: 200
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0437ac28010000beb02094f200000001
last-modified: Tue, 29 Jan 2019 16:15:46 GMT
server: cloudflare
etag: W/"5c507c32-331d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5b9fafb99ab7beb0-FRA

GET
H2 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/ 65 KB
17 KB 20ms
18ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/select2.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 5850869
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0437ac2801000017568a147200000001
served-in-seconds: 0.002
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:26:42 GMT
server: cloudflare
etag: W/"5afd4ad2-1042e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5b9fafb99db21756-FRA
expires: Sun, 18 Jul 2021 15:38:18 GMT

GET
H2 200 prism.js Show response
paste.co.id/plugins/prismjs/ 328 KB
113 KB 48ms
46ms Script
application/javascript 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 3661
x-powered-by: PleskLin
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0437ac28010000beb020950200000001
last-modified: Sat, 24 Nov 2018 11:17:38 GMT
server: cloudflare
etag: W/"5bf93352-521a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 5b9fafb99ab8beb0-FRA

GET
H2 200 99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add Show response
lovelydrum.com/ 92 KB
29 KB 450ms
277ms Script
text/javascript 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lovelydrum.com/99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add

Requested by

Host: paste.co.id
URL: https://paste.co.id/cdn-cgi/apps/head/2yqJvyfZ1Uh-2lN7LZ_VejZFsEM.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

2feeef80d351bc2ca672f0eb2a18a732bb4869aa29a26d81cf1a19f2c532063c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "ac404119296636a3f30e1097dd2415fc34baab39ab2bf5adcfbcfd2892c2fb5d"
vary: Accept-Encoding, Accept-Language
x-hostname: taylor
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, must-revalidate, max-age=21600
date: Tue, 28 Jul 2020 15:38:18 GMT
timing-allow-origin: *

GET
H2 200 ODDUj0AVpwTFCkac0C-t0V4Mg-4.js Show response
paste.co.id/cdn-cgi/apps/body/ 150 KB
42 KB 28ms
27ms Script
application/javascript 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/cdn-cgi/apps/body/ODDUj0AVpwTFCkac0C-t0V4Mg-4.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/cdn-cgi/apps/head/2yqJvyfZ1Uh-2lN7LZ_VejZFsEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c84459f0c92349eac14ab94fa19f3dace511b376e32e84cf3b41e96a67730ff

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 2340851
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 392E05BC051C17B0
x-amz-id-2: /2hb7Ppq0BFRVYu+wOEjat2S/PeM+No2rQjnOuGNCY55YGNx4mRc9rPMkug8TMoa3J//5PvPO1E=
last-modified: Thu, 09 Apr 2020 07:01:53 GMT
server: cloudflare
etag: W/"a204e0ca2fbab92074b1b60e5111cc70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: jjfCmrRnJA2UeSB7s0B3k.91AXU7Ac5O
cf-request-id: 0437ac28010000beb020953200000001
cf-ray: 5b9fafb99abbbeb0-FRA

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 25ms
8ms Font
font/woff2 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://paste.co.id

Response headers

date: Tue, 28 Jul 2020 15:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
status: 200
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 77171

GET
H2 200 Roboto-Regular.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 16ms
15ms Font
font/woff2 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/font/roboto/Roboto-Regular.woff2

Requested by

Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/css/mdb.min.css
Origin: https://paste.co.id

Response headers

date: Tue, 28 Jul 2020 15:38:18 GMT
cf-cache-status: HIT
age: 3661
x-powered-by: PleskLin
status: 200
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49236
cf-request-id: 0437ac28070000beb020955200000001
last-modified: Thu, 08 Nov 2018 09:15:02 GMT
server: cloudflare
etag: "5be3fe96-c054"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5b9fafb9aac5beb0-FRA

GET
H2 200 Roboto-Light.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 17ms
17ms Font
font/woff2 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/font/roboto/Roboto-Light.woff2

Requested by

Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/css/mdb.min.css
Origin: https://paste.co.id

Response headers

date: Tue, 28 Jul 2020 15:38:18 GMT
cf-cache-status: HIT
age: 3661
x-powered-by: PleskLin
status: 200
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49380
cf-request-id: 0437ac28080000beb020956200000001
last-modified: Thu, 08 Nov 2018 09:15:02 GMT
server: cloudflare
etag: "5be3fe96-c0e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5b9fafb9aac6beb0-FRA

GET
H2 200 Roboto-Bold.woff2
paste.co.id/font/roboto/ 49 KB
49 KB 16ms
16ms Font
font/woff2 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/font/roboto/Roboto-Bold.woff2

Requested by

Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/css/mdb.min.css
Origin: https://paste.co.id

Response headers

date: Tue, 28 Jul 2020 15:38:18 GMT
cf-cache-status: HIT
age: 3661
x-powered-by: PleskLin
status: 200
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49976
cf-request-id: 0437ac283f0000beb020957200000001
last-modified: Thu, 08 Nov 2018 09:15:02 GMT
server: cloudflare
etag: "5be3fe96-c338"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5b9fafb9fb53beb0-FRA

GET
DATA 200
OK truncated
/ 1 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13f49578079ce90bfc63c1d271af36739f07745ff0b709361ad2c1e43e53a39b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
829 B 72ms
15ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=paste.co.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 15:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
320 B 23ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paste.co.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 15:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/ 221 KB
83 KB 34ms
29ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84205b72580bff351eca502f9184cfac70f0f4ff4ae4456cfa8f81d34aa000d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 84800
x-xss-protection: 0
server: cafe
etag: 9296453514141258119
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jul 2020 15:38:18 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200723/r20190131/ Frame F249 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200723/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200723/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/wpwbjv7xEy
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/wpwbjv7xEy

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 27 Jul 2020 23:00:32 GMT
expires: Mon, 10 Aug 2020 23:00:32 GMT
content-type: text/html; charset=UTF-8
etag: 1809543571055990350
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4277
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 59866
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 20FE 0
0 39ms
38ms Document
image/gif 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rmvasftr&type=false

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/gen_204?id=rmvasftr&type=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/wpwbjv7xEy
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/wpwbjv7xEy

Response headers

status: 204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
date: Tue, 28 Jul 2020 15:38:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/ 10 KB
3 KB 17ms
17ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/plugins/prismjs/prism.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 23364101
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0437ac2a26000017568a182200000001
served-in-seconds: 0.000
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:18:30 GMT
server: cloudflare
etag: W/"5afd48e6-29a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5b9fafbd0dfa1756-FRA
expires: Sun, 18 Jul 2021 15:38:19 GMT

GET
DATA 200
OK truncated
/ 198 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44288f73f147364037a1125b227d89a6dbb9cd022e92b235dc7f06cbd84e7fc9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137362802-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 3877
date: Tue, 28 Jul 2020 14:33:42 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Tue, 28 Jul 2020 16:33:42 GMT

GET
H2 200 Build-Passing-%2361ba65.svg
img.shields.io/badge/ Frame AD53 0
0 30ms
12ms Document
image/svg+xml 2606:4700:3034::ac43:813c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.shields.io/badge/Build-Passing-%2361ba65.svg?label=Build&color=61ba65&logo=&style=flat&cacheSeconds=3600
Requested by: Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:813c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: img.shields.io
:scheme: https
:path: /badge/Build-Passing-%2361ba65.svg?label=Build&color=61ba65&logo=&style=flat&cacheSeconds=3600
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: object
referer: https://paste.co.id/wpwbjv7xEy
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/wpwbjv7xEy

Response headers

status: 200
date: Tue, 28 Jul 2020 15:38:19 GMT
content-type: image/svg+xml;charset=utf-8
set-cookie: __cfduid=de9c928d3ef98c29e5257c3d1559f84871595950699; expires=Thu, 27-Aug-20 15:38:19 GMT; path=/; domain=.shields.io; HttpOnly; SameSite=Lax
cache-control: max-age=86400, s-maxage=86400
last-modified: Mon, 27 Jul 2020 09:08:25 GMT
via: 1.1 vegur
cf-cache-status: HIT
age: 77828
cf-request-id: 0437ac2abb0000324452b3c200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5b9fafbdfa083244-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a20070fc475f7befb15e531f7212f19fa7502ee9a53fcabf36d42a09ac9260b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Jul 2020 15:18:39 GMT
server: ESF
date: Tue, 28 Jul 2020 15:38:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Jul 2020 15:38:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
670 B 14ms
13ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Jul 2020 14:03:38 GMT
server: ESF
date: Tue, 28 Jul 2020 15:38:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Jul 2020 15:38:19 GMT

GET
DATA 200
OK truncated
/ 418 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f96c53b9b03f4b4ab67841c2ffd39ec588c945206edb5d8f6e7725859e29f69d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Origin: https://paste.co.id

Response headers

date: Fri, 24 Jul 2020 13:57:42 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 351637
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Sat, 24 Jul 2021 13:57:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Origin: https://paste.co.id

Response headers

date: Fri, 12 Jun 2020 20:41:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 3956203
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 12 Jun 2021 20:41:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Origin: https://paste.co.id

Response headers

date: Wed, 10 Jun 2020 14:25:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 4151592
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Thu, 10 Jun 2021 14:25:07 GMT

GET
H2 200 1 Show response
servicer.mgid.com/914924/ 3 KB
2 KB 62ms
61ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/914924/1?w=844&h=207&cols=2&pv=5&cbuster=1595950699308707507627&uniqId=11310&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fpaste.co.id%2Fwpwbjv7xEy&pageView=1&pvid=1739613132ca3555df5&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cbb8c8c4fecc1e3bf99aaa7c00d6cf8a4c49355d99be577e773c3e0abfd0bfa

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 15:38:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5b9fafbec88d0d46-ARN
content-type: application/x-javascript; charset=utf-8
cf-request-id: 0437ac2b4000000d4620231200000001

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1484453313&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2Fwpwbjv7xEy&ul=en-us&de=UTF-8&dt=Untitled%20-%20Pasted.id%20-%20%231%20paste%20tool%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-137362802-1&cid=1358644517.1595950699&jid=1216361964&_gid=1748550238.1595950699&gjid=126071855&_v=j83&z=95714089
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137362802-1&cid=1358644517.1595950699&jid=1216361964&_v=j83&z=95714089
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137362802-1&cid=1358644517.1595950699&jid=1216361964&_v=j83&z=95714089&slf_rd=1&random=1893644448

42 B
106 B

20ms
19ms

Image
image/gif

2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137362802-1&cid=1358644517.1595950699&jid=1216361964&_v=j83&z=95714089&slf_rd=1&random=1893644448

Requested by

Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 15:38:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Jul 2020 15:38:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137362802-1&cid=1358644517.1595950699&jid=1216361964&_v=j83&z=95714089&slf_rd=1&random=1893644448
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 78F4 0
0 70ms
69ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1595950699&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fpaste.co.id%2Fwpwbjv7xEy&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1595950698634&bpp=69&bdt=187&idt=691&shv=r20200723&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4948405346777&frm=20&pv=2&ga_vid=1358644517.1595950699&ga_sid=1595950699&ga_hid=1484453313&ga_fc=0&iag=0&icsg=616906762483&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=188883154829049&pem=202&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=707

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1595950699&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fpaste.co.id%2Fwpwbjv7xEy&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1595950698634&bpp=69&bdt=187&idt=691&shv=r20200723&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4948405346777&frm=20&pv=2&ga_vid=1358644517.1595950699&ga_sid=1595950699&ga_hid=1484453313&ga_fc=0&iag=0&icsg=616906762483&dssz=28&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=188883154829049&pem=202&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=707
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/wpwbjv7xEy
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/wpwbjv7xEy

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 28 Jul 2020 15:38:19 GMT
server: cafe
content-length: 589
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 28-Jul-2020 15:53:19 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 28 Jul 2020 15:38:19 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

921e018e4be04fba8a1975fcb32b8e64d034160dcb6354c30f616c3bd9196e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595849813499619"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27217
x-xss-protection: 0
expires: Tue, 28 Jul 2020 15:38:19 GMT

GET
H2 200 Acqbko Show response
ad.doubleclick.net/ddm/adj/Bhjr/ 11 B
225 B 67ms
66ms Script
text/javascript 172.217.21.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/Bhjr/Acqbko

Requested by

Host: lovelydrum.com
URL: https://lovelydrum.com/99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 15:38:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame D12D 0
0 124ms
124ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&slotname=3374289680&adk=2423028384&adf=2347387144&w=840&fwrn=4&fwrnh=100&lmt=1595950699&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=840x280&url=https%3A%2F%2Fpaste.co.id%2Fwpwbjv7xEy&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1595950698706&bpp=5&bdt=259&idt=668&shv=r20200723&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4948405346777&frm=20&pv=1&ga_vid=1358644517.1595950699&ga_sid=1595950699&ga_hid=1484453313&ga_fc=0&iag=0&icsg=37651999238387&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=77&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=188883154829049&pem=202&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=swcT2tuqIj&p=https%3A//paste.co.id&dtd=675

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&slotname=3374289680&adk=2423028384&adf=2347387144&w=840&fwrn=4&fwrnh=100&lmt=1595950699&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=840x280&url=https%3A%2F%2Fpaste.co.id%2Fwpwbjv7xEy&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1595950698706&bpp=5&bdt=259&idt=668&shv=r20200723&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4948405346777&frm=20&pv=1&ga_vid=1358644517.1595950699&ga_sid=1595950699&ga_hid=1484453313&ga_fc=0&iag=0&icsg=37651999238387&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=77&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=188883154829049&pem=202&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=swcT2tuqIj&p=https%3A//paste.co.id&dtd=675
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/wpwbjv7xEy
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/wpwbjv7xEy

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 28 Jul 2020 15:38:19 GMT
server: cafe
content-length: 203
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 28-Jul-2020 15:53:19 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 28 Jul 2020 15:38:19 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 63E4 0
0 54ms
53ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&slotname=3374289680&adk=2423028384&adf=3360776472&w=840&fwrn=4&fwrnh=100&lmt=1595950699&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=840x280&url=https%3A%2F%2Fpaste.co.id%2Fwpwbjv7xEy&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1595950698711&bpp=2&bdt=264&idt=680&shv=r20200723&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C840x280&nras=1&correlator=4948405346777&frm=20&pv=1&ga_vid=1358644517.1595950699&ga_sid=1595950699&ga_hid=1484453313&ga_fc=0&iag=0&icsg=37651999238387&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=188883154829049&pem=202&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=0OhDRypEeT&p=https%3A//paste.co.id&dtd=684

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&slotname=3374289680&adk=2423028384&adf=3360776472&w=840&fwrn=4&fwrnh=100&lmt=1595950699&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=840x280&url=https%3A%2F%2Fpaste.co.id%2Fwpwbjv7xEy&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1595950698711&bpp=2&bdt=264&idt=680&shv=r20200723&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C840x280&nras=1&correlator=4948405346777&frm=20&pv=1&ga_vid=1358644517.1595950699&ga_sid=1595950699&ga_hid=1484453313&ga_fc=0&iag=0&icsg=37651999238387&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=1423&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=188883154829049&pem=202&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=0OhDRypEeT&p=https%3A//paste.co.id&dtd=684
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/wpwbjv7xEy
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/wpwbjv7xEy

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 28 Jul 2020 15:38:19 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 28-Jul-2020 15:53:19 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 28 Jul 2020 15:38:19 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 52C0 0
0 107ms
106ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=600&slotname=3374289680&adk=1935312948&adf=64888922&w=255&fwrn=4&fwrnh=100&lmt=1595950699&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=255x600&url=https%3A%2F%2Fpaste.co.id%2Fwpwbjv7xEy&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1595950698713&bpp=1&bdt=266&idt=687&shv=r20200723&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C840x280%2C840x280&nras=1&correlator=4948405346777&frm=20&pv=1&ga_vid=1358644517.1595950699&ga_sid=1595950699&ga_hid=1484453313&ga_fc=0&iag=0&icsg=37651999238387&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=708&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=188883154829049&pem=202&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Hu6eKvhGEH&p=https%3A//paste.co.id&dtd=690

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&h=600&slotname=3374289680&adk=1935312948&adf=64888922&w=255&fwrn=4&fwrnh=100&lmt=1595950699&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=255x600&url=https%3A%2F%2Fpaste.co.id%2Fwpwbjv7xEy&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1595950698713&bpp=1&bdt=266&idt=687&shv=r20200723&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C840x280%2C840x280&nras=1&correlator=4948405346777&frm=20&pv=1&ga_vid=1358644517.1595950699&ga_sid=1595950699&ga_hid=1484453313&ga_fc=0&iag=0&icsg=37651999238387&dssz=30&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=708&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=188883154829049&pem=202&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Hu6eKvhGEH&p=https%3A//paste.co.id&dtd=690
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/wpwbjv7xEy
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/wpwbjv7xEy

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 28 Jul 2020 15:38:19 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 28-Jul-2020 15:53:19 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 28 Jul 2020 15:38:19 GMT
cache-control: private

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
709 B 67ms
65ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1595950699411204413267
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78c0c897055ede92bf8c809c1b158c240addc0fbd1422855ae587ce9c8241460

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 3808604a-b044-4db1-94f9-d5ecb7a9b9b9
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0437ac2ba600000d4620238200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5b9fafbf79e70d46-ARN

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans
Origin: https://paste.co.id

Response headers

date: Mon, 27 Jul 2020 11:36:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 100904
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 27 Jul 2021 11:36:35 GMT

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame F24A 186 B
404 B 61ms
60ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=159595069941815912858
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e83fc3dc542e7be4f58dea74a3d729956bf590acec4c8521de9dc8a74b276c6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: dd3d98bf-e16c-47f7-9b47-3224e578c555
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0437ac2bac00000d4620239200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5b9fafbf79f40d46-ARN

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 48ms
43ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:19 GMT
content-encoding: br
cf-cache-status: HIT
age: 2451
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 0437ac2bc300000d4620240200000001
cf-ray: 5b9fafbf9a990d46-ARN

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2ZkMzViOWNiZmM0MjljYTA3MWZkOWMzM2NhY2NmNTIwLmpwZWc*.webp
s-img.mgid.com/g/4023131/370x200/0x0x900x600/ 14 KB
15 KB 56ms
51ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4023131/370x200/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2ZkMzViOWNiZmM0MjljYTA3MWZkOWMzM2NhY2NmNTIwLmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d62c4355126e1bfee583dec6642a9d469ca8b94a4711bc1460877db5faa54cf

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:19 GMT
cf-cache-status: HIT
age: 5996471
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14788
cf-request-id: 0437ac2bc300000d462023d200000001
last-modified: Fri, 24 Apr 2020 17:41:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5b9fafbf9a910d46-ARN
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2UxYjE3OTQ4ZjBmNjQxNzA2NWEzYzY4OGUwZDVhYmRjLmpwZz90PTE0OTc5ODE2MzgxODc*.webp
s-img.mgid.com/g/3805479/370x200/98x0x946x630/ 9 KB
9 KB 45ms
41ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805479/370x200/98x0x946x630/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2UxYjE3OTQ4ZjBmNjQxNzA2NWEzYzY4OGUwZDVhYmRjLmpwZz90PTE0OTc5ODE2MzgxODc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1199416d75e5b7a9eebf1f895144412e05ba49a825d569c526e8b767a10859f

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:19 GMT
cf-cache-status: HIT
age: 2153249
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8786
cf-request-id: 0437ac2bc300000d462023f200000001
last-modified: Wed, 13 May 2020 17:03:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5b9fafbf9a960d46-ARN

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTEwLzE3NTY4NS8xNjY1NWExMGE4NzNmYzgyNmM2OGYzMDJhY2VlNGJjZC5qcGc*.webp
s-img.mgid.com/g/4415110/370x200/0x0x744x496/ 13 KB
13 KB 48ms
44ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4415110/370x200/0x0x744x496/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTEwLzE3NTY4NS8xNjY1NWExMGE4NzNmYzgyNmM2OGYzMDJhY2VlNGJjZC5qcGc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d49515734975820064a5af98f66019156e0868524c9995d770a08bd6ba87c5cc

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:19 GMT
cf-cache-status: HIT
age: 987094
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13506
cf-request-id: 0437ac2bc300000d462023c200000001
last-modified: Fri, 07 Feb 2020 09:24:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5b9fafbf9a8f0d46-ARN
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDItMjQvMTAxOTI0LzkzYTNkMWZiMzk4YmZkOTZlYzU4NjkyMTc2ZTg1ZWNmLmpwZz90PTE0ODc5MzQ4NjEzODI*.webp
s-img.mgid.com/g/3805450/370x200/0x0x492x328/ 11 KB
11 KB 51ms
47ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805450/370x200/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDItMjQvMTAxOTI0LzkzYTNkMWZiMzk4YmZkOTZlYzU4NjkyMTc2ZTg1ZWNmLmpwZz90PTE0ODc5MzQ4NjEzODI*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8e6a2fdcf53a03f0fd5965379a8e2d4976abb37bd160a1ddea6bd8141de4744

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:19 GMT
cf-cache-status: HIT
age: 1150732
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11462
cf-request-id: 0437ac2bc300000d462023e200000001
last-modified: Sun, 28 Jun 2020 07:21:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5b9fafbf9a930d46-ARN

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame 1F7F 0
0 25ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: lovelydrum.com
URL: https://lovelydrum.com/99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/wpwbjv7xEy
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/wpwbjv7xEy

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1479
date: Thu, 23 Jul 2020 14:55:25 GMT
expires: Fri, 23 Jul 2021 14:55:25 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 434574
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 8E3D
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

200ms
69ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?cbuster=1595950699411204413267
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://paste.co.id/wpwbjv7xEy
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/wpwbjv7xEy

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Sat, 25 Jul 2020 03:11:37 GMT
Content-Encoding: gzip
Content-Length: 9469
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=24745
Expires: Tue, 28 Jul 2020 22:30:44 GMT
Date: Tue, 28 Jul 2020 15:38:19 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Tue, 28 Jul 2020 15:38:19 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azZzamlzUTNtbUM4&muidn=k6sjisQ3mmC8
https://cm.mgid.com/google?muidn=k6sjisQ3mmC8&google_ula={guid},5&google_gid=CAESEF4ft4WBF8wJCNJIGfGZ8nc&google_cver=1

0
99 B

62ms
62ms

Image
text/plain

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=k6sjisQ3mmC8&google_ula={guid},5&google_gid=CAESEF4ft4WBF8wJCNJIGfGZ8nc&google_cver=1
Requested by: Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 15:38:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5b9fafc1ae9c0d46-ARN
content-type: text/plain
cf-request-id: 0437ac2d0b00000d4620257200000001

Redirect headers

pragma: no-cache
date: Tue, 28 Jul 2020 15:38:19 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=k6sjisQ3mmC8&google_ula={guid},5&google_gid=CAESEF4ft4WBF8wJCNJIGfGZ8nc&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=dd00e287-1f92-4363-8e1f-363147309c4a&ttl=1598542699

43 B
374 B

61ms
61ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=dd00e287-1f92-4363-8e1f-363147309c4a&ttl=1598542699
Requested by: Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 15:38:19 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 64e93455-facf-472a-bda8-7da599b12c77
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5b9fafc11d960d46-ARN
content-type: image/gif
cf-request-id: 0437ac2cb200000d462024d200000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Tue, 28 Jul 2020 15:38:19 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=dd00e287-1f92-4363-8e1f-363147309c4a&ttl=1598542699
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid&bounced=1
https://x.bidswitch.net/sync?dsp_id=9&user_id=uMQh6DzT0z4c.AikABlFzlhMUAQ&expires=30&ssp=mgid
https://cm.mgid.com/m?cdsp=433145&c=31b58381-d475-44e7-bb4e-d7e6d514a0d8

43 B
368 B

62ms
61ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=31b58381-d475-44e7-bb4e-d7e6d514a0d8
Requested by: Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 15:38:20 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: b5b77dda-819a-45c6-a7c6-e97bb2b1a932
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5b9fafc3ba5b0d46-ARN
content-type: image/gif
cf-request-id: 0437ac2e5500000d462026c200000001
server: cloudflare

Redirect headers

status: 302
date: Tue, 28 Jul 2020 15:38:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //cm.mgid.com/m?cdsp=433145&c=31b58381-d475-44e7-bb4e-d7e6d514a0d8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
556 B 140ms
60ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=k6sjisQ3mmC8
Requested by: Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 15:38:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5b9fafc0bd6c0d42-ARN
content-type: image/gif
cf-request-id: 0437ac2c7100000d427bacf200000001

GET
H/1.1

200
OK

/
b.admedia.com/sync/uid/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=k6sjisQ3mmC8
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k6sjisQ3mmC8
https://pixel.s3xified.com/dspsync/?pid=bidswitch&buid=31b58381-d475-44e7-bb4e-d7e6d514a0d8
https://b.admedia.com/sync/uid/?uid=0baa9a417f5d50f5d2c16b0c420034ab

0
317 B

824ms
203ms

Image
text/html

204.44.79.1
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.admedia.com/sync/uid/?uid=0baa9a417f5d50f5d2c16b0c420034ab
Requested by: Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.44.79.1 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software: nginx / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 28 Jul 2020 15:38:20 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.3.3
Transfer-Encoding: chunked
Content-Type: text/html

Redirect headers

Location: //b.admedia.com/sync/uid/?uid=0baa9a417f5d50f5d2c16b0c420034ab
Date: Tue, 28 Jul 2020 15:38:20 GMT
Server: openresty
Connection: keep-alive
Content-Length: 158
Content-Type: text/html

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=jzkRgECPyRzAFvBcM2iq&pi=mgid&tc=1

43 B
226 B

63ms
63ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=jzkRgECPyRzAFvBcM2iq&pi=mgid&tc=1
Requested by: Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 15:38:19 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 0144d884-831f-4eb0-8257-099d1be14be6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5b9fafc1cec70d46-ARN
content-type: image/gif
cf-request-id: 0437ac2d1a00000d462025a200000001
server: cloudflare

Redirect headers

status: 302
pragma: no-cache
date: Tue, 28 Jul 2020 15:38:19 GMT, Tue, 28 Jul 2020 15:38:19 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://cm.mgid.com/m?cdsp=501037&c=jzkRgECPyRzAFvBcM2iq&pi=mgid&tc=1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=c29eb3af-6d77-4149-b9b4-b4773e5c0a75

43 B
258 B

63ms
63ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=c29eb3af-6d77-4149-b9b4-b4773e5c0a75
Requested by: Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 15:38:20 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 3e3df705-c2b9-4b41-a98b-3b0759121ec6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5b9fafc53ce10d46-ARN
content-type: image/gif
cf-request-id: 0437ac2f4100000d4620273200000001
server: cloudflare

Redirect headers

date: Tue, 28 Jul 2020 15:38:20 GMT
via: 1.1 google
status: 302
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: //cm.mgid.com/m?cdsp=287839&c=c29eb3af-6d77-4149-b9b4-b4773e5c0a75
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
328 B 172ms
53ms Image
image/gif 23.105.245.4
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=k6sjisQ3mmC8
Requested by: Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.105.245.4 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 15:38:19 GMT
server: nginx/1.19.0
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET tr.php
udata.mixmarket.biz/ Frame F24A 0
0

GET
H2 200 c
c.mgid.com/ 43 B
155 B 64ms
61ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=153|83|8|-3n6iR01ESclGOl6W70TGR39ikwOp3C_vzsRg9rh3bualVRjhOShumb7hgqISLn2&fw=1&extjs=66046&v=153|83|8|-3n6iR01ESclGOl6W70TGb8z1-F_2AhBTOyf8x-HVEFsDqcnErazD3RTmBkrbafT&v=153|83|8|-3n6iR01ESclGOl6W70TGWXC0EgmkF_-jFw3DKpns1bgJpNs2YNhF01EIoBe0R3n&v=153|83|8|-3n6iR01ESclGOl6W70TGXt3-9NX6oQSPOb1PKePpBZs7TmvxdkDZNgkMQL0GyWz&imgdim=1&cid=914924&h2=5MWq598qR6js0xIIWWtwrPN-fy5S3o8nVYjDcujLCRw*&rid=5ca36dd6-d0e8-11ea-ab6c-d094662c24f7&tt=Direct&pageImp=1&muid=k6sjisQ3mmC8&cbuster=1595950700642976485532&tpl=0
Requested by: Host: paste.co.id
URL: https://paste.co.id/wpwbjv7xEy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 15:38:20 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 9891585d-1cd1-4322-b051-e381d4201551
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5b9fafc728680d46-ARN
content-type: image/gif
cf-request-id: 0437ac307700000d462027f200000001
server: cloudflare

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 37ms
18ms XHR
application/json 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200723&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa45fd470516f10892f9ad9fb3c9e354216c237d91e2acda77c9e8388df724c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jul 2020 15:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5657
x-xss-protection: 0

POST
H2 200 v2jqeBaiMxBskOpVNAE12-NTmY04gUCdHzzpYwa4-LLGTTuNb4iuSwSGpUdUJwy9fCoAUTeMZ Show response
lovelydrum.com/ 216 B
609 B 230ms
80ms Fetch
application/json 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lovelydrum.com/v2jqeBaiMxBskOpVNAE12-NTmY04gUCdHzzpYwa4-LLGTTuNb4iuSwSGpUdUJwy9fCoAUTeMZ

Requested by

Host: lovelydrum.com
URL: https://lovelydrum.com/99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

a9c19a84048c24efa977ce6caa30c41676aff53b4ba270391986430edc53b5d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
status: 200
date: Tue, 28 Jul 2020 15:38:21 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: taylor
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Tue, 28 Jul 2020 15:38:20 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 28 Jul 2020 15:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Tue, 28 Jul 2020 15:38:21 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 12A5 0
0 6ms
5ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/wpwbjv7xEy
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/wpwbjv7xEy

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Tue, 28 Jul 2020 14:43:47 GMT
expires: Wed, 28 Jul 2021 14:43:47 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3274
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 39ms
39ms Image
image/gif 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200723&jk=188883154829049&bg=!_f6l_uZYucUgFMdhTlkCAAAASVIAAAASmQGCUFvDpebx5IvGOXd4se_npgcakcn_F8-Ent0O9jmqZCX6ftMCxdTHxPm09Gb__rkwwNwxkzpcbSJBz7sNf1kQCuBXGXTFlhsUFwnTmbE5IimBIcBHj-G5DdcPqYYKwwyF-eimd1ooteCZST6iqbC7XCxjZw8O6BjuUFkVXGACtz8XWPL8Se5VYCDgz1kGvMye4FWI5rPWsROJZv-sP5vXb8lz3cqVgxR5COoOeQfem-HJ0N3n6FQTacJcpGsaZZUrDPuo5LwDRHnOYciOH9qdT9umMLmx4j9htLaADDSttdqFqH7yqDdYXtBqkH1Y1G1RAzs1VOvhln3nRV-P2hroqrMwbz-UFQU3BfQ3Q0kfJKYjNZefyBfGWCD4rTcMs4U9Oh_Motg8S_xDYgACAALeT_jnkRB-LX0L9GmK7OGSZjEmwFpAZrhoXIwqA2SdZxhXSLV7DhYQ2gY8BoBUO3fIwf9DX4lZGbbzOnQrJwhcgSkCk_RgnoGY1M_xtqyq5j7Ht4o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/wpwbjv7xEy
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jul 2020 15:38:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: udata.mixmarket.biz
URL: https://udata.mixmarket.biz/tr.php?syncnet=28&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D311971%26mode%3Dinverse%26c%3D%24UID

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
eus.rubiconproject.com/	1970-01-19 13:28:46	Name: pux Value: 1512%3D92680%262231%3D92680%262249%3D92680%262307%3D92680%262974%3D92680%263778%3D92680%26idl%3D92680%26goog%3D92680%26
.doubleclick.net/	1970-01-19 20:40:46	Name: IDE Value: AHWqTUny-q2QPlQt92PwbH17v5LYqQGSWCyMgO9u6-coEeHc_0cxUOX_OPfv5kop
paste.co.id/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C914924%22%3A%7B%22page%22%3A1%2C%22time%22%3A1595950699409%7D%7D
.paste.co.id/	1970-01-19 11:20:37	Name: _gid Value: GA1.3.1748550238.1595950699
.paste.co.id/	1970-01-20 04:50:22	Name: _ga Value: GA1.3.1358644517.1595950699
.rubiconproject.com/	1970-01-19 20:04:46	Name: audit Value: 1\|z7vQ+u3xKS/jzrxdrXqgaURUXJx0Gk+puXoeb5gICqn7r3lacSpGop19cMp0XcSPgvCllmQ/PzciZ07GJqnMno4BjqNRGrmz
.rubiconproject.com/	1970-01-19 20:04:46	Name: khaos Value: KD63U9HL-C-KWGF
.paste.co.id/	1970-01-19 11:19:10	Name: _gat_gtag_UA_137362802_1 Value: 1
.paste.co.id/	1970-01-19 12:02:22	Name: __cfduid Value: df576b1040d23b3164fcaaf5cdfe024bd1595950698

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js(Line 9) Message: [object HTMLImageElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.de
ams.creativecdn.com
b.admedia.com
c.mgid.com
cdn.mgid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img.shields.io
jsc.mgid.com
lovelydrum.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
paste.co.id
pixel.s3xified.com
px.adhigh.net
rtb-usw.mfadsrvr.com
s-img.mgid.com
secure-assets.rubiconproject.com
servicer.mgid.com
stats.g.doubleclick.net
tpc.googlesyndication.com
udata.mixmarket.biz
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
udata.mixmarket.biz
104.111.230.142
104.16.221.74
104.19.133.78
136.243.75.11
172.217.21.230
185.184.8.30
2001:4de0:ac19::1:b:2b
204.44.79.1
216.58.212.130
23.105.245.4
2606:4700:3034::ac43:813c
2606:4700:3037::ac43:ae34
2606:4700::6810:84e5
2a00:1450:4001:800::2001
2a00:1450:4001:800::200a
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:818::2003
2a00:1450:4001:81a::2002
2a00:1450:4001:81d::2004
2a00:1450:4001:81f::2002
2a00:1450:4001:821::2002
2a00:1450:400c:c0a::9b
35.157.13.31
35.190.91.111
35.212.212.222
52.215.98.88
67.231.251.189
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
13f49578079ce90bfc63c1d271af36739f07745ff0b709361ad2c1e43e53a39b
140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1d62c4355126e1bfee583dec6642a9d469ca8b94a4711bc1460877db5faa54cf
2468d0067cd2ed6950aaefc1ec974a9137a00cd6827cb4ce982ca48311456c64
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cbb8c8c4fecc1e3bf99aaa7c00d6cf8a4c49355d99be577e773c3e0abfd0bfa
2feeef80d351bc2ca672f0eb2a18a732bb4869aa29a26d81cf1a19f2c532063c
36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6
44288f73f147364037a1125b227d89a6dbb9cd022e92b235dc7f06cbd84e7fc9
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
55ec4b7938698c5998ba1090318f0740816a59b514968392092e0eb98b5364cc
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
59d3b0f41ff8ed0ab160bbe4df8c72cfcbd729ee6e97f23c1a8ff1913b78ad52
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
748851c4d2e38c4f7587afb6b6e54dfc26e7329018d27911115f1840e251d4a8
78c0c897055ede92bf8c809c1b158c240addc0fbd1422855ae587ce9c8241460
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e83fc3dc542e7be4f58dea74a3d729956bf590acec4c8521de9dc8a74b276c6
84205b72580bff351eca502f9184cfac70f0f4ff4ae4456cfa8f81d34aa000d8
8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045
8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716
8c84459f0c92349eac14ab94fa19f3dace511b376e32e84cf3b41e96a67730ff
921e018e4be04fba8a1975fcb32b8e64d034160dcb6354c30f616c3bd9196e82
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a199cb40ea76c8c39fcc6bad8c8297799fdc20e8586a58a1b1650267805f30db
a20070fc475f7befb15e531f7212f19fa7502ee9a53fcabf36d42a09ac9260b2
a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405
a9c19a84048c24efa977ce6caa30c41676aff53b4ba270391986430edc53b5d2
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a
b1199416d75e5b7a9eebf1f895144412e05ba49a825d569c526e8b767a10859f
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
bf8eeec0243213e8b5d4caf858a57977c915a8d8b004991ba9260603d2c0d920
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
c8e6a2fdcf53a03f0fd5965379a8e2d4976abb37bd160a1ddea6bd8141de4744
d49515734975820064a5af98f66019156e0868524c9995d770a08bd6ba87c5cc
d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517
e15158fa64838e18b0fb92ace523a4e4340d33667bc5a3aa529ded44cb94dd56
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f96c53b9b03f4b4ab67841c2ffd39ec588c945206edb5d8f6e7725859e29f69d
fa45fd470516f10892f9ad9fb3c9e354216c237d91e2acda77c9e8388df724c2
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

paste.co.id Open in urlscan Pro 2606:4700:3037::ac43:ae34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

70 Requests

99 %HTTPS

52 %IPv6

26 Domains

39 Subdomains

21 IPs

7 Countries

982 kBTransfer

2590 kBSize

9 Cookies

24 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paste.co.id Open in urlscan Pro
2606:4700:3037::ac43:ae34 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

99 %
HTTPS

52 %
IPv6

26
Domains

39
Subdomains

21
IPs

7
Countries

982 kB
Transfer

2590 kB
Size

9
Cookies

70 HTTP transactions
5 data transactions