paste.co.id Open in urlscan Pro
5.189.137.168 Public Scan

URL:
https://paste.co.id/zV1kIZd6FW
Submission: On May 02 via manual (May 2nd 2021, 4:19:34 pm UTC) from ID

Summary HTTP 143 Redirects Links 83 Behaviour Indicators

Summary

This website contacted 44 IPs in 5 countries across 39 domains to perform 143 HTTP transactions. The main IP is 5.189.137.168, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is paste.co.id.
TLS certificate: Issued by R3 on April 21st 2021. Valid for: 3 months.

This is the only time paste.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	5.189.137.168 5.189.137.168	51167 (CONTABO) (CONTABO)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
6	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
10	139.45.196.209 139.45.196.209	9002 (RETN-AS) (RETN-AS)
19	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	109.203.125.88 109.203.125.88	31727 (NODE4-AS) (NODE4-AS)
1	173.249.18.21 173.249.18.21	51167 (CONTABO) (CONTABO)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4b09	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.197.234 139.45.197.234	9002 (RETN-AS) (RETN-AS)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	139.45.196.136 139.45.196.136	9002 (RETN-AS) (RETN-AS)
5	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
3	139.45.197.243 139.45.197.243	9002 (RETN-AS) (RETN-AS)
11	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1 3	99.86.149.45 99.86.149.45	16509 (AMAZON-02) (AMAZON-02)
2	139.45.197.156 139.45.197.156	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4b21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	23.79.143.124 23.79.143.124	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.19.217.61 104.19.217.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
5 5	18.195.177.11 18.195.177.11	16509 (AMAZON-02) (AMAZON-02)
1	54.67.80.248 54.67.80.248	16509 (AMAZON-02) (AMAZON-02)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
2 2	3.127.166.11 3.127.166.11	16509 (AMAZON-02) (AMAZON-02)
2 2	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
2	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2	139.45.197.14 139.45.197.14	9002 (RETN-AS) (RETN-AS)
5	2606:4700:10:... 2606:4700:10::6816:1974	13335 (CLOUDFLAR...) (CLOUDFLARENET)
143	44

16 5.189.137.168 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi465240.contaboserver.net

paste.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.196.209 (United Kingdom)

ASN9002 (RETN-AS, GB)

seeptoag.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.19.134.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.203.125.88 (United Kingdom)

ASN31727 (NODE4-AS, GB)

www.qrcoder.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.249.18.21 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)

berkas.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4b09 (United States)

ASN13335 (CLOUDFLARENET, US)

iclickcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.234 (United Kingdom)

ASN9002 (RETN-AS, GB)

bedrapiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.196.136 (United Kingdom)

ASN9002 (RETN-AS, GB)

pseepsie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

toglooman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)

onmarshtompor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.19.132.78 (United States)

ASN13335 (CLOUDFLARENET, US)

c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.149.45 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.156 (United Kingdom)

ASN9002 (RETN-AS, GB)

static.cdnativepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4b21 (United States)

ASN13335 (CLOUDFLARENET, US)

static.lalaping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.79.143.124 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.217.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.195.177.11 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.67.80.248 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-67-80-248.us-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.166.11 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

prod.perf-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

o.wowreality.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.14 (United Kingdom)

ASN9002 (RETN-AS, GB)

dutorterraom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:1974 (United States)

ASN13335 (CLOUDFLARENET, US)

ipp.littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	mgid.com jsc.mgid.com cdn.mgid.com c.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com	376 KB
16	paste.co.id paste.co.id	412 KB
10	seeptoag.net seeptoag.net	66 KB
8	google.com adservice.google.com www.google.com	36 KB
7	doubleclick.net 1 redirects googleads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net	7 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	155 KB
6	inpagepush.com inpagepush.com	63 KB
5	littlecdn.com ipp.littlecdn.com littlecdn.com	302 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	toglooman.com toglooman.com	123 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	gstatic.com fonts.gstatic.com	60 KB
4	cloudflare.com cdnjs.cloudflare.com	49 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	rtmark.net my.rtmark.net	2 KB
3	google.de adservice.google.de www.google.de	1 KB
3	onmarshtompor.com onmarshtompor.com	1 KB
3	pseepsie.com pseepsie.com	46 KB
2	dutorterraom.com dutorterraom.com	651 B
2	wowreality.info o.wowreality.info	398 B
2	creativecdn.com 2 redirects creativecdn.com	687 B
2	adsrvr.org 2 redirects match.adsrvr.org	904 B
2	perf-serving.com 2 redirects prod.perf-serving.com	1 KB
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	757 B
2	cdnativepush.com static.cdnativepush.com	28 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	googletagmanager.com www.googletagmanager.com	70 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
1	idealmedia.io cm.idealmedia.io	555 B
1	postrelease.com jadserve.postrelease.com	427 B
1	lentainform.com cm.lentainform.com	623 B
1	lalaping.com static.lalaping.com	33 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	googleadservices.com partner.googleadservices.com	640 B
1	bedrapiona.com bedrapiona.com	2 KB
1	iclickcdn.com iclickcdn.com	19 KB
1	berkas.co berkas.co	4 KB
1	qrcoder.co.uk www.qrcoder.co.uk
143	39

	Domain	Requested by
16	paste.co.id	paste.co.id cdnjs.cloudflare.com
12	s-img.mgid.com	paste.co.id
10	seeptoag.net	paste.co.id seeptoag.net
7	cm.mgid.com	jsc.mgid.com paste.co.id
6	www.google.com	paste.co.id
6	inpagepush.com	paste.co.id iclickcdn.com inpagepush.com
5	x.bidswitch.net	5 redirects
5	toglooman.com	iclickcdn.com toglooman.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	pagead2.googlesyndication.com	paste.co.id pagead2.googlesyndication.com tpc.googlesyndication.com
4	ipp.littlecdn.com
4	c.mgid.com	jsc.mgid.com paste.co.id
4	fonts.gstatic.com	fonts.googleapis.com
4	cdnjs.cloudflare.com	paste.co.id
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	sb.scorecardresearch.com	1 redirects jsc.mgid.com paste.co.id
3	my.rtmark.net	inpagepush.com onmarshtompor.com paste.co.id
3	servicer.mgid.com	jsc.mgid.com
3	onmarshtompor.com	iclickcdn.com
3	pseepsie.com	iclickcdn.com pseepsie.com
2	dutorterraom.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	o.wowreality.info	static.lalaping.com
2	creativecdn.com	2 redirects
2	match.adsrvr.org	2 redirects
2	prod.perf-serving.com	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	static.cdnativepush.com	paste.co.id inpagepush.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	cdn.mgid.com	paste.co.id
2	fonts.googleapis.com	paste.co.id
2	www.googletagmanager.com	paste.co.id www.googletagmanager.com
2	jsc.mgid.com	paste.co.id
2	maxcdn.bootstrapcdn.com	paste.co.id maxcdn.bootstrapcdn.com
1	littlecdn.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	www.google.de	paste.co.id
1	stats.g.doubleclick.net	www.google-analytics.com
1	cm.idealmedia.io	paste.co.id
1	jadserve.postrelease.com	paste.co.id
1	cm.g.doubleclick.net	1 redirects
1	cm.lentainform.com	paste.co.id
1	secure-assets.rubiconproject.com	1 redirects
1	static.lalaping.com	toglooman.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	bedrapiona.com	iclickcdn.com
1	iclickcdn.com	paste.co.id
1	berkas.co	paste.co.id
1	www.qrcoder.co.uk	paste.co.id
143	52

This site contains links to these domains. Also see Links.

Domain
widgets.mgid.com
www.mgid.com
digg.com
www.bigmarker.com
www.geogebra.org
www.csiresources.org
myirishcousin.com
connect.informs.org
www.slipstreamti.com
teacher.desmos.com
www.getrevue.co
lu.ma
twitter.com
vrip.unmsm.edu.pe
medium.com
berkas.co

Subject Issuer	Validity	Valid
www.paste.co.id R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
inpagepush.com R3	`2021-04-02` - `2021-07-01`	3 months	crt.sh
seeptoag.net R3	`2021-03-04` - `2021-06-02`	3 months	crt.sh
qrcoder.co.uk cPanel, Inc. Certification Authority	`2021-03-14` - `2021-06-12`	3 months	crt.sh
berkas.co R3	`2021-04-27` - `2021-07-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
bedrapiona.com R3	`2021-04-06` - `2021-07-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
pseepsie.com R3	`2021-03-09` - `2021-06-07`	3 months	crt.sh
toglooman.com R3	`2021-03-13` - `2021-06-11`	3 months	crt.sh
onmarshtompor.com R3	`2021-04-06` - `2021-07-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
cdnativepush.com R3	`2021-04-25` - `2021-07-24`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
wowreality.info R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
dutorterraom.com R3	`2021-04-27` - `2021-07-26`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://paste.co.id/zV1kIZd6FW
Frame ID: D757BA5ECF9ECF015EB2A536FC2631D4
Requests: 118 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/zrt_lookup.html
Frame ID: A15E68116C3A44825CA5E3059204E7D3
Requests: 1 HTTP requests in this frame

Frame: https://onmarshtompor.com/fac.php?OAID=6f5dd06c00e6478a950302e9f169f910&oaidts=1619972352
Frame ID: 3F7F8F9AE9CCDA80F3FC5665B45F87D7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1619972353&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619972352576&bpp=14&bdt=397&idt=575&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2569118628412&frm=20&pv=2&ga_vid=1878121015.1619972353&ga_sid=1619972353&ga_hid=2052978829&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957%2C21065725&oid=3&pvsid=1586645955250515&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=602
Frame ID: 1F9F80EF7877CFBC22BD6BA2243A8F32
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1619972353712153807524
Frame ID: E8203A3DC90390E33C0FF602134C37EC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.1227730195~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1619972353&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619972353852&bpp=5&bdt=1673&idt=-M&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2569118628412&frm=20&pv=1&ga_vid=1878121015.1619972353&ga_sid=1619972353&ga_hid=2052978829&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957%2C21065725&oid=3&pvsid=1586645955250515&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=b77K1O5yBW&p=https%3A//paste.co.id&dtd=24
Frame ID: 84E7D4E5C9FED9AC0A6EB2B678D6C174
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=1213588912&adf=2179270891&pi=t.aa~a.2711115096~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1619972353&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619972353852&bpp=2&bdt=1673&idt=-M&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=2569118628412&frm=20&pv=1&ga_vid=1878121015.1619972353&ga_sid=1619972353&ga_hid=2052978829&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957%2C21065725&oid=3&pvsid=1586645955250515&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=sAbeCgBStt&p=https%3A//paste.co.id&dtd=32
Frame ID: AA2B9AFF2F0E4A49E8A399B829CF6A54
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=90&adk=2820297975&adf=1011119886&pi=t.aa~a.2711115096~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1619972353&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x90&url=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619972353852&bpp=1&bdt=1673&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=2569118628412&frm=20&pv=1&ga_vid=1878121015.1619972353&ga_sid=1619972353&ga_hid=2052978829&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957%2C21065725&oid=3&pvsid=1586645955250515&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=lYeoe5GCAd&p=https%3A//paste.co.id&dtd=36
Frame ID: 224AE69C85C86E0D9A7C917A4F3EA601
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 92E953AB8C5B3188B4A06652B35D250F
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: FEB7577742314EC2FB1BFBAFF2564F7B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 3739F55FDD88D9FC52145501FE8D06B2
Requests: 2 HTTP requests in this frame

Frame: https://static.cdnativepush.com/contents/s/cc/cc/0c/1a8aa84aff37b8d69d64e925e1/0909225031573.png
Frame ID: 63B90173E4D4AE0423E4BFA1DACE3B3C
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

143
Requests

100 %
HTTPS

42 %
IPv6

39
Domains

52
Subdomains

44
IPs

5
Countries

2003 kB
Transfer

4469 kB
Size

7
Cookies

83 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.mgid.com/?utm_source=paste.co.id&utm_medium=referral&utm_campaign=widgets&utm_content=997452
Title:

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy
Title:

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164901/i/57333099/0/pp/1/1?h=PXXscu1vxIeKyCahUybb7wQ9fZIFg9REfvObwWDHT1xmvRvMfJeS9ZCs0wmnPbrO&rid=22111732-ab62-11eb-90c5-d094662c24f7&tt=Direct&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164899/i/57333099/0/pp/2/1?h=PXXscu1vxIeKyCahUybb73JNW9ayGy7zZEokCdeDL0Tx1Bya8pHBEz1Un6yBD-8Z&rid=22111732-ab62-11eb-90c5-d094662c24f7&tt=Direct&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164919/i/57333099/0/pp/3/1?h=PXXscu1vxIeKyCahUybb76XAGHBVcQTuX5R66IT4p5TPDdAKV3qFrfqnzkbj5B-f&rid=22111732-ab62-11eb-90c5-d094662c24f7&tt=Direct&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164865/i/57333099/0/pp/4/1?h=PXXscu1vxIeKyCahUybb7-UjhAmL1ifEPjOJdKd_YtDIulDzxjpwg8ykK7UOQ86A&rid=22111732-ab62-11eb-90c5-d094662c24f7&tt=Direct&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://digg.com/
Title: https://digg.com/

Search URL Search Domain Scan URL

URL: https://www.bigmarker.com/kjaga543/Cliff-Walkers-2021-HD
Title: https://www.bigmarker.com/kjaga543/Cliff-Walkers-2021-HD

Search URL Search Domain Scan URL

URL: https://www.bigmarker.com/version4k/Cliff-Walkers-2021-HD
Title: https://www.bigmarker.com/version4k/Cliff-Walkers-2021-HD

Search URL Search Domain Scan URL

URL: https://www.bigmarker.com/stephaniebolger/Dynasty-Warriors-2021-HD
Title: https://www.bigmarker.com/stephaniebolger/Dynasty-Warriors-2021-HD

Search URL Search Domain Scan URL

URL: https://www.bigmarker.com/irisbryson/Dynasty-Warriors-2021-ZH-HK
Title: https://www.bigmarker.com/irisbryson/Dynasty-Warriors-2021-ZH-HK

Search URL Search Domain Scan URL

URL: https://www.bigmarker.com/michelleshiflet/Dynasty-Warriors-2021-HD
Title: https://www.bigmarker.com/michelleshiflet/Dynasty-Warriors-2021-HD

Search URL Search Domain Scan URL

URL: https://www.bigmarker.com/floydgibbs15/Voyagers-2021-HD
Title: https://www.bigmarker.com/floydgibbs15/Voyagers-2021-HD

Search URL Search Domain Scan URL

URL: https://www.bigmarker.com/ralphwallace/Voyagers-2021-ZH-HK
Title: https://www.bigmarker.com/ralphwallace/Voyagers-2021-ZH-HK

Search URL Search Domain Scan URL

URL: https://www.bigmarker.com/stellahaire4/Voyagers-2021-TW-ZH
Title: https://www.bigmarker.com/stellahaire4/Voyagers-2021-TW-ZH

Search URL Search Domain Scan URL

URL: https://www.geogebra.org/m/me6mfvyb
Title: https://www.geogebra.org/m/me6mfvyb

Search URL Search Domain Scan URL

URL: https://www.geogebra.org/m/nmjnunez
Title: https://www.geogebra.org/m/nmjnunez

Search URL Search Domain Scan URL

URL: https://www.geogebra.org/m/nkkuafgn
Title: https://www.geogebra.org/m/nkkuafgn

Search URL Search Domain Scan URL

URL: https://www.geogebra.org/m/ghxke79f
Title: https://www.geogebra.org/m/ghxke79f

Search URL Search Domain Scan URL

URL: https://www.geogebra.org/m/yebtterz
Title: https://www.geogebra.org/m/yebtterz

Search URL Search Domain Scan URL

URL: https://www.geogebra.org/m/qppsaagy
Title: https://www.geogebra.org/m/qppsaagy

Search URL Search Domain Scan URL

URL: https://www.geogebra.org/m/petzekhm
Title: https://www.geogebra.org/m/petzekhm

Search URL Search Domain Scan URL

URL: https://www.geogebra.org/m/uk6vatmh
Title: https://www.geogebra.org/m/uk6vatmh

Search URL Search Domain Scan URL

URL: https://www.geogebra.org/m/a9q4rt9n
Title: https://www.geogebra.org/m/a9q4rt9n

Search URL Search Domain Scan URL

URL: https://www.geogebra.org/m/mgynav3y
Title: https://www.geogebra.org/m/mgynav3y

Search URL Search Domain Scan URL

URL: https://www.geogebra.org/m/uczue2rj
Title: https://www.geogebra.org/m/uczue2rj

Search URL Search Domain Scan URL

URL: https://www.geogebra.org/m/tpbvv8jz
Title: https://www.geogebra.org/m/tpbvv8jz

Search URL Search Domain Scan URL

URL: https://www.csiresources.org/network/members/profile?UserKey=549bcfff-74e9-4dc0-b922-bfbe89b775cd
Title: https://www.csiresources.org/network/members/profile?UserKey=549bcfff-74e9-4dc0-b922-bfbe89b775cd

Search URL Search Domain Scan URL

URL: https://www.csiresources.org/network/members/profile?UserKey=d6be134d-91dd-4fc1-ae66-e68d8dc18d71
Title: https://www.csiresources.org/network/members/profile?UserKey=d6be134d-91dd-4fc1-ae66-e68d8dc18d71

Search URL Search Domain Scan URL

URL: https://www.csiresources.org/network/members/profile?UserKey=a7c9c887-1756-43b8-ad05-af00232c300d
Title: https://www.csiresources.org/network/members/profile?UserKey=a7c9c887-1756-43b8-ad05-af00232c300d

Search URL Search Domain Scan URL

URL: https://www.csiresources.org/network/members/profile?UserKey=9c86ea23-8ba4-4af0-8023-80fc6fd30ead
Title: https://www.csiresources.org/network/members/profile?UserKey=9c86ea23-8ba4-4af0-8023-80fc6fd30ead

Search URL Search Domain Scan URL

URL: https://myirishcousin.com/community/forums/profile/cliff-walkers-2021-version-zh/
Title: https://myirishcousin.com/community/forums/profile/cliff-walkers-2021-version-zh/

Search URL Search Domain Scan URL

URL: https://myirishcousin.com/community/forums/profile/dynasty-warriors-2021-hd/
Title: https://myirishcousin.com/community/forums/profile/dynasty-warriors-2021-hd/

Search URL Search Domain Scan URL

URL: https://myirishcousin.com/community/forums/profile/dynasty-warriors-2021-duckling/
Title: https://myirishcousin.com/community/forums/profile/dynasty-warriors-2021-duckling/

Search URL Search Domain Scan URL

URL: https://myirishcousin.com/community/forums/profile/voyagers-version-4k/
Title: https://myirishcousin.com/community/forums/profile/voyagers-version-4k/

Search URL Search Domain Scan URL

URL: https://myirishcousin.com/community/forums/profile/voyagers-2021-version-tw/
Title: https://myirishcousin.com/community/forums/profile/voyagers-2021-version-tw/

Search URL Search Domain Scan URL

URL: https://connect.informs.org/network/members/profile?UserKey=9b72f35c-4e80-4e84-bfba-8802a220b0be
Title: https://connect.informs.org/network/members/profile?UserKey=9b72f35c-4e80-4e84-bfba-8802a220b0be

Search URL Search Domain Scan URL

URL: https://connect.informs.org/network/members/profile?UserKey=ea3e0653-bca2-4274-aa8e-39ac2ad61000
Title: https://connect.informs.org/network/members/profile?UserKey=ea3e0653-bca2-4274-aa8e-39ac2ad61000

Search URL Search Domain Scan URL

URL: https://connect.informs.org/network/members/profile?UserKey=668805ed-74bf-4153-8af5-ca612911dd77
Title: https://connect.informs.org/network/members/profile?UserKey=668805ed-74bf-4153-8af5-ca612911dd77

Search URL Search Domain Scan URL

URL: https://connect.informs.org/network/members/profile?UserKey=f8f5fdd3-8cc4-437a-9aa0-059628e7da17
Title: https://connect.informs.org/network/members/profile?UserKey=f8f5fdd3-8cc4-437a-9aa0-059628e7da17

Search URL Search Domain Scan URL

URL: https://connect.informs.org/network/members/profile?UserKey=464a5ff3-d119-45d5-ab91-0359d6007500
Title: https://connect.informs.org/network/members/profile?UserKey=464a5ff3-d119-45d5-ab91-0359d6007500

Search URL Search Domain Scan URL

URL: https://connect.informs.org/network/members/profile?UserKey=44ffaf94-6de2-42c6-b1e7-2aa83736f11b
Title: https://connect.informs.org/network/members/profile?UserKey=44ffaf94-6de2-42c6-b1e7-2aa83736f11b

Search URL Search Domain Scan URL

URL: https://connect.informs.org/network/members/profile?UserKey=96e6f10a-9029-4e9a-b361-aa408898d6c1
Title: https://connect.informs.org/network/members/profile?UserKey=96e6f10a-9029-4e9a-b361-aa408898d6c1

Search URL Search Domain Scan URL

URL: https://connect.informs.org/network/members/profile?UserKey=25487cad-bb32-4925-9255-6e8dc3c6877a
Title: https://connect.informs.org/network/members/profile?UserKey=25487cad-bb32-4925-9255-6e8dc3c6877a

Search URL Search Domain Scan URL

URL: https://www.slipstreamti.com/forum/what-s-your-favorite-show/xuan-ya-zhi-shang-cliff-walkers-xian-shang-kan-wan-zheng-ban-2021-dian-ying-zai-xian-hd-guan-kan-he-xia-zai-1
Title: https://www.slipstreamti.com/forum/what-s-your-favorite-show/xuan-ya-zhi-shang-cliff-walkers-xian-shang-kan-wan-zheng-ban-2021-dian-ying-zai-xian-hd-guan-kan-he-xia-zai-1

Search URL Search Domain Scan URL

URL: https://www.slipstreamti.com/forum/what-s-your-favorite-show/xia-zai-dian-ying-zhen-san-guo-wu-shuang-dynasty-warriors-2021-zai-xian-dian-ying-pei-yin-zi-mu-zh-hk-1
Title: https://www.slipstreamti.com/forum/what-s-your-favorite-show/xia-zai-dian-ying-zhen-san-guo-wu-shuang-dynasty-warriors-2021-zai-xian-dian-ying-pei-yin-zi-mu-zh-hk-1

Search URL Search Domain Scan URL

URL: https://www.slipstreamti.com/forum/what-s-your-favorite-show/voyagers-yi-ji-ren-wu-2021-hd-wan-zheng-ban-ben-zh-hk
Title: https://www.slipstreamti.com/forum/what-s-your-favorite-show/voyagers-yi-ji-ren-wu-2021-hd-wan-zheng-ban-ben-zh-hk

Search URL Search Domain Scan URL

URL: https://www.slipstreamti.com/forum/who-do-you-love/voyagers-yi-ji-ren-wu-2021-xian-shang-kan-xiao-ya-wan-zheng-ban
Title: https://www.slipstreamti.com/forum/who-do-you-love/voyagers-yi-ji-ren-wu-2021-xian-shang-kan-xiao-ya-wan-zheng-ban

Search URL Search Domain Scan URL

URL: https://www.slipstreamti.com/forum/what-s-your-favorite-show/voyagers-yi-ji-ren-wu-xian-shang-kan-wan-zheng-ban-2021-dian-ying-zai-xian-hd-guan-kan-he-xia-zai
Title: https://www.slipstreamti.com/forum/what-s-your-favorite-show/voyagers-yi-ji-ren-wu-xian-shang-kan-wan-zheng-ban-2021-dian-ying-zai-xian-hd-guan-kan-he-xia-zai

Search URL Search Domain Scan URL

URL: https://teacher.desmos.com/activitybuilder/teacherguide/608ea31bcaec4d6c74601360
Title: https://teacher.desmos.com/activitybuilder/teacherguide/608ea31bcaec4d6c74601360

Search URL Search Domain Scan URL

URL: https://teacher.desmos.com/activitybuilder/teacherguide/608eae6ccaec4d6c74601439
Title: https://teacher.desmos.com/activitybuilder/teacherguide/608eae6ccaec4d6c74601439

Search URL Search Domain Scan URL

URL: https://teacher.desmos.com/activitybuilder/teacherguide/608eb5f45828dd04691892a4
Title: https://teacher.desmos.com/activitybuilder/teacherguide/608eb5f45828dd04691892a4

Search URL Search Domain Scan URL

URL: https://www.getrevue.co/profile/floydgibbs15
Title: https://www.getrevue.co/profile/floydgibbs15

Search URL Search Domain Scan URL

URL: https://www.getrevue.co/profile/blancamcfarland67
Title: https://www.getrevue.co/profile/blancamcfarland67

Search URL Search Domain Scan URL

URL: https://www.getrevue.co/profile/parasit_online
Title: https://www.getrevue.co/profile/parasit_online

Search URL Search Domain Scan URL

URL: https://lu.ma/Voyagers-full-version-tw
Title: https://lu.ma/Voyagers-full-version-tw

Search URL Search Domain Scan URL

URL: https://lu.ma/Voyagers-2021-HD-Version
Title: https://lu.ma/Voyagers-2021-HD-Version

Search URL Search Domain Scan URL

URL: https://lu.ma/Voyagers-2021-Full-version-TW-ZH
Title: https://lu.ma/Voyagers-2021-Full-version-TW-ZH

Search URL Search Domain Scan URL

URL: https://lu.ma/Voyagers-Mission-1-2021-full-version
Title: https://lu.ma/Voyagers-Mission-1-2021-full-version

Search URL Search Domain Scan URL

URL: https://twitter.com/i/events/1388113232431239173
Title: https://twitter.com/i/events/1388113232431239173

Search URL Search Domain Scan URL

URL: https://twitter.com/i/events/1388113811941433346
Title: https://twitter.com/i/events/1388113811941433346

Search URL Search Domain Scan URL

URL: https://twitter.com/i/events/1388114383729938436
Title: https://twitter.com/i/events/1388114383729938436

Search URL Search Domain Scan URL

URL: https://twitter.com/i/events/1388855922647203842
Title: https://twitter.com/i/events/1388855922647203842

Search URL Search Domain Scan URL

URL: https://twitter.com/i/events/1388856545883004928
Title: https://twitter.com/i/events/1388856545883004928

Search URL Search Domain Scan URL

URL: https://twitter.com/i/events/1388857053532233729
Title: https://twitter.com/i/events/1388857053532233729

Search URL Search Domain Scan URL

URL: https://twitter.com/i/events/1388857481686753292
Title: https://twitter.com/i/events/1388857481686753292

Search URL Search Domain Scan URL

URL: https://twitter.com/i/events/1388867484464209924
Title: https://twitter.com/i/events/1388867484464209924

Search URL Search Domain Scan URL

URL: https://twitter.com/i/events/1388868269222756359
Title: https://twitter.com/i/events/1388868269222756359

Search URL Search Domain Scan URL

URL: https://twitter.com/i/events/1388869182830174211
Title: https://twitter.com/i/events/1388869182830174211

Search URL Search Domain Scan URL

URL: https://twitter.com/i/events/1388870604808331267
Title: https://twitter.com/i/events/1388870604808331267

Search URL Search Domain Scan URL

URL: https://twitter.com/i/events/1388872235352346625
Title: https://twitter.com/i/events/1388872235352346625

Search URL Search Domain Scan URL

URL: https://vrip.unmsm.edu.pe/forum/profile/cliff-walkers-version-2021/
Title: https://vrip.unmsm.edu.pe/forum/profile/cliff-walkers-version-2021/

Search URL Search Domain Scan URL

URL: https://vrip.unmsm.edu.pe/forum/profile/cliff-walkers-2021-full-version-hd/
Title: https://vrip.unmsm.edu.pe/forum/profile/cliff-walkers-2021-full-version-hd/

Search URL Search Domain Scan URL

URL: https://medium.com/
Title: https://medium.com/

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193517/i/57333099/0/pp/1/1?h=PXXscu1vxIeKyCahUybb78QnUJe9ob9FKoC1aDs05OneMV3mwnhTMQ9LMyGR4MXo&rid=22119c27-ab62-11eb-91aa-d094662c1c35&tt=Direct&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193488/i/57333099/0/pp/2/1?h=PXXscu1vxIeKyCahUybb76w0v7UHOVOmY8kbgAoJWp-MkBqqpMeIWtQzx_-Z77p3&rid=22119c27-ab62-11eb-91aa-d094662c1c35&tt=Direct&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164834/i/57333099/0/pp/3/1?h=PXXscu1vxIeKyCahUybb75IiryF9VlGCc9fG6aKuibt4gBntutk-9q18ordsE-BT&rid=22119c27-ab62-11eb-91aa-d094662c1c35&tt=Direct&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164883/i/57333099/0/pp/4/1?h=PXXscu1vxIeKyCahUybb709f3wghoXbn9g3DfseEzMr8IguSEUsc2eTDF3FyBuwv&rid=22119c27-ab62-11eb-91aa-d094662c1c35&tt=Direct&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193504/i/57333099/0/pp/1/1?h=PXXscu1vxIeKyCahUybb73l9U37eMe__mkQeim3tIcvH-YOaA53hJ3rBIZxfY2Ef&rid=221cbaac-ab62-11eb-91aa-d094662c1c35&tt=Direct&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193521/i/57333099/0/pp/2/1?h=PXXscu1vxIeKyCahUybb73MHpExjR_FzdvwH9ZcMSYArclt_HUbPyQpG-7iryH4E&rid=221cbaac-ab62-11eb-91aa-d094662c1c35&tt=Direct&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164912/i/57333099/0/pp/3/1?h=PXXscu1vxIeKyCahUybb70gvkr7KUFjmTgE9tKV5B27q2o9QDktPEOG5wkzFh8Ug&rid=221cbaac-ab62-11eb-91aa-d094662c1c35&tt=Direct&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164871/i/57333099/0/pp/4/1?h=PXXscu1vxIeKyCahUybb7y-M5NoqaEY8XtfW9dXuiD-f_cYHTpD8AUHQFJ8u7wiC&rid=221cbaac-ab62-11eb-91aa-d094662c1c35&tt=Direct&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://berkas.co/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDQyY0I1cXR2QWo5&muidn=l42cB5qtvAj9 HTTP 302
https://cm.mgid.com/google?muidn=l42cB5qtvAj9&google_ula={guid},5&google_gid=CAESEMRwNdhDofS6GA0E9-OgB9w&google_cver=1

Request Chain 98

https://x.bidswitch.net/sync?dsp_id=303&user_id=l42cB5qtvAj9 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l42cB5qtvAj9 HTTP 302
https://jadserve.postrelease.com/suid/1011?vk=1660c54d-06c9-4eb7-ba1e-398ef1da0eb6

Request Chain 100

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=1388e825-f4fb-4bbe-a73b-3c13fe0fe60d

Request Chain 101

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=cc645e08-df38-46f4-a443-e26b86410ec8&ssp=mgid&user_group=1 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=1660c54d-06c9-4eb7-ba1e-398ef1da0eb6&gdpr=&gdpr_consent=&us_privacy=

Request Chain 102

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=ca01a8eb-ec15-46c3-b9fe-fc73dc3b7a9b&ttl=1622564354

Request Chain 103

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=og6APARDPUWuKk7O0ZGx&pi=mgid&tc=1

Request Chain 119

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1619972354682&ns_c=UTF-8&cv=3.5&c8=Untitled%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1619972354682&ns_c=UTF-8&cv=3.5&c8=Untitled%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&c9=

143 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request zV1kIZd6FW Show response
paste.co.id/ 85 KB
23 KB 6000ms
5906ms Document
text/html 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/zV1kIZd6FW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed / PHP/7.3.24
Resource Hash: 436845f0115705072e5de39f65e101ba10775334578ec1d0b209f1b857574f8c

Request headers

:method: GET
:authority: paste.co.id
:scheme: https
:path: /zV1kIZd6FW
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by: PHP/7.3.24
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
set-cookie: XSRF-TOKEN=eyJpdiI6IlVqaE1Mc1BQTFd5OGtoRmxkS2h1NlE9PSIsInZhbHVlIjoibHE5RHRDZmNsZ3BTam00dzZPYVRKcnF2ejFCTXBxUFlSUWczVzZWT1FoMmdSbmtnWlRxWWlKYkVxMTk5ZmJDbSIsIm1hYyI6IjIxMmQyYWY2ZGVhNjQ5ZTczMDJjOTBlZGZjMDE0ZjZkZDY4YmI5MzNkMWMwMzJkMzBiZWY5YzA3MDUzZTdmNjUifQ%3D%3D; expires=Sun, 02-May-2021 18:19:12 GMT; Max-Age=7200; path=/; secure pasteshr_session=eyJpdiI6IlZMNVRaTzFNb1BLXC8yenVRNzhYWHlRPT0iLCJ2YWx1ZSI6IjlPakpmUXllVzZhRkV6eHZWZTJtNG9FMmgzekpXb0lUdHlRUnYyMitsNnVPQ2JFQTNaTE9jR0VOT3l3R2xKcngiLCJtYWMiOiIwMWNkODdjMzJiYmFhMjkyMjJiZjViN2Y1OWY0Y2UyOGQ3NTcwYWI2ZDNhNDgwMDM0YTc4OGRmNThmNGM3M2RhIn0%3D; expires=Sun, 02-May-2021 18:19:12 GMT; Max-Age=7200; path=/; httponly; secure
content-encoding: br
vary: Accept-Encoding
date: Sun, 02 May 2021 16:19:12 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 22ms
21ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617
age: 3525708
cdn-cachedat: 2021-03-11 11:57:51
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09cf7980ca0000bf14ec95f000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 50f270cef956c80b14f61fa9ad96c573
cf-ray: 649291e14e79bf14-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-Q050 200 bootstrap.min.css
paste.co.id/css/ 138 KB
18 KB 140ms
73ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/bootstrap.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

:path: /css/bootstrap.min.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVqaE1Mc1BQTFd5OGtoRmxkS2h1NlE9PSIsInZhbHVlIjoibHE5RHRDZmNsZ3BTam00dzZPYVRKcnF2ejFCTXBxUFlSUWczVzZWT1FoMmdSbmtnWlRxWWlKYkVxMTk5ZmJDbSIsIm1hYyI6IjIxMmQyYWY2ZGVhNjQ5ZTczMDJjOTBlZGZjMDE0ZjZkZDY4YmI5MzNkMWMwMzJkMzBiZWY5YzA3MDUzZTdmNjUifQ%3D%3D; pasteshr_session=eyJpdiI6IlZMNVRaTzFNb1BLXC8yenVRNzhYWHlRPT0iLCJ2YWx1ZSI6IjlPakpmUXllVzZhRkV6eHZWZTJtNG9FMmgzekpXb0lUdHlRUnYyMitsNnVPQ2JFQTNaTE9jR0VOT3l3R2xKcngiLCJtYWMiOiIwMWNkODdjMzJiYmFhMjkyMjJiZjViN2Y1OWY0Y2UyOGQ3NTcwYWI2ZDNhNDgwMDM0YTc4OGRmNThmNGM3M2RhIn0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/zV1kIZd6FW
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/zV1kIZd6FW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
content-encoding: br
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 18785
expires: Sun, 09 May 2021 16:19:12 GMT

GET
H3-Q050 200 mdb.min.css
paste.co.id/css/ 226 KB
23 KB 120ms
53ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/mdb.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045

Request headers

:path: /css/mdb.min.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVqaE1Mc1BQTFd5OGtoRmxkS2h1NlE9PSIsInZhbHVlIjoibHE5RHRDZmNsZ3BTam00dzZPYVRKcnF2ejFCTXBxUFlSUWczVzZWT1FoMmdSbmtnWlRxWWlKYkVxMTk5ZmJDbSIsIm1hYyI6IjIxMmQyYWY2ZGVhNjQ5ZTczMDJjOTBlZGZjMDE0ZjZkZDY4YmI5MzNkMWMwMzJkMzBiZWY5YzA3MDUzZTdmNjUifQ%3D%3D; pasteshr_session=eyJpdiI6IlZMNVRaTzFNb1BLXC8yenVRNzhYWHlRPT0iLCJ2YWx1ZSI6IjlPakpmUXllVzZhRkV6eHZWZTJtNG9FMmgzekpXb0lUdHlRUnYyMitsNnVPQ2JFQTNaTE9jR0VOT3l3R2xKcngiLCJtYWMiOiIwMWNkODdjMzJiYmFhMjkyMjJiZjViN2Y1OWY0Y2UyOGQ3NTcwYWI2ZDNhNDgwMDM0YTc4OGRmNThmNGM3M2RhIn0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/zV1kIZd6FW
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/zV1kIZd6FW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
content-encoding: br
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 23078
expires: Sun, 09 May 2021 16:19:12 GMT

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/ 15 KB
2 KB 20ms
19ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/select2.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2001293
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1624
cf-request-id: 09cf7980cb0000c2900e80a000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-3b5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cUhYjWXdFZK7SwF7BI44DufPLgyQsMsk9y8d6NN02gSHABEBulKEQMlgcwls%2BBL9oqkXO45gxib1JOTW%2Fl2Znyuyaerkg89nYV%2FhvPbzV7kCsOXE6L6G%2FTmAKKswRyyGiA%3D%3D"}],"max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 649291e14a62c290-FRA
expires: Fri, 22 Apr 2022 16:19:12 GMT

GET
H3-Q050 200 special.min.css
paste.co.id/css/skins/ 3 KB
921 B 119ms
53ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/skins/special.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: d801a7aee4bfe2c958fd643f0cbeec4594298233004ada814fbff90eeb0b1c0b

Request headers

:path: /css/skins/special.min.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVqaE1Mc1BQTFd5OGtoRmxkS2h1NlE9PSIsInZhbHVlIjoibHE5RHRDZmNsZ3BTam00dzZPYVRKcnF2ejFCTXBxUFlSUWczVzZWT1FoMmdSbmtnWlRxWWlKYkVxMTk5ZmJDbSIsIm1hYyI6IjIxMmQyYWY2ZGVhNjQ5ZTczMDJjOTBlZGZjMDE0ZjZkZDY4YmI5MzNkMWMwMzJkMzBiZWY5YzA3MDUzZTdmNjUifQ%3D%3D; pasteshr_session=eyJpdiI6IlZMNVRaTzFNb1BLXC8yenVRNzhYWHlRPT0iLCJ2YWx1ZSI6IjlPakpmUXllVzZhRkV6eHZWZTJtNG9FMmgzekpXb0lUdHlRUnYyMitsNnVPQ2JFQTNaTE9jR0VOT3l3R2xKcngiLCJtYWMiOiIwMWNkODdjMzJiYmFhMjkyMjJiZjViN2Y1OWY0Y2UyOGQ3NTcwYWI2ZDNhNDgwMDM0YTc4OGRmNThmNGM3M2RhIn0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/zV1kIZd6FW
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/zV1kIZd6FW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
content-encoding: br
last-modified: Wed, 24 Apr 2019 12:08:22 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 776
expires: Sun, 09 May 2021 16:19:12 GMT

GET
H3-Q050 200 app.min.css
paste.co.id/css/ 648 B
263 B 139ms
73ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/app.min.css?v=1.2
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b

Request headers

:path: /css/app.min.css?v=1.2
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVqaE1Mc1BQTFd5OGtoRmxkS2h1NlE9PSIsInZhbHVlIjoibHE5RHRDZmNsZ3BTam00dzZPYVRKcnF2ejFCTXBxUFlSUWczVzZWT1FoMmdSbmtnWlRxWWlKYkVxMTk5ZmJDbSIsIm1hYyI6IjIxMmQyYWY2ZGVhNjQ5ZTczMDJjOTBlZGZjMDE0ZjZkZDY4YmI5MzNkMWMwMzJkMzBiZWY5YzA3MDUzZTdmNjUifQ%3D%3D; pasteshr_session=eyJpdiI6IlZMNVRaTzFNb1BLXC8yenVRNzhYWHlRPT0iLCJ2YWx1ZSI6IjlPakpmUXllVzZhRkV6eHZWZTJtNG9FMmgzekpXb0lUdHlRUnYyMitsNnVPQ2JFQTNaTE9jR0VOT3l3R2xKcngiLCJtYWMiOiIwMWNkODdjMzJiYmFhMjkyMjJiZjViN2Y1OWY0Y2UyOGQ3NTcwYWI2ZDNhNDgwMDM0YTc4OGRmNThmNGM3M2RhIn0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/zV1kIZd6FW
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/zV1kIZd6FW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
content-encoding: br
last-modified: Fri, 05 Jun 2020 17:06:52 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 217
expires: Sun, 09 May 2021 16:19:12 GMT

GET
H3-Q050 200 prism-okadia.css
paste.co.id/plugins/prismjs/ 13 KB
3 KB 140ms
74ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism-okadia.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6

Request headers

:path: /plugins/prismjs/prism-okadia.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVqaE1Mc1BQTFd5OGtoRmxkS2h1NlE9PSIsInZhbHVlIjoibHE5RHRDZmNsZ3BTam00dzZPYVRKcnF2ejFCTXBxUFlSUWczVzZWT1FoMmdSbmtnWlRxWWlKYkVxMTk5ZmJDbSIsIm1hYyI6IjIxMmQyYWY2ZGVhNjQ5ZTczMDJjOTBlZGZjMDE0ZjZkZDY4YmI5MzNkMWMwMzJkMzBiZWY5YzA3MDUzZTdmNjUifQ%3D%3D; pasteshr_session=eyJpdiI6IlZMNVRaTzFNb1BLXC8yenVRNzhYWHlRPT0iLCJ2YWx1ZSI6IjlPakpmUXllVzZhRkV6eHZWZTJtNG9FMmgzekpXb0lUdHlRUnYyMitsNnVPQ2JFQTNaTE9jR0VOT3l3R2xKcngiLCJtYWMiOiIwMWNkODdjMzJiYmFhMjkyMjJiZjViN2Y1OWY0Y2UyOGQ3NTcwYWI2ZDNhNDgwMDM0YTc4OGRmNThmNGM3M2RhIn0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/zV1kIZd6FW
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/zV1kIZd6FW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
content-encoding: br
last-modified: Tue, 29 Jan 2019 22:43:52 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3349
expires: Sun, 09 May 2021 16:19:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 48ms
25ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf3913065b4e4c05bbfe5b261b6227f79b5ae3b9ece80c90da9527e1b7920ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47851
x-xss-protection: 0
server: cafe
etag: 9950050495859225628
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 02 May 2021 16:19:12 GMT

GET
H2 200 3509488 Show response
inpagepush.com/400/ 82 KB
29 KB 121ms
52ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3509488

Requested by

Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

1be762ca8b026343f192db6cc5b13e8e8247204397b90e86bfd3efb7a8bc0f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: c02ac0a85f1bab11894a57f708a97853
pragma: no-cache
date: Sun, 02 May 2021 16:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK ntfc.php Show response
seeptoag.net/ 14 KB
6 KB 116ms
32ms Script
application/javascript 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/ntfc.php?p=3534037
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.209 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 031f00b22a8c37dc6f3a8ea8e33f3d958a579bb1fcddc00c9409a24d1e07c259

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 May 2021 16:19:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:48:57 GMT
Server: nginx
ETag: W/"6086a8a9-380b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H3-Q050 200 default-avatar.png
paste.co.id/img/ 7 KB
7 KB 72ms
69ms Image
image/png 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paste.co.id/img/default-avatar.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517

Request headers

:path: /img/default-avatar.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVqaE1Mc1BQTFd5OGtoRmxkS2h1NlE9PSIsInZhbHVlIjoibHE5RHRDZmNsZ3BTam00dzZPYVRKcnF2ejFCTXBxUFlSUWczVzZWT1FoMmdSbmtnWlRxWWlKYkVxMTk5ZmJDbSIsIm1hYyI6IjIxMmQyYWY2ZGVhNjQ5ZTczMDJjOTBlZGZjMDE0ZjZkZDY4YmI5MzNkMWMwMzJkMzBiZWY5YzA3MDUzZTdmNjUifQ%3D%3D; pasteshr_session=eyJpdiI6IlZMNVRaTzFNb1BLXC8yenVRNzhYWHlRPT0iLCJ2YWx1ZSI6IjlPakpmUXllVzZhRkV6eHZWZTJtNG9FMmgzekpXb0lUdHlRUnYyMitsNnVPQ2JFQTNaTE9jR0VOT3l3R2xKcngiLCJtYWMiOiIwMWNkODdjMzJiYmFhMjkyMjJiZjViN2Y1OWY0Y2UyOGQ3NTcwYWI2ZDNhNDgwMDM0YTc4OGRmNThmNGM3M2RhIn0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: paste.co.id
referer: https://paste.co.id/zV1kIZd6FW
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/zV1kIZd6FW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
last-modified: Wed, 28 Nov 2018 16:58:44 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6957
expires: Sun, 09 May 2021 16:19:12 GMT

GET
H2 200 paste.co.id.997452.js Show response
jsc.mgid.com/p/a/ 279 KB
69 KB 135ms
88ms Script
text/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eff3e7a084be3c610ab7c8e6f65f858cdcd98d797fa1a3051551b2c618165af

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
content-encoding: br
cf-cache-status: HIT
age: 3454
cf-polished: origSize=285671
last-modified: Sat, 24 Apr 2021 05:54:59 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EB0G96VDT7BSC3A5
x-amz-id-2: WFiL7zR+4utb7mEWm5ehIK0n/BbsfBigXn+qbBOs0idGg7/2jT0pGyFFFo8MQtOWMCjGq0uMyys=
cf-bgj: minify
server: cloudflare
etag: W/"a2e60b0a1a6d38111104a70d121a5f4d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 09cf7981d3000032c51aaa2000000001
cf-ray: 649291e2e92632c5-CDG
expires: Sun, 02 May 2021 19:19:12 GMT

GET
H2 200 paste.co.id.914924.js Show response
jsc.mgid.com/p/a/ 278 KB
69 KB 90ms
42ms Script
text/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c66349b55d5d119b585c2ddf90e9f934d4a2ea9277001e5276763b9db4d99ae7

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
content-encoding: br
cf-cache-status: HIT
age: 3454
cf-polished: origSize=285004
last-modified: Thu, 22 Apr 2021 10:47:26 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: PA38FM0919HEX2Z1
x-amz-id-2: YKQyMdxJhcppqsLGYQTUlRenuV+fGWvMCkJ6nsC8h8AJTQU1sm2wPPi+rgZKl/L7RRvMhGvmRro=
cf-bgj: minify
server: cloudflare
etag: W/"736e373c39b5239eab92f19d9014a4a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 09cf7981d4000032c5a03ca000000001
cf-ray: 649291e2e92b32c5-CDG
expires: Sun, 02 May 2021 19:19:12 GMT

GET
H/1.1 403
Forbidden /
www.qrcoder.co.uk/api/v1/ 0
0 153ms
34ms Image
text/html 109.203.125.88
NODE4-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.qrcoder.co.uk/api/v1/?size=4&text=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 109.203.125.88 , United Kingdom, ASN31727 (NODE4-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK logo.png
berkas.co/ds1/img/ 4 KB
4 KB 125ms
37ms Image
image/png 173.249.18.21
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://berkas.co/ds1/img/logo.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.249.18.21 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software: nginx/1.16.1 / RHZ SECURITY
Resource Hash: 5eb58957336c213965803eb8f38617c70deea70a22470a4e66a0712a870e9c09

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 16:19:12 GMT
ETag: "e5e-5a81d91e86dc0"
Last-Modified: Mon, 15 Jun 2020 11:17:19 GMT
Server: nginx/1.16.1
X-Powered-By: RHZ SECURITY
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3678

GET
H3-29 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
28 KB 13ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3524813
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
cf-request-id: 09cf79816100004a5cad988000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XqpGRK9hdgCeSB2%2BqPS8GiT5Rqep0piZSmn4TuUkNk6HdTgAj869UppY0IwRVIfipjEaa3RCI5mll9S3Yaio1Flxs1JWL%2BzhTpK3s2Z8gw7%2FKXEvEk4qE0qnZRhpuLh4qw%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 649291e23d0d4a5c-FRA
expires: Fri, 22 Apr 2022 16:19:12 GMT

GET
H3-Q050 200 bootstrap.min.js Show response
paste.co.id/js/ 50 KB
13 KB 37ms
37ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/bootstrap.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

:path: /js/bootstrap.min.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVqaE1Mc1BQTFd5OGtoRmxkS2h1NlE9PSIsInZhbHVlIjoibHE5RHRDZmNsZ3BTam00dzZPYVRKcnF2ejFCTXBxUFlSUWczVzZWT1FoMmdSbmtnWlRxWWlKYkVxMTk5ZmJDbSIsIm1hYyI6IjIxMmQyYWY2ZGVhNjQ5ZTczMDJjOTBlZGZjMDE0ZjZkZDY4YmI5MzNkMWMwMzJkMzBiZWY5YzA3MDUzZTdmNjUifQ%3D%3D; pasteshr_session=eyJpdiI6IlZMNVRaTzFNb1BLXC8yenVRNzhYWHlRPT0iLCJ2YWx1ZSI6IjlPakpmUXllVzZhRkV6eHZWZTJtNG9FMmgzekpXb0lUdHlRUnYyMitsNnVPQ2JFQTNaTE9jR0VOT3l3R2xKcngiLCJtYWMiOiIwMWNkODdjMzJiYmFhMjkyMjJiZjViN2Y1OWY0Y2UyOGQ3NTcwYWI2ZDNhNDgwMDM0YTc4OGRmNThmNGM3M2RhIn0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/zV1kIZd6FW
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/zV1kIZd6FW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
content-encoding: br
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13321
expires: Sun, 09 May 2021 16:19:12 GMT

GET
H3-Q050 200 mdb.min.js Show response
paste.co.id/js/ 204 KB
60 KB 52ms
48ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/mdb.min.js?v=2
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669

Request headers

:path: /js/mdb.min.js?v=2
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVqaE1Mc1BQTFd5OGtoRmxkS2h1NlE9PSIsInZhbHVlIjoibHE5RHRDZmNsZ3BTam00dzZPYVRKcnF2ejFCTXBxUFlSUWczVzZWT1FoMmdSbmtnWlRxWWlKYkVxMTk5ZmJDbSIsIm1hYyI6IjIxMmQyYWY2ZGVhNjQ5ZTczMDJjOTBlZGZjMDE0ZjZkZDY4YmI5MzNkMWMwMzJkMzBiZWY5YzA3MDUzZTdmNjUifQ%3D%3D; pasteshr_session=eyJpdiI6IlZMNVRaTzFNb1BLXC8yenVRNzhYWHlRPT0iLCJ2YWx1ZSI6IjlPakpmUXllVzZhRkV6eHZWZTJtNG9FMmgzekpXb0lUdHlRUnYyMitsNnVPQ2JFQTNaTE9jR0VOT3l3R2xKcngiLCJtYWMiOiIwMWNkODdjMzJiYmFhMjkyMjJiZjViN2Y1OWY0Y2UyOGQ3NTcwYWI2ZDNhNDgwMDM0YTc4OGRmNThmNGM3M2RhIn0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/zV1kIZd6FW
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/zV1kIZd6FW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
content-encoding: br
last-modified: Tue, 29 Jan 2019 22:15:46 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 60877
expires: Sun, 09 May 2021 16:19:12 GMT

GET
H3-29 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/ 65 KB
16 KB 16ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/select2.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3523921
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15668
cf-request-id: 09cf7981a100004a5cd08d1000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-1042e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CbvLjQJmYUqSEIGtcvkc%2Fe9vt5zZtYIE84vyGrD6RV%2BEbnSrrfvrEiw%2BEiY5GkdPr9Xvk4k0aIEN%2B%2FWjutSzm8nLK%2FH55eH4uBxLA9DKxQYfPHXRI0lfbxH4uOonxrXUPQ%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 649291e29dcf4a5c-FRA
expires: Fri, 22 Apr 2022 16:19:12 GMT

GET
H3-Q050 200 ads.js Show response
paste.co.id/js/ 22 B
68 B 72ms
68ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/ads.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140

Request headers

:path: /js/ads.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVqaE1Mc1BQTFd5OGtoRmxkS2h1NlE9PSIsInZhbHVlIjoibHE5RHRDZmNsZ3BTam00dzZPYVRKcnF2ejFCTXBxUFlSUWczVzZWT1FoMmdSbmtnWlRxWWlKYkVxMTk5ZmJDbSIsIm1hYyI6IjIxMmQyYWY2ZGVhNjQ5ZTczMDJjOTBlZGZjMDE0ZjZkZDY4YmI5MzNkMWMwMzJkMzBiZWY5YzA3MDUzZTdmNjUifQ%3D%3D; pasteshr_session=eyJpdiI6IlZMNVRaTzFNb1BLXC8yenVRNzhYWHlRPT0iLCJ2YWx1ZSI6IjlPakpmUXllVzZhRkV6eHZWZTJtNG9FMmgzekpXb0lUdHlRUnYyMitsNnVPQ2JFQTNaTE9jR0VOT3l3R2xKcngiLCJtYWMiOiIwMWNkODdjMzJiYmFhMjkyMjJiZjViN2Y1OWY0Y2UyOGQ3NTcwYWI2ZDNhNDgwMDM0YTc4OGRmNThmNGM3M2RhIn0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/zV1kIZd6FW
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/zV1kIZd6FW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
last-modified: Sat, 14 Mar 2020 00:25:06 GMT
server: LiteSpeed
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 22
expires: Sun, 09 May 2021 16:19:12 GMT

GET
H3-Q050 200 app.min.js Show response
paste.co.id/js/ 1 KB
688 B 72ms
68ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/app.min.js?v=1.5
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93

Request headers

:path: /js/app.min.js?v=1.5
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVqaE1Mc1BQTFd5OGtoRmxkS2h1NlE9PSIsInZhbHVlIjoibHE5RHRDZmNsZ3BTam00dzZPYVRKcnF2ejFCTXBxUFlSUWczVzZWT1FoMmdSbmtnWlRxWWlKYkVxMTk5ZmJDbSIsIm1hYyI6IjIxMmQyYWY2ZGVhNjQ5ZTczMDJjOTBlZGZjMDE0ZjZkZDY4YmI5MzNkMWMwMzJkMzBiZWY5YzA3MDUzZTdmNjUifQ%3D%3D; pasteshr_session=eyJpdiI6IlZMNVRaTzFNb1BLXC8yenVRNzhYWHlRPT0iLCJ2YWx1ZSI6IjlPakpmUXllVzZhRkV6eHZWZTJtNG9FMmgzekpXb0lUdHlRUnYyMitsNnVPQ2JFQTNaTE9jR0VOT3l3R2xKcngiLCJtYWMiOiIwMWNkODdjMzJiYmFhMjkyMjJiZjViN2Y1OWY0Y2UyOGQ3NTcwYWI2ZDNhNDgwMDM0YTc4OGRmNThmNGM3M2RhIn0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/zV1kIZd6FW
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/zV1kIZd6FW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
content-encoding: br
last-modified: Sat, 14 Mar 2020 00:34:12 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 639
expires: Sun, 09 May 2021 16:19:12 GMT

GET
H3-Q050 200 prism.js Show response
paste.co.id/plugins/prismjs/ 328 KB
115 KB 73ms
69ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a

Request headers

:path: /plugins/prismjs/prism.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IlVqaE1Mc1BQTFd5OGtoRmxkS2h1NlE9PSIsInZhbHVlIjoibHE5RHRDZmNsZ3BTam00dzZPYVRKcnF2ejFCTXBxUFlSUWczVzZWT1FoMmdSbmtnWlRxWWlKYkVxMTk5ZmJDbSIsIm1hYyI6IjIxMmQyYWY2ZGVhNjQ5ZTczMDJjOTBlZGZjMDE0ZjZkZDY4YmI5MzNkMWMwMzJkMzBiZWY5YzA3MDUzZTdmNjUifQ%3D%3D; pasteshr_session=eyJpdiI6IlZMNVRaTzFNb1BLXC8yenVRNzhYWHlRPT0iLCJ2YWx1ZSI6IjlPakpmUXllVzZhRkV6eHZWZTJtNG9FMmgzekpXb0lUdHlRUnYyMitsNnVPQ2JFQTNaTE9jR0VOT3l3R2xKcngiLCJtYWMiOiIwMWNkODdjMzJiYmFhMjkyMjJiZjViN2Y1OWY0Y2UyOGQ3NTcwYWI2ZDNhNDgwMDM0YTc4OGRmNThmNGM3M2RhIn0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/zV1kIZd6FW
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/zV1kIZd6FW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
content-encoding: br
last-modified: Sat, 24 Nov 2018 17:17:38 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 117930
expires: Sun, 09 May 2021 16:19:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 32ms
28ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-174907544-1

Requested by

Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c718830a02116b19aeb65a9e8338c48c77f45968b75dabe71048cd0e606b6259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35852
x-xss-protection: 0
last-modified: Sun, 02 May 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 May 2021 16:19:12 GMT

GET
H2 200 tag.min.js Show response
iclickcdn.com/ 56 KB
19 KB 42ms
17ms Script
application/javascript 2606:4700:20::ac43:4b09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iclickcdn.com/tag.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 237b757471e0eda4c69dd3b31f44fc91f1b5ce56054617260250ec763ad89cd6

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
timing-allow-origin: *
age: 68025
access-control-allow-methods: GET, POST, OPTIONS
cf-request-id: 09cf7981b900004e087890d000000001
x-trace-id: eba7c063fc0641b0018929d9efb7260b
pragma: no-cache
last-modified: Fri, 30 Apr 2021 13:05:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pslPwSMIP%2BQj0mgtDC4ny39ciik7bUZc8UWsCrFhG4hsKSSZlxHAzm119CKvnR3i%2B8x3ErDJ0kf3KjPDAWjOECwqVkPwyZl6yCFQeWYNUK52gaHvhHJ15ebA"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 649291e2cfa94e08-FRA
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Sun, 02 May 2021 21:25:27 GMT

GET
H3-Q050 200 Roboto-Light.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 69ms
67ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Light.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75

Request headers

sec-fetch-mode: cors
origin: https://paste.co.id
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6IlVqaE1Mc1BQTFd5OGtoRmxkS2h1NlE9PSIsInZhbHVlIjoibHE5RHRDZmNsZ3BTam00dzZPYVRKcnF2ejFCTXBxUFlSUWczVzZWT1FoMmdSbmtnWlRxWWlKYkVxMTk5ZmJDbSIsIm1hYyI6IjIxMmQyYWY2ZGVhNjQ5ZTczMDJjOTBlZGZjMDE0ZjZkZDY4YmI5MzNkMWMwMzJkMzBiZWY5YzA3MDUzZTdmNjUifQ%3D%3D; pasteshr_session=eyJpdiI6IlZMNVRaTzFNb1BLXC8yenVRNzhYWHlRPT0iLCJ2YWx1ZSI6IjlPakpmUXllVzZhRkV6eHZWZTJtNG9FMmgzekpXb0lUdHlRUnYyMitsNnVPQ2JFQTNaTE9jR0VOT3l3R2xKcngiLCJtYWMiOiIwMWNkODdjMzJiYmFhMjkyMjJiZjViN2Y1OWY0Y2UyOGQ3NTcwYWI2ZDNhNDgwMDM0YTc4OGRmNThmNGM3M2RhIn0%3D
:path: /font/roboto/Roboto-Light.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: paste.co.id
referer: https://paste.co.id/css/mdb.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 49380
expires: Sun, 09 May 2021 16:19:12 GMT

GET
H3-29 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 29ms
18ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://paste.co.id
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617, 617
age: 609001
cdn-cachedat: 2021-04-25 14:59:11
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
cf-request-id: 09cf7981ae0000dfd31aad6000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: ad23ed6858a4b4a150ba80a4f4e1ddc8
accept-ranges: bytes
cf-ray: 649291e2a9e3dfd3-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-Q050 200 Roboto-Regular.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 68ms
67ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Regular.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0

Request headers

sec-fetch-mode: cors
origin: https://paste.co.id
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6IlVqaE1Mc1BQTFd5OGtoRmxkS2h1NlE9PSIsInZhbHVlIjoibHE5RHRDZmNsZ3BTam00dzZPYVRKcnF2ejFCTXBxUFlSUWczVzZWT1FoMmdSbmtnWlRxWWlKYkVxMTk5ZmJDbSIsIm1hYyI6IjIxMmQyYWY2ZGVhNjQ5ZTczMDJjOTBlZGZjMDE0ZjZkZDY4YmI5MzNkMWMwMzJkMzBiZWY5YzA3MDUzZTdmNjUifQ%3D%3D; pasteshr_session=eyJpdiI6IlZMNVRaTzFNb1BLXC8yenVRNzhYWHlRPT0iLCJ2YWx1ZSI6IjlPakpmUXllVzZhRkV6eHZWZTJtNG9FMmgzekpXb0lUdHlRUnYyMitsNnVPQ2JFQTNaTE9jR0VOT3l3R2xKcngiLCJtYWMiOiIwMWNkODdjMzJiYmFhMjkyMjJiZjViN2Y1OWY0Y2UyOGQ3NTcwYWI2ZDNhNDgwMDM0YTc4OGRmNThmNGM3M2RhIn0%3D
:path: /font/roboto/Roboto-Regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: paste.co.id
referer: https://paste.co.id/css/mdb.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 49236
expires: Sun, 09 May 2021 16:19:12 GMT

GET
H3-Q050 200 Roboto-Bold.woff2
paste.co.id/font/roboto/ 49 KB
49 KB 62ms
61ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Bold.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716

Request headers

sec-fetch-mode: cors
origin: https://paste.co.id
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6IlVqaE1Mc1BQTFd5OGtoRmxkS2h1NlE9PSIsInZhbHVlIjoibHE5RHRDZmNsZ3BTam00dzZPYVRKcnF2ejFCTXBxUFlSUWczVzZWT1FoMmdSbmtnWlRxWWlKYkVxMTk5ZmJDbSIsIm1hYyI6IjIxMmQyYWY2ZGVhNjQ5ZTczMDJjOTBlZGZjMDE0ZjZkZDY4YmI5MzNkMWMwMzJkMzBiZWY5YzA3MDUzZTdmNjUifQ%3D%3D; pasteshr_session=eyJpdiI6IlZMNVRaTzFNb1BLXC8yenVRNzhYWHlRPT0iLCJ2YWx1ZSI6IjlPakpmUXllVzZhRkV6eHZWZTJtNG9FMmgzekpXb0lUdHlRUnYyMitsNnVPQ2JFQTNaTE9jR0VOT3l3R2xKcngiLCJtYWMiOiIwMWNkODdjMzJiYmFhMjkyMjJiZjViN2Y1OWY0Y2UyOGQ3NTcwYWI2ZDNhNDgwMDM0YTc4OGRmNThmNGM3M2RhIn0%3D
:path: /font/roboto/Roboto-Bold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: paste.co.id
referer: https://paste.co.id/css/mdb.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 49976
expires: Sun, 09 May 2021 16:19:12 GMT

GET
H2 200 / Show response
bedrapiona.com/5/3724584/ 3 KB
2 KB 165ms
96ms XHR
application/json 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/3724584/?oo=1
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: ab96466cc0eed815ad3b3940fe7c9d64859162a835001798ccb5b14c8fa97f8e

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: bc9400e9d594f39cc87d48efe72b1026
pragma: no-cache, no-cache
date: Sun, 02 May 2021 16:19:08 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://paste.co.id
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/ 223 KB
82 KB 46ms
32ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4712388827405335&plah=paste.co.id&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09a0099bf7fefd4d080249360f6a41730158897b2c1613fe50eea9c5520eb9d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84347
x-xss-protection: 0
server: cafe
etag: 8033165652557143678
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 02 May 2021 16:19:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/ Frame A15E 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210428/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 02 May 2021 01:20:46 GMT
expires: Sun, 16 May 2021 01:20:46 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 53906
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b24778ddf954b52d774d1620e1f7a371a0366c6b431cb979c11e0bf4fc6caa5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 02 May 2021 16:07:42 GMT
server: ESF
date: Sun, 02 May 2021 16:19:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 May 2021 16:19:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
642 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 02 May 2021 16:13:42 GMT
server: ESF
date: Sun, 02 May 2021 16:19:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 May 2021 16:19:12 GMT

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 27ms
26ms Image
image/svg+xml 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
content-encoding: br
cf-cache-status: HIT
age: 4943
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: B9201827F81D32DC
x-amz-id-2: oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-request-id: 09cf7982c2000032c5282e1000000001
cf-ray: 649291e46c9732c5-CDG
expires: Mon, 03 May 2021 16:19:12 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
812 B 28ms
27ms Image
image/svg+xml 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
content-encoding: br
cf-cache-status: HIT
age: 4943
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 1D76EA8A206ECCA7
x-amz-id-2: lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-request-id: 09cf7982c1000032c5a03e4000000001
cf-ray: 649291e46c9632c5-CDG
expires: Mon, 03 May 2021 16:19:12 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 532ebb63b21f25cd2321d533fa378e22801af099c6b8b115d66f5fb2a9b9f482

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK zone Show response
seeptoag.net/ 716 B
1 KB 33ms
32ms Fetch
application/json 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/zone?pub=0&zone_id=3534037&is_mobile=false&domain=paste.co.id&var=&ymid=&var_3=

Requested by

Host: seeptoag.net
URL: https://seeptoag.net/ntfc.php?p=3534037

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.209 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

0dc6aef7c3dc6c0d650db4782562b66a26ef4c9a0a9c7f80ba0117e1cbce20ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Trace-Id: 1b56fe5854f89e7847f2689856c9ea0f
Date: Sun, 02 May 2021 16:19:08 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 716

GET
H/1.1 200
OK universal.min.js Show response
seeptoag.net/pfe/current/ 107 KB
38 KB 141ms
53ms Fetch
application/javascript 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/pfe/current/universal.min.js?v=3.1.291
Requested by: Host: seeptoag.net
URL: https://seeptoag.net/ntfc.php?p=3534037
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.209 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 62dadcf91b790af18b75663d3b07dc5099824148a32cc71c8e4d8fa99aabc745

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 May 2021 16:19:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:48:57 GMT
Server: nginx
ETag: W/"6086a8a9-1ab55"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 10:13:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 194744
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Sat, 30 Apr 2022 10:13:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 12:08:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 187831
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Sat, 30 Apr 2022 12:08:41 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:15:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 500632
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 26 Apr 2022 21:15:20 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
307 B 78ms
76ms Script
text/plain 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=161997235290257203555&uniqId=07d32&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&lu=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&pageView=1&site=414527&pvid=1792de06b879d352581&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 649291e5bfa832c5-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09cf798390000032c595a99000000001

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 01:50:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 484115
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Wed, 27 Apr 2022 01:50:37 GMT

GET
H2 200 3724582 Show response
inpagepush.com/400/ 82 KB
29 KB 40ms
39ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3724582

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

846bc7f337382bd3a247081330309cf752863530de9e50e052ecbfbc4e94cb88

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 8d6c6dd3fdf1f22d6450adbd0e369d9f
pragma: no-cache
date: Sun, 02 May 2021 16:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK tag.min.js Show response
pseepsie.com/pfe/current/ 14 KB
6 KB 100ms
32ms Script
application/javascript 139.45.196.136
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pseepsie.com/pfe/current/tag.min.js?z=4022315
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.136 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7c45c9bf3189b8c7a74c01957bd346d229e623aaa4cc215560499e83887b2d10

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 May 2021 16:19:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:48:58 GMT
Server: nginx
ETag: W/"6086a8aa-380a"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 1 Show response
toglooman.com/ 7 KB
4 KB 107ms
35ms Script
text/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/1?z=3724583
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 2c2d57216a359c0920452ad7672378b025c79ba102e6edd9f3616232c63210b0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:12 GMT
content-encoding: gzip
x-sc: J3UEk_vzg7p-yX0M4RgNHjCHXlX9Wl8GnwywtuSkiIxbtHLvXN2-7bb4Z59UgMEyIh2K0fd2NGlkNn3IhL_GITqm31s=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fac.php Show response
onmarshtompor.com/ Frame 3F7F 203 B
811 B 101ms
32ms Document
text/html 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/fac.php?OAID=6f5dd06c00e6478a950302e9f169f910&oaidts=1619972352

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

cb3bf642ca0b9894a1bf34fc3b5bbaaa29d66736e8e954a044d0efae153064ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onmarshtompor.com
:scheme: https
:path: /fac.php?OAID=6f5dd06c00e6478a950302e9f169f910&oaidts=1619972352
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

server: nginx
date: Sun, 02 May 2021 16:19:12 GMT
content-type: text/html; charset=utf8
content-length: 203
x-trace-id: c228b5b40985819575adf6fcdd713234
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
set-cookie: OAID=6f5dd06c00e6478a950302e9f169f910; expires=Mon, 02 May 2022 16:19:13 GMT; path=/; secure; SameSite=None oaidts=1619972352; expires=Mon, 02 May 2022 16:19:13 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff

GET
H3-29 200 / Show response
c.mgid.com/pv/ 0
504 B 155ms
129ms Script
text/plain 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?w=844&h=249&cols=2&pv=5&cbuster=161997235303162328111&uniqId=08b2d&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&lu=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&pageView=0&site=414527&pvid=1792de06c07a86240b6&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:13 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 649291e6a9f9bd72-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09cf79842a0000bd72d2052000000001

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 88ms
86ms Script
application/x-javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?pv=5&cbuster=1619972353111869296013&uniqId=07d32&niet=4g&nisd=false&w=840&h=233&p3_w=201&p3_h=189&maxw_3=201&maxh_3=189&cols=4&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&lu=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&pageView=1&pvid=1792de06c57adabf7f7&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577e621432e58b2045d157f4e4cd7892763daa7271b98ff95647c5331d260de7

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 649291e70ace32c5-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09cf798464000032c537874000000001

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 92ms
91ms Script
application/x-javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?w=840&h=233&p3_w=201&p3_h=189&maxw_3=201&maxh_3=189&cols=4&pv=5&cbuster=1619972353116598077359&uniqId=0b828&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&lu=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&pageView=0&pvid=1792de06c5c80581e33&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de0098b453750bb7beaedbd260a54dcee38b3e077869350ec9378a7102dd652d

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 649291e70ad032c5-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09cf798464000032c581039000000001

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
640 B 126ms
61ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=paste.co.id&callback=_gfp_s_&client=ca-pub-4712388827405335

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4712388827405335&plah=paste.co.id&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

b8c0fab01b7993a3f88a8a2c25db50f8457c41860dd36e3c7969302dcaf0bd8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 37ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=paste.co.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 16:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 36ms
14ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paste.co.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 16:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1F9F 3 KB
833 B 80ms
79ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1619972353&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619972352576&bpp=14&bdt=397&idt=575&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2569118628412&frm=20&pv=2&ga_vid=1878121015.1619972353&ga_sid=1619972353&ga_hid=2052978829&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957%2C21065725&oid=3&pvsid=1586645955250515&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=602

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2b6540fc10171c39f905869a1551d7685c585c791de358235a1431cae75632a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1619972353&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619972352576&bpp=14&bdt=397&idt=575&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2569118628412&frm=20&pv=2&ga_vid=1878121015.1619972353&ga_sid=1619972353&ga_hid=2052978829&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957%2C21065725&oid=3&pvsid=1586645955250515&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=602
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 02 May 2021 16:19:13 GMT
server: cafe
content-length: 630
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 02-May-2021 16:34:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 02 May 2021 16:19:13 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619782026698183"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27954
x-xss-protection: 0
expires: Sun, 02 May 2021 16:19:13 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 104ms
39ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

585551bc7b5fa153d86f9c27f754f1d06292bf9393dce87d3862bee66ce41181

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:09 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 80ms
79ms Script
application/x-javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?w=255&h=430&p3_w=90&p3_h=183&maxw_3=90&maxh_3=183&cols=2&pv=5&cbuster=1619972353200593282929&uniqId=10699&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&lu=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&pageView=0&pvid=1792de06cb098df8b0a&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfca681ab67c23df82e652f1e5959f8e519385f8fba0266eb6f504389770ee4c

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 649291e78c3e32c5-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09cf7984b8000032c581040000000001

GET
H2 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/ 10 KB
4 KB 15ms
14ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/plugins/prismjs/prism.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3524780
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2905
cf-request-id: 09cf79863c0000c29007195000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e29-29a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GxrwxMyTjQiANHf4MBR8CrTAuMgvyw8sbEOgCopKHxZMiTUpCFIQrwhCyobKb%2BWCrEFQT7HIV6sxQMHTiAmpgox%2BTYFJs%2BX%2BczMTkSLUDZDQXmBNwd6mDlRDs%2BT3QIV12g%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 649291e9f878c290-FRA
expires: Fri, 22 Apr 2022 16:19:13 GMT

OPTIONS
H2 200 3509488
inpagepush.com/500/ Frame 0
0 143ms
39ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3509488?excludes=&oaid=5e2c94edfde74edeb931209636527d3e&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 02 May 2021 16:19:13 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://paste.co.id
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 3509488 Show response
inpagepush.com/500/ 4 KB
3 KB 145ms
142ms XHR
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

a27d4fc52ed53701780f86f13dbfe1f484494b71f4209e624642ea785ed1487d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 109584d63aad1a0d5c61ec14d502d5f0
pragma: no-cache
date: Sun, 02 May 2021 16:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

POST
H2 200 get-paste Show response
paste.co.id/ 8 KB
3 KB 682ms
682ms XHR
application/json 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/get-paste
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed / PHP/7.3.24
Resource Hash: 2ab478e9edb837aa679a4ed9a14eb909410ae11c6a88aa5336d1dc12b4addf39

Request headers

sec-fetch-mode: cors
origin: https://paste.co.id
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22Mh1GLvqa1%22%7D%2C%22C914924%22%3A%7B%22page%22%3A1%7D%2C%22C997452%22%3A%7B%22page%22%3A1%7D%7D; __PPU_BACKCLCK_3724584=true
content-length: 63
:path: /get-paste
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: paste.co.id
referer: https://paste.co.id/zV1kIZd6FW
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://paste.co.id/zV1kIZd6FW
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 02 May 2021 16:19:14 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.24
vary: Accept-Encoding
content-type: application/json
x-ratelimit-remaining: 58
cache-control: no-cache, private
x-ratelimit-limit: 60
set-cookie: XSRF-TOKEN=eyJpdiI6Inc3dXluUUl0clBkQ29lSlRvdjdaTEE9PSIsInZhbHVlIjoiT0c4eHViK2xpXC8wS1JySXd2RTg1S3hIbnJVdzhaQjRFbzdJYnRsb2Q0Y0RBRWJpeFUzcVo1MmtlTDhka1Nzd0siLCJtYWMiOiJkYTkwNDAzZmVjYjE3MTQwNjYxM2YxOTU1NmFlZTEwMzM2ZTY4NGExNmI0ODk2Y2ZjNTU3MzFmMTI5NmZiYjcxIn0%3D; expires=Sun, 02-May-2021 18:19:14 GMT; Max-Age=7200; path=/; secure pasteshr_session=eyJpdiI6IkdzSk9rMkRrNGNLMkpJaDh4WU1aNlE9PSIsInZhbHVlIjoibTk0cFpVRGptZHdoVVwvM0dkTmJHVUE3TkhBMUp1dm1ueFpEMHB3UWEwb2Njb3JueUpWSmxqU2RTdUNPSk5vcVciLCJtYWMiOiIzYTk0Zjk1ZTg0ODQwODVjOGJkZGQyNDFiOTk5ZTg2ZjcyNWY2NzY5Yjk4NjczZjUwYTc1NmUxOGRjNzE0YTI2In0%3D; expires=Sun, 02-May-2021 18:19:14 GMT; Max-Age=7200; path=/; httponly; secure
content-length: 2507

GET
H/1.1 200
OK zone Show response
pseepsie.com/ 685 B
1 KB 35ms
34ms Fetch
application/json 139.45.196.136
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pseepsie.com/zone?pub=0&zone_id=4022315&is_mobile=false&domain=paste.co.id&var=&ymid=&var_3=

Requested by

Host: pseepsie.com
URL: https://pseepsie.com/pfe/current/tag.min.js?z=4022315

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.136 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bc302d3edfd14d6811c7dfe618531da49f9b67bb6c997ee88c993e9ca06529c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Trace-Id: 30626dc592e512293d42820459aa5a31
Date: Sun, 02 May 2021 16:19:13 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 685

GET
H/1.1 200
OK universal.min.js Show response
pseepsie.com/pfe/current/ 107 KB
38 KB 127ms
52ms Fetch
application/javascript 139.45.196.136
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pseepsie.com/pfe/current/universal.min.js?v=3.1.291
Requested by: Host: pseepsie.com
URL: https://pseepsie.com/pfe/current/tag.min.js?z=4022315
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.136 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 62dadcf91b790af18b75663d3b07dc5099824148a32cc71c8e4d8fa99aabc745

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 May 2021 16:19:13 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:48:58 GMT
Server: nginx
ETag: W/"6086a8aa-1ab55"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 133c8b2bfade2c96683819a208a36ab3 Show response
toglooman.com/27/ 361 KB
119 KB 41ms
41ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://toglooman.com/27/133c8b2bfade2c96683819a208a36ab3

Requested by

Host: toglooman.com
URL: https://toglooman.com/1?z=3724583

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d32e38a74e431b76f4fe7fef3483ebe3aa2db680ee34b5c4ac48034fcdfcd451

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 30 Apr 2021 07:24:52 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age:290304000, public
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Fri, 30 May 2081 07:24:52 GMT

GET
H2 200 38 Show response
toglooman.com/42/ 0
495 B 81ms
80ms Script
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/42/38?z=3724583
Requested by: Host: toglooman.com
URL: https://toglooman.com/1?z=3724583
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:12 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137362802-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-174907544-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2713931e789c433f2ddd4f75f835064fb7ffcf477205ad25fced0f10c04a6c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35864
x-xss-protection: 0
last-modified: Sun, 02 May 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 May 2021 16:19:13 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
1 KB 84ms
76ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1619972353707780685940
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c74a8778f0a6a69b0af79a40e697d5657171d91181d614670da64aaa78ba0fd9

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 71680329-dfa9-4a2e-8fbd-e1e03ec02a0d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 649291eacc6b32c5-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09cf7986bc000032c534067000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame E820 19 B
377 B 92ms
88ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1619972353712153807524
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 8e5e972e-936e-4544-9884-460768557798
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 649291eacc6532c5-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09cf7986bc000032c55d396000000001
server: cloudflare

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 773ms
255ms Script
application/javascript 99.86.149.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.149.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:08:21 GMT
via: 1.1 4e16085986bd3a978979f670daedf235.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 653
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ICN51-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: sD6NgiYtXfjlL-GkhdFsokpEWlz2G7QFXJ15O0YZtmIQ6QFvc9QVfg==

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0LzMwZTFkZDE0NjhhNDUxMjZkNWQzM2RhNjYxODI5ZTRhLmpwZWc.webp
s-img.mgid.com/g/8164901/492x328/0x65x849x566/ 14 KB
14 KB 34ms
32ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164901/492x328/0x65x849x566/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0LzMwZTFkZDE0NjhhNDUxMjZkNWQzM2RhNjYxODI5ZTRhLmpwZWc.webp?v=1619972353-4hTy8iWCA52Uiryh3FF6NfjRziZlKb8EEJ9m80GVbio
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf10a3f6fdcb1babbab751e304b4cffca3ccbc67ec9090fe0a529e07211a1b08

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:13 GMT
cf-cache-status: HIT
x-mg-request-uuid: 1e14d4d3-3262-46eb-936e-9b89d498d47e
age: 818637
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14222
cf-request-id: 09cf7986bc000032c529ab8000000001
last-modified: Mon, 08 Feb 2021 10:20:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 649291eacc6e32c5-CDG

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0Lzc4NzAwMjJjM2IzMDY0YTBhMzdhZDAzNTVlNzEyMzcwLmpwZw.webp
s-img.mgid.com/g/8164899/492x328/0x39x564x376/ 29 KB
29 KB 32ms
30ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164899/492x328/0x39x564x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDEvMTAxOTI0Lzc4NzAwMjJjM2IzMDY0YTBhMzdhZDAzNTVlNzEyMzcwLmpwZw.webp?v=1619972353-RHZAdy9pwiPvrG7hnr3_2nr-b6K-vOl4gK6gV4zhqJg
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02f4e744bf2d5c62fdf46c942adb8eaeba1cb799c8cbd08c8b3406e3cdf2bb6c

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:13 GMT
cf-cache-status: HIT
x-mg-request-uuid: e520729f-84d5-4daf-9dda-2a6292c1d5c9
age: 818644
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29856
cf-request-id: 09cf7986bd000032c585b8c000000001
last-modified: Mon, 08 Feb 2021 10:20:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 649291eacc7032c5-CDG

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMDYvMTAxOTI0LzE5YjgxMGNjNjc1ZWFmN2NlYzU3MDk0Zjc2MDRkYjVhLmpwZWc_dD0xNTA5OTc5NzM4NTg1.webp
s-img.mgid.com/g/8164919/492x328/0x89x598x398/ 26 KB
27 KB 35ms
33ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164919/492x328/0x89x598x398/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMDYvMTAxOTI0LzE5YjgxMGNjNjc1ZWFmN2NlYzU3MDk0Zjc2MDRkYjVhLmpwZWc_dD0xNTA5OTc5NzM4NTg1.webp?v=1619972353-roHPGnrvUiFVHEt0mWU_012j4tfgZqQwoIBDNP7f7wI
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd11bcd9d35d4460505907fd1f0f94f30a41a57dbd61226217581b050ef3bc2

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:13 GMT
cf-cache-status: HIT
x-mg-request-uuid: 38576263-13f8-4c39-ba36-f6ae51ac1176
age: 818574
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26994
cf-request-id: 09cf7986bd000032c51ab20000000001
last-modified: Mon, 08 Feb 2021 10:20:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 649291eacc7232c5-CDG

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp
s-img.mgid.com/g/8164865/492x328/0x0x900x600/ 21 KB
22 KB 28ms
26ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164865/492x328/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp?v=1619972353-qOrsk3Y7fnhHGifZGe8by56Wp2IgEQ1ckEgZYMVZQHM
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbe28a1b807c1e7e6c98e4c5900817dc26fe9ee04cd549d97c9cdb057003ab78

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:13 GMT
cf-cache-status: HIT
x-mg-request-uuid: 6076d8da-21b5-43f5-a52c-bfcdaa40ce58
age: 818628
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21892
cf-request-id: 09cf7986bc000032c550905000000001
last-modified: Mon, 08 Feb 2021 10:20:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 649291eacc6d32c5-CDG

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC81ZmJjMTMyYmJjMWZkMGIxM...
s-img.mgid.com/g/8193517/492x328/-/ 22 KB
23 KB 37ms
36ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193517/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC81ZmJjMTMyYmJjMWZkMGIxMWFhNGRiZDdlMjAwZGQ0Ny5qcGc.webp?v=1619972353-2NwUxX2PY5Z8Togf28Qvddc_y1mheH1UZXFVUBJOEPQ
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f54cfc3ffc7283b374cf04246ea62c1f5067f10843a962fcc5ed4462b324868e

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:13 GMT
cf-cache-status: HIT
x-mg-request-uuid: 401616d2-dbc7-41c0-ab31-1b84130d732e
age: 818618
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22928
cf-request-id: 09cf7986cd000032c56e09a000000001
last-modified: Wed, 10 Feb 2021 07:15:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 649291eaeca032c5-CDG

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDUtMTIvMTAxOTI0L2U0N2RhZTAzYzdhYzkxOWFiODQyYjZiNmRlY2MxYjk5LmpwZz90PTE1MjYxMTA2NDk5NTQ.webp
s-img.mgid.com/g/8193488/492x328/37x48x1439x959/ 26 KB
26 KB 41ms
40ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193488/492x328/37x48x1439x959/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDUtMTIvMTAxOTI0L2U0N2RhZTAzYzdhYzkxOWFiODQyYjZiNmRlY2MxYjk5LmpwZz90PTE1MjYxMTA2NDk5NTQ.webp?v=1619972353-YKOmfsHXlqlxEMNrYjqFU9GNdr7j2rAdro3SS-bmxrs
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a189243fe4d6bd3413c8c476d1a9b039763ff0e759bc42df5c4bbc6ddeaf794f

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:13 GMT
cf-cache-status: HIT
x-mg-request-uuid: 7ac6737b-54d2-4b0a-96eb-a2497f63e30c
age: 818488
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26500
cf-request-id: 09cf7986cd000032c545867000000001
last-modified: Wed, 10 Feb 2021 07:16:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 649291eaeca532c5-CDG

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZWFzZXIvMjAxOS0wMS0yNi8xMDE5MjQvMWI0YmM0YzEwYjgwZTIwYzIxYzhiZGZiMGNiNjI4ZjYucG5nP3Q9MTU0ODU3NTgwNTcxNA.webp
s-img.mgid.com/g/8164834/492x328/0x50x590x393/ 15 KB
15 KB 30ms
29ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164834/492x328/0x50x590x393/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZWFzZXIvMjAxOS0wMS0yNi8xMDE5MjQvMWI0YmM0YzEwYjgwZTIwYzIxYzhiZGZiMGNiNjI4ZjYucG5nP3Q9MTU0ODU3NTgwNTcxNA.webp?v=1619972353-sZeR5r2hoXvi0eL9TnwuazMJfLupD7NzbMnIEmS9Htg
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ad5edcd61d0751f2d4fd182899be940061137c0adb7af1a50bd8e176813bbca

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:13 GMT
cf-cache-status: HIT
x-mg-request-uuid: 67845976-0d1f-4695-a05a-c250735bb799
age: 818651
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15008
cf-request-id: 09cf7986ce000032c585b8e000000001
last-modified: Mon, 08 Feb 2021 10:20:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 649291eaeca832c5-CDG

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp
s-img.mgid.com/g/8164883/492x328/0x0x492x328/ 12 KB
12 KB 27ms
26ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164883/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp?v=1619972353-I_1j1BAk-6045GfMIgnjWp0GnzUzsi-kVpojogFbw4U
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8c3f71afbeeed7e2dd4c4f436a8f1b75b8cc09a9849ef2f842016500d0f4788

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:13 GMT
cf-cache-status: HIT
x-mg-request-uuid: ab9d2337-6626-42b7-be64-e3ed050f3c88
age: 818634
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12392
cf-request-id: 09cf7986cd000032c53523a000000001
last-modified: Mon, 08 Feb 2021 10:20:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 649291eaeca632c5-CDG

GET
H2 200 img.gif
my.rtmark.net/ Frame 3F7F 43 B
490 B 36ms
36ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=6f5dd06c00e6478a950302e9f169f910

Requested by

Host: onmarshtompor.com
URL: https://onmarshtompor.com/fac.php?OAID=6f5dd06c00e6478a950302e9f169f910&oaidts=1619972352

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://onmarshtompor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:09 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H3-29 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp
s-img.mgid.com/g/8193504/492x328/88x0x631x420/ 15 KB
15 KB 64ms
63ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193504/492x328/88x0x631x420/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp?v=1619972353-soV-VhPJ5zy28hfrvSjRcl_jmxS-jBrU7it92iJG1Jo
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 714e4b742a1ddc3565cfb472ac59b37a1bc03dd471e5d51a13647bfced2dbf5c

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:13 GMT
cf-cache-status: HIT
x-mg-request-uuid: 3c69c87d-97b3-43f7-b07e-71672e177227
age: 457207
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15046
cf-request-id: 09cf7986dd0000bd72e2228000000001
last-modified: Wed, 10 Feb 2021 07:15:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 649291eafd19bd72-CDG

GET
H3-29 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2M0NjQ1ZjgwN2MzMDJlZmNiYzQxZWVhZWRmNGE5MmZjLmpwZw.webp
s-img.mgid.com/g/8193521/492x328/0x168x565x376/ 12 KB
13 KB 65ms
64ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193521/492x328/0x168x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2M0NjQ1ZjgwN2MzMDJlZmNiYzQxZWVhZWRmNGE5MmZjLmpwZw.webp?v=1619972353-INE5kxk3lbfutokO5Zp6w80EVtLE6Aprjrtl1MVRLpQ
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e18e7cd260a222b1afd64c7b0be9a9b0c7e43110cfeffcc98d23cb6b17a85b08

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:13 GMT
cf-cache-status: HIT
x-mg-request-uuid: 3dba0a04-aa8e-428d-9c0e-f56e9e76938c
age: 818621
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12378
cf-request-id: 09cf7986db0000bd72f2b92000000001
last-modified: Wed, 10 Feb 2021 07:15:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 649291eafd1bbd72-CDG

GET
H3-29 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp
s-img.mgid.com/g/8164912/492x328/0x0x1081x720/ 12 KB
13 KB 41ms
40ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164912/492x328/0x0x1081x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp?v=1619972353-yT8SLF52wzYNGcJNOCBdF33m_8XSC7FCQy_mKJj05VU
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9890b523125c63685ab6e157e022072740363afb75a023b694cec0b986a25481

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:13 GMT
cf-cache-status: HIT
x-mg-request-uuid: c5657645-24b3-4e9f-bbc3-40c35370906f
age: 818638
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12790
cf-request-id: 09cf7986db0000bd72d2925000000001
last-modified: Mon, 08 Feb 2021 10:20:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 649291eafd1cbd72-CDG

GET
H3-29 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDYvMTAxOTI0Lzk3ZTE3YTgzZTZhZDUwMjI2ZGVlYTYwMTg5NThiMDUzLmpwZWc.webp
s-img.mgid.com/g/8164871/492x328/133x133x1048x698/ 17 KB
17 KB 87ms
86ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164871/492x328/133x133x1048x698/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDYvMTAxOTI0Lzk3ZTE3YTgzZTZhZDUwMjI2ZGVlYTYwMTg5NThiMDUzLmpwZWc.webp?v=1619972353-RVbY2OwJYG5qU1H91FSlAyc9pLYhEs9OTy1hO6DPw8M
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71922c96becf2a3bc84072ece4f9a39f15b587d9102739d799373fcff9909fe9

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:13 GMT
cf-cache-status: HIT
x-mg-request-uuid: 0318adf2-6725-4e0b-97ad-579bf5999e9b
age: 818595
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17350
cf-request-id: 09cf7986dc0000bd72c92fd000000001
last-modified: Mon, 08 Feb 2021 10:20:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 649291eafd1dbd72-CDG

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=paste.co.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 16:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paste.co.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 16:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 84E7 405 B
372 B 88ms
88ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.1227730195~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1619972353&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619972353852&bpp=5&bdt=1673&idt=-M&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2569118628412&frm=20&pv=1&ga_vid=1878121015.1619972353&ga_sid=1619972353&ga_hid=2052978829&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957%2C21065725&oid=3&pvsid=1586645955250515&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=b77K1O5yBW&p=https%3A//paste.co.id&dtd=24

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05456c1d20ceca65f7c4e3e88940e386f4b2b8b90f36a198e2b9168d01a519ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.1227730195~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1619972353&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619972353852&bpp=5&bdt=1673&idt=-M&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2569118628412&frm=20&pv=1&ga_vid=1878121015.1619972353&ga_sid=1619972353&ga_hid=2052978829&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957%2C21065725&oid=3&pvsid=1586645955250515&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=b77K1O5yBW&p=https%3A//paste.co.id&dtd=24
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 02 May 2021 16:19:13 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 02-May-2021 16:34:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 02 May 2021 16:19:13 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AA2B 405 B
372 B 96ms
96ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=1213588912&adf=2179270891&pi=t.aa~a.2711115096~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1619972353&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619972353852&bpp=2&bdt=1673&idt=-M&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=2569118628412&frm=20&pv=1&ga_vid=1878121015.1619972353&ga_sid=1619972353&ga_hid=2052978829&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957%2C21065725&oid=3&pvsid=1586645955250515&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=sAbeCgBStt&p=https%3A//paste.co.id&dtd=32

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc04af471245cade1ce31e02d776053ce83e360750a7cb59bbbecc5371eee4ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=1213588912&adf=2179270891&pi=t.aa~a.2711115096~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1619972353&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619972353852&bpp=2&bdt=1673&idt=-M&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=2569118628412&frm=20&pv=1&ga_vid=1878121015.1619972353&ga_sid=1619972353&ga_hid=2052978829&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1777&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957%2C21065725&oid=3&pvsid=1586645955250515&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=sAbeCgBStt&p=https%3A//paste.co.id&dtd=32
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 02 May 2021 16:19:13 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 02-May-2021 16:34:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 02 May 2021 16:19:13 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 224A 405 B
375 B 77ms
77ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=90&adk=2820297975&adf=1011119886&pi=t.aa~a.2711115096~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1619972353&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x90&url=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619972353852&bpp=1&bdt=1673&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=2569118628412&frm=20&pv=1&ga_vid=1878121015.1619972353&ga_sid=1619972353&ga_hid=2052978829&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957%2C21065725&oid=3&pvsid=1586645955250515&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=lYeoe5GCAd&p=https%3A//paste.co.id&dtd=36

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42df38af75cdf94ea2b06ee79333679f1fd50c1a4a6c87266a0db434bfc43bd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&h=90&adk=2820297975&adf=1011119886&pi=t.aa~a.2711115096~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1619972353&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x90&url=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619972353852&bpp=1&bdt=1673&idt=1&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=2569118628412&frm=20&pv=1&ga_vid=1878121015.1619972353&ga_sid=1619972353&ga_hid=2052978829&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2361&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060957%2C21065725&oid=3&pvsid=1586645955250515&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=lYeoe5GCAd&p=https%3A//paste.co.id&dtd=36
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 02 May 2021 16:19:13 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 02-May-2021 16:34:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 02 May 2021 16:19:13 GMT
cache-control: private

POST
H2 200 options Show response
onmarshtompor.com/ 0
446 B 34ms
33ms XHR
text/html 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/options?option_args=CKiq4wESIDZmNWRkMDZjMDBlNjQ3OGE5NTAzMDJlOWYxNjlmOTEwGjFodHRwOi8vYmVkcmFwaW9uYS5jb20vYXB1LnBocD96b25laWQ9MzcyNDU4NCZvbz0xIhRodHRwczovL3Bhc3RlLmNvLmlkLzIkMzE4NGJhZGMtNzhiZi00ZTVhLWJkOTEtMzc1YWEzYWVkNzli

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

x-trace-id: 9680077f65fc8f08e7311f371a05aa3c
pragma: no-cache
date: Sun, 02 May 2021 16:19:13 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=utf8
access-control-allow-origin: https://paste.co.id
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 0
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 204 options
onmarshtompor.com/ Frame 0
0 101ms
33ms Preflight 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 02 May 2021 16:19:13 GMT
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
strict-transport-security: max-age=1
x-content-type-options: nosniff

GET
H/1.1 200
OK 0909225031573.png
static.cdnativepush.com/contents/s/cc/cc/0c/1a8aa84aff37b8d69d64e925e1/ 13 KB
14 KB 136ms
34ms Image
image/png 139.45.197.156
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/cc/cc/0c/1a8aa84aff37b8d69d64e925e1/0909225031573.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 3545d968cbf164ef0f74d652493fc35b76666eee49b1e80f0a857e14dedd5de4

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 16:19:14 GMT
Last-Modified: Fri, 05 Feb 2021 09:24:19 GMT
Server: nginx
ETag: "601d0ec3-35b9"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 13753

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137362802-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2958
date: Sun, 02 May 2021 15:29:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 02 May 2021 17:29:55 GMT

GET
H2 200 online.js Show response
static.lalaping.com/ 84 KB
33 KB 22ms
22ms Script
application/javascript 2606:4700:20::ac43:4b21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lalaping.com/online.js?ver=2.0.0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/133c8b2bfade2c96683819a208a36ab3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 17:10:39 GMT
server: cloudflare
age: 4800
etag: W/"5fbbed0f-14f3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bg9cLs225HorBUu9DipiylWKzttCrXnwCHTg80A1Nea8By%2FqmBGf5oY1rFGBRVI%2BNwHa4mJfnlCvgJmYPwTc5X%2B5cKE%2FgUrczDEYZPUoK0Rw1uVggY35FWewD6tw6gWC"}]}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 649291ecfe2a0610-FRA
cf-request-id: 09cf79881700000610408cc000000001

OPTIONS
H2 204 9
toglooman.com/ Frame 0
0 104ms
39ms Preflight 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=3724583&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=9&sah=1200&drf=&hil=2&ist=0
Protocol: H2
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 02 May 2021 16:19:14 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://paste.co.id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 9 Show response
toglooman.com/ 0
646 B 33ms
32ms XHR
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=3724583&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=9&sah=1200&drf=&hil=2&ist=0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/133c8b2bfade2c96683819a208a36ab3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:13 GMT
x-sc: 5pjBvO_0EuwxfQm6vFc9Z2e2gOn37RRZ9XdUX51Moapr2_zW8vrIOPqQyuzOOqr2JtKNyNcyH9TlRdFirrVqvkfFa-Y=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 92E9
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

281 B
554 B

103ms
32ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1619972353707780685940
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://paste.co.id/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 02 May 2021 16:19:14 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Sun, 02 May 2021 16:19:14 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
623 B 136ms
86ms Image
image/gif 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l42cB5qtvAj9
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 649291ed6ec9edcf-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09cf7988620000edcf1db65000000001

GET
H3-29

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDQyY0I1cXR2QWo5&muidn=l42cB5qtvAj9
https://cm.mgid.com/google?muidn=l42cB5qtvAj9&google_ula={guid},5&google_gid=CAESEMRwNdhDofS6GA0E9-OgB9w&google_cver=1

0
570 B

88ms
83ms

Image
text/plain

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l42cB5qtvAj9&google_ula={guid},5&google_gid=CAESEMRwNdhDofS6GA0E9-OgB9w&google_cver=1
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 649291ee0f80bd72-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09cf7988c80000bd72ca86b000000001

Redirect headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l42cB5qtvAj9&google_ula={guid},5&google_gid=CAESEMRwNdhDofS6GA0E9-OgB9w&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1011
jadserve.postrelease.com/suid/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l42cB5qtvAj9
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l42cB5qtvAj9
https://jadserve.postrelease.com/suid/1011?vk=1660c54d-06c9-4eb7-ba1e-398ef1da0eb6

43 B
427 B

497ms
161ms

Image
image/gif

54.67.80.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1011?vk=1660c54d-06c9-4eb7-ba1e-398ef1da0eb6
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.67.80.248 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-67-80-248.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:14 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

location: //jadserve.postrelease.com/suid/1011?vk=1660c54d-06c9-4eb7-ba1e-398ef1da0eb6
date: Sun, 02 May 2021 16:19:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
555 B 165ms
100ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l42cB5qtvAj9
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 649291ed88c4b76f-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 09cf7988740000b76f5ba69000000001

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=1388e825-f4fb-4bbe-a73b-3c13fe0fe60d

43 B
660 B

92ms
91ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=1388e825-f4fb-4bbe-a73b-3c13fe0fe60d
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:14 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 5f66aff1-6837-4120-8e84-a91bb227f057
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 649291f1da2dbd72-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09cf798b290000bd72d2962000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=1388e825-f4fb-4bbe-a73b-3c13fe0fe60d
date: Sun, 02 May 2021 16:19:14 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=cc645e08-df38-46f4-a443-e26b86410ec8&ssp=mgid&user_group=1
https://cm.mgid.com/m?cdsp=433145&c=1660c54d-06c9-4eb7-ba1e-398ef1da0eb6&gdpr=&gdpr_consent=&us_privacy=

43 B
644 B

84ms
82ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=1660c54d-06c9-4eb7-ba1e-398ef1da0eb6&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:14 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 71aa22fb-5e96-4644-8704-4e156f822acb
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 649291f10959bd72-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09cf798aaa0000bd72da3b5000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=1660c54d-06c9-4eb7-ba1e-398ef1da0eb6&gdpr=&gdpr_consent=&us_privacy=
date: Sun, 02 May 2021 16:19:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=ca01a8eb-ec15-46c3-b9fe-fc73dc3b7a9b&ttl=1622564354

43 B
628 B

118ms
117ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=ca01a8eb-ec15-46c3-b9fe-fc73dc3b7a9b&ttl=1622564354
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:14 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 5bf3f5c6-d8f1-4656-88ab-c1da70734500
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 649291ee9fd2bd72-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09cf7989240000bd72f2bba000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:14 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=ca01a8eb-ec15-46c3-b9fe-fc73dc3b7a9b&ttl=1622564354
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=og6APARDPUWuKk7O0ZGx&pi=mgid&tc=1

43 B
707 B

103ms
102ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=og6APARDPUWuKk7O0ZGx&pi=mgid&tc=1
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:14 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 5944e072-fe11-4e7c-9e7a-c5d9a2f73493
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 649291ee5fa3bd72-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09cf7988f30000bd72d8300000000001
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=og6APARDPUWuKk7O0ZGx&pi=mgid&tc=1
pragma: no-cache
date: Sun, 02 May 2021 16:19:14 GMT, Sun, 02 May 2021 16:19:14 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
15ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=2052978829&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&ul=en-us&de=UTF-8&dt=Untitled%20-%20Paste.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=740459198&gjid=1603489911&cid=1878121015.1619972353&tid=UA-137362802-1&_gid=1147465148.1619972354&_r=1&gtm=2ou4l3&z=1789585094

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 22ms
22ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=2052978829&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&ul=en-us&de=UTF-8&dt=Untitled%20-%20Paste.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAUABAAAAAC~&jid=61905608&gjid=1679322245&cid=1878121015.1619972353&tid=UA-174907544-1&_gid=1147465148.1619972354&_r=1&gtm=2ou4l3&z=1219398710

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 5 KB
5 KB 15ms
13ms Image
image/png 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5087
x-xss-protection: 0
expires: Sun, 02 May 2021 16:19:14 GMT

GET
H3-29 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 34ms
29ms Image
image/png 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5969
x-xss-protection: 0
expires: Sun, 02 May 2021 16:19:14 GMT

GET
H3-29 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 13 KB
13 KB 26ms
21ms Image
image/png 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13504
x-xss-protection: 0
expires: Sun, 02 May 2021 16:19:14 GMT

GET
H3-29 200 googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 7 KB
7 KB 25ms
21ms Image
image/png 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
expires: Sun, 02 May 2021 16:19:14 GMT

GET
H3-29 200 googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 4 KB
4 KB 38ms
34ms Image
image/png 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3934
x-xss-protection: 0
expires: Sun, 02 May 2021 16:19:14 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
85 B 13ms
13ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-137362802-1&cid=1878121015.1619972353&jid=740459198&gjid=1603489911&_gid=1147465148.1619972354&_u=YAhAAUAAAAAAAC~&z=1162098029

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 02 May 2021 16:19:14 GMT
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 32ms
31ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-137362802-1&cid=1878121015.1619972353&jid=740459198&_u=YAhAAUAAAAAAAC~&z=621230463

Requested by

Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-137362802-1&cid=1878121015.1619972353&jid=740459198&_u=YAhAAUAAAAAAAC~&z=621230463

Requested by

Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK custom
seeptoag.net/ Frame 0
0 31ms
31ms Preflight
text/plain 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.209 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sun, 02 May 2021 16:19:09 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
seeptoag.net/ 39 B
486 B 35ms
35ms Fetch
application/json 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.209 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: d2a5ea25b39df5fc65b890e6c5bf6b3b
Date: Sun, 02 May 2021 16:19:09 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 152ms
148ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=4b5d56bc9fba471ba2cd7741ee3496b5&zoneId=3534037&checkDuplicate=true&ymid=&var=

Requested by

Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

50bc7badf9f942668616ae8debe7ba69dac91ec7705ca0be11a04bf6fd0bfb04

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 92E9 30 KB
9 KB 33ms
32ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 16:19:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 21:43:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=11537
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9235
Expires: Sun, 02 May 2021 19:31:31 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 92E9 284 B
536 B 129ms
30ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1619972354682&ns_c=UTF-8&cv=3.5&c8=Untitled%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1619972354682&ns_c=UTF-8&cv=3.5&c8=Untitled%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&c9=

64 B
330 B

704ms
699ms

Image
image/gif

99.86.149.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1619972354682&ns_c=UTF-8&cv=3.5&c8=Untitled%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&c9=
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.149.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:15 GMT
via: 1.1 4e16085986bd3a978979f670daedf235.cloudfront.net (CloudFront)
x-amz-cf-pop: ICN51-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: t4u2dqEU8fpmRh8XDPW0fzFuPfqZI5SxM0xdazpK_eziOFOslGwnLA==

Redirect headers

date: Sun, 02 May 2021 16:19:14 GMT
via: 1.1 4e16085986bd3a978979f670daedf235.cloudfront.net (CloudFront)
x-amz-cf-pop: ICN51-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1619972354682&ns_c=UTF-8&cv=3.5&c8=Untitled%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&c9=
content-length: 195
x-amz-cf-id: qr-bEOtWL9_RdikAyxPKm3X-ixHhT5DTRC0LiOaiKyUQbZD8pcyqjQ==

GET
H/1.1 200
OK defaultSkin.min.js Show response
seeptoag.net/pfe/current/ 56 KB
19 KB 40ms
39ms Fetch
application/javascript 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/pfe/current/defaultSkin.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.209 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 May 2021 16:19:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:48:57 GMT
Server: nginx
ETag: W/"6086a8a9-df63"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ Frame FEB7 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H/1.1 200
OK custom
seeptoag.net/ Frame 0
0 37ms
36ms Preflight
text/plain 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.209 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sun, 02 May 2021 16:19:10 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
seeptoag.net/ 39 B
486 B 33ms
32ms Fetch
application/json 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.209 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: c0b956d209075b59d0a13ba0648f52bb
Date: Sun, 02 May 2021 16:19:10 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H2 200 c
c.mgid.com/ 43 B
290 B 84ms
82ms Image
image/gif 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=202|219|8|PXXscu1vxIeKyCahUybb7-UjhAmL1ifEPjOJdKd_YtDIulDzxjpwg8ykK7UOQ86A&fw=1&extjs=66044&v=202|219|8|PXXscu1vxIeKyCahUybb73JNW9ayGy7zZEokCdeDL0Tx1Bya8pHBEz1Un6yBD-8Z&v=202|219|40|PXXscu1vxIeKyCahUybb7wQ9fZIFg9REfvObwWDHT1xmvRvMfJeS9ZCs0wmnPbrO&v=202|219|8|PXXscu1vxIeKyCahUybb76XAGHBVcQTuX5R66IT4p5TPDdAKV3qFrfqnzkbj5B-f&cid=997452&h2=osGc9IG8QbaWdv591HpRpcB5_07rwZ0vLxcYTalSpKk*&rid=22111732-ab62-11eb-90c5-d094662c24f7&tt=Direct&iv=11&pageImp=1&cbuster=1619972354957379318142&tpl=0
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:15 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 2fb77f1e-d142-4c22-80d5-f608e524fb60
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 649291f28ffe32c5-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09cf798b97000032c5340ce000000001
server: cloudflare

GET
H3-29 200 c
c.mgid.com/ 43 B
557 B 178ms
174ms Image
image/gif 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?pv=3&v=90|196|24|PXXscu1vxIeKyCahUybb73l9U37eMe__mkQeim3tIcvH-YOaA53hJ3rBIZxfY2Ef&fw=1&extjs=66044&v=90|196|24|PXXscu1vxIeKyCahUybb73MHpExjR_FzdvwH9ZcMSYArclt_HUbPyQpG-7iryH4E&cid=997452&h2=osGc9IG8QbaWdv591HpRpcB5_07rwZ0vLxcYTalSpKk*&rid=221cbaac-ab62-11eb-91aa-d094662c1c35&tt=Direct&iv=11&pageImp=0&cbuster=161997235520674841079&tpl=0
Requested by: Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:15 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 967172dd-07fa-4c38-879f-3d3b065e8f80
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 649291f42be2bd72-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09cf798c950000bd72b42ea000000001
server: cloudflare

OPTIONS
H/1.1 200
OK add
o.wowreality.info/api/log/ Frame 0
0 98ms
32ms Preflight 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Protocol: HTTP/1.1
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sun, 02 May 2021 16:19:15 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://paste.co.id

POST
H/1.1 200
OK add Show response
o.wowreality.info/api/log/ 0
398 B 187ms
91ms XHR
text/plain 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Requested by: Host: static.lalaping.com
URL: https://static.lalaping.com/online.js?ver=2.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

Date: Sun, 02 May 2021 16:19:15 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 49ms
29ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210428&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e5ae1415eee5faaf7bb30ab128fef3192a573638d89f9cd563a8036b4acd961

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 May 2021 16:19:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7796
x-xss-protection: 0

POST
H/1.1 200
OK custom Show response
seeptoag.net/ 39 B
486 B 34ms
34ms Fetch
application/json 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/zV1kIZd6FW

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.209 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: a6d3c39a1073c625df8426bcfe112857
Date: Sun, 02 May 2021 16:19:11 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
seeptoag.net/ Frame 0
0 47ms
46ms Preflight
text/plain 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.209 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sun, 02 May 2021 16:19:11 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 02 May 2021 16:19:15 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 3739 12 KB
5 KB 23ms
8ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 02 May 2021 16:09:52 GMT
expires: Mon, 02 May 2022 16:09:52 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 564
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js Show response
pagead2.googlesyndication.com/bg/ Frame 3739 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kDRksX2Ww4e_xNClAyIBt4DTtML4DGkgzzkDas1N7gE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

903464b17d96c387bfc4d0a5032201b780d3b4c2f80c6920cf39036acd4dee01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 16:24:37 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 172479
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5651
x-xss-protection: 0
expires: Sat, 30 Apr 2022 16:24:37 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210428&jk=1586645955250515&bg=!9_Sl9LDNAAZLnZBaS507ACkAdvg8Wnjarj38sb-_U9kFIrQeOfxIV0T38CQAeu4-63wopVCs2iFiCQIAAACJUgAAAAtoAQcKAQPOe5PPrbgzQhMshQOwtzN6yZ36lkPbP7wCeaHjBkkaldbMEWZc98D82-xmLC_WYVgsOxAy9OHlGlF3cZ48QhxkDgDQa-gIejJXANhE-1RZXYisj7qOFC-ZZ0fuILtNiaFlKVWJgtnHnt4mYPnKBsrIJZQaKXByBgmmsy9g3csr-7czsplacXE9eJcBMM08WjI_8VBTIWAq2N3Wj5cqN_hvpVoEMjgNCUdC0P7xGSnk9IdLjeJNTBbUOGambVHVr9hyLe5x1fhshFyfPa_9g1xFak8J0QQPIHQQUS53qcnnCniAoSzACG_I8oSPTxp7_WIgsJ_K2z5h7xKMEUKeucfuxMAymQJAquF6cojgj3TaIMDtCEOHXxzAUIoGoPmQ5jyGljpRxTIXtJgaqs5en6uyb69rDas2kYTN_pWd68LUlEX5gNcNbPYNkHSxw3gLesyjnLnHL8bNgTFI7rhTkpE42L4WqUg-GObiTxhAsuVD1-pPi4bMUqbvRcez1cVU6TYsDptnakIic3ja5RAyYammqRZxyLLPNXIpbCIWcqoJdZMSzy6CBd07v_yv77n1DGlDo98zBhe4bL1YkUeOhTvxKhWOVu9bJlzfFZRX8VpPuT-zO9AHnYCDBI4eEz8h1PqpVUMu5vynKoFbNVUR657EQlwGyz6HbzkHCyFQDd84VVEiU18Jtj_6Y9AoPMYIZc39vvWcpj7-YsMDUnKQ_9d2O8lb7rI3um0F45CssjKWmEpm1MfmcRvzmMhZX4RcW3zBARGYWMQYHw2j6p3UQracMduF5WGJp8fJm60dE9AraWTxNLCb8PHbh3p-yBszNGAbUvWMW7v3j5z7GCgK2ehfRp3Jy9HbioYjUScFer9auYZ02viWggMwdAB8OsmoGMjnvKC_wuDSLyaUbYTH8o3xJPuVPf5vDg22NPx7ExbC-PxCjeNrZaNSB9rK3djg0q-9UJmTw-fey1_SmOLKzcBFByqUS7jTFhit77fPrE8JLoEnNW92sDyAJ59MJD9IxSeybQR1U3Thw7R83aQfRSIgsL8f0GXkvqgSu2d2bT6LU4UUd12ZNGfNDYkBNhyrwnBZBRbDoNpR_Dm1lWtO2R9e94G2qCBX

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 May 2021 16:19:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dGrtoj_-ZXyTqLWpMgnBgyrxoIHHcpWLurXBbfjCtEBQ0q78hN_lxkEU6NSTUEg2_BQz7HEZytlS_eEXcIhebRTaUUOue-lR3-IvM-scuvqihW5pLM-lG_TV_D8TZwjde3NZLX9zK6U9PJpkTJUoF5vHm_eal10CUy73uF1Hf9zAt-Wg_ZeT-YMj_BtXi2hLH5sfn...
dutorterraom.com/impression/ 43 B
326 B 114ms
41ms Image
image/gif 139.45.197.14
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dutorterraom.com/impression/dGrtoj_-ZXyTqLWpMgnBgyrxoIHHcpWLurXBbfjCtEBQ0q78hN_lxkEU6NSTUEg2_BQz7HEZytlS_eEXcIhebRTaUUOue-lR3-IvM-scuvqihW5pLM-lG_TV_D8TZwjde3NZLX9zK6U9PJpkTJUoF5vHm_eal10CUy73uF1Hf9zAt-Wg_ZeT-YMj_BtXi2hLH5sfna-CmZyTLFxHBCQfg-D89fmHNo8iK-Ws5RjNO58vNlVHD80IB3QLOBt5jpxTJgczl6OprraRrF7ccp0w8Bf4MSaD7124hO2itXDIrgNAgffS9m9cT2KHZ0ziwlrHk6l5fwLyQPnUHAmJ2zM0JXKRiYFlHHH_AS29hf3MIR1pxuOI9yhmh-nbiX0sgYXKAj6WOooMlhndXe-jRdi8VJGAUtT9vE95ENarFNQFygOFA4o1rYnhH_m4rejuL5udwtA_Er0pFT1J7Iz0AoayelZTD8IMj-ygTUTnTsa1PKu68MgTUx9s-NASpq8MnxrTyDTtf5ZW02uVGK0tNMiNakRVLr946ONi14QJdyX2XuwL1HRnNsOMjRVbTG4Uj5VbHgjMODw8-weYodmTcLHx5ZsW6IWbLbeZb8QNAeVIUp7Gtx_cucwqVRhVETIJuDDPJF13mgUwL6GuP_N2UiGbP81_vAVE5IkdAZsSz845OUl_tn7qRqRqu8TyYjUlZUgq49nANw==?z=3509488&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=11&pl=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.14 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: d6afb3402d2524527912a05373dff756
pragma: no-cache
date: Sun, 02 May 2021 16:19:22 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
content-length: 43
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 0909225031573.png
static.cdnativepush.com/contents/s/cc/cc/0c/1a8aa84aff37b8d69d64e925e1/ Frame 63B9 13 KB
14 KB 39ms
36ms Image
image/png 139.45.197.156
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/cc/cc/0c/1a8aa84aff37b8d69d64e925e1/0909225031573.png
Requested by: Host: inpagepush.com
URL: https://inpagepush.com/400/3509488
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 3545d968cbf164ef0f74d652493fc35b76666eee49b1e80f0a857e14dedd5de4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 02 May 2021 16:19:22 GMT
Last-Modified: Fri, 05 Feb 2021 09:24:19 GMT
Server: nginx
ETag: "601d0ec3-35b9"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 13753

GET
DATA 200
OK truncated
/ Frame 63B9 243 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7915c0fae1490a0700dbc0bf5b62bec22d2e340943f14c93b5d63fd1a173795e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 3509488
inpagepush.com/500/ Frame 0
0 38ms
38ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3509488?excludes=8745754&oaid=5e2c94edfde74edeb931209636527d3e&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=12&pl=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 02 May 2021 16:19:23 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://paste.co.id
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 3509488 Show response
inpagepush.com/500/ 3 KB
2 KB 133ms
133ms XHR
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

b8a584fe1f639b77498ffd2808a10fd7fc62a7e3b9ac12ce004919a350ebbeaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 7bf931caa508c92b590142af99e28675
pragma: no-cache
date: Sun, 02 May 2021 16:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 4tojXT1T78E-gwjw3WvkfT9aUqTE2OtD77Pbyuij_wIuYC8SeCRaPvaYw9c8-HzcPTCY87yN4wIx6Tz-n2Ely6Z0RHIU4_X-Y2laWm1bhQhO-z16oDQDyYAhR_9jVRtZqCz6BPOnXoHkc6Y6vPfxQemB_WVSBkG-ASKEjsC6RTyfaQhqaRlgIJmdn5loM2pD_bvH0...
dutorterraom.com/impression/ 43 B
325 B 39ms
38ms Image
image/gif 139.45.197.14
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dutorterraom.com/impression/4tojXT1T78E-gwjw3WvkfT9aUqTE2OtD77Pbyuij_wIuYC8SeCRaPvaYw9c8-HzcPTCY87yN4wIx6Tz-n2Ely6Z0RHIU4_X-Y2laWm1bhQhO-z16oDQDyYAhR_9jVRtZqCz6BPOnXoHkc6Y6vPfxQemB_WVSBkG-ASKEjsC6RTyfaQhqaRlgIJmdn5loM2pD_bvH0QDfA0dAHXw1Sejz0_E9igbLrq0XieOdrVZ2pUBo3fV2fSByMdyf4sik8PXsvQGtwYIrpxUA45pGpMPdID4xf5MzP_NrtZ935yTcIe5FiimFl_tNnODkAfvK504MWKsZxgY0qPtcBx8WmDdnEwvm5QVxPH66KOhy-1HMQqF4pobmjbqNim5dtQ139wz77HT8JYlyePtS5p3S0oCpslsb6pYxVmo5CzzJqirmlihJEBGYFvMGtAIo2hamlXSOcy7j1JufXDk6gqLFh_za9zlIHfEUIN67nYdq9x8mwDVwLkGpZefDMW0_iWrZrKP_NEB7djAct3Ry7KqBdWqhRqRBS3vddcdnzt_f4dDi9WW4v4lCGnQj0qk9C2BIFoEhvqOQsqyD4S9OJgNRYGI5zU2aCpnHFGIxjb0AxYH_C3PjJUqLG8amDEHIcKMvAbt2d-xvcSK9TlTIhBnf1Bj-cT15ljhh8ANEMXFx0a18FvOQeLsOBqWLuz2NNtHnzPLiDz_Qcw==?z=3509488&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=12&pl=https%3A%2F%2Fpaste.co.id%2FzV1kIZd6FW&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.14 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 137a35c594cef9c5cbb2a5cbc89575ca
pragma: no-cache
date: Sun, 02 May 2021 16:19:28 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
content-length: 43
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 anime_bg.png
ipp.littlecdn.com/web/static/ Frame 63B9 193 KB
193 KB 24ms
22ms Image
image/png 2606:4700:10::6816:1974
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipp.littlecdn.com/web/static/anime_bg.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0c33471158b183e0cc6bde6fd6fa614e82220087dc9a05017571ddad9c4426b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:28 GMT
cf-cache-status: HIT
age: 2587
cf-ray: 649292466c91c2db-FRA
content-length: 197263
cf-request-id: 09cf79bffe0000c2db210f7000000001
last-modified: Thu, 24 Sep 2020 10:59:05 GMT
server: cloudflare
etag: "a72c40cac24998b80ccdaba87731a296"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 May 2021 15:36:21 GMT

GET
H2 200 anime_male.png
ipp.littlecdn.com/web/static/ Frame 63B9 16 KB
16 KB 26ms
24ms Image
image/png 2606:4700:10::6816:1974
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipp.littlecdn.com/web/static/anime_male.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f40eb8f12acaa274789ed4fd686d118c75446d263a3951e27a0ed27a3cddfc8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:28 GMT
cf-cache-status: HIT
age: 2646
cf-ray: 649292466c95c2db-FRA
content-length: 16050
cf-request-id: 09cf79bffe0000c2dbf88d2000000001
last-modified: Thu, 24 Sep 2020 10:59:09 GMT
server: cloudflare
etag: "07ca5abe3dc9bf4ebbc7c8ed98b2491e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 May 2021 15:35:22 GMT

GET
H2 200 anime_female.png
ipp.littlecdn.com/web/static/ Frame 63B9 17 KB
17 KB 26ms
24ms Image
image/png 2606:4700:10::6816:1974
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipp.littlecdn.com/web/static/anime_female.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af00002220c22fbb4d3b3fcf80eac8e89f1f1432ad4c0b5f010a083c769f0210

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:28 GMT
cf-cache-status: HIT
age: 2598
cf-ray: 649292466c98c2db-FRA
content-length: 17347
cf-request-id: 09cf79bfff0000c2db210f8000000001
last-modified: Thu, 24 Sep 2020 10:59:08 GMT
server: cloudflare
etag: "6c7efb9606534b9559fd8489a9552de7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 May 2021 15:36:10 GMT

GET
H2 200 anime_close.png
ipp.littlecdn.com/web/static/ Frame 63B9 10 KB
10 KB 21ms
20ms Image
image/png 2606:4700:10::6816:1974
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipp.littlecdn.com/web/static/anime_close.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29c05b59c065f80b61637991e37a9e69757d76b64b43d227b5c17a0593f23ccd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:28 GMT
cf-cache-status: HIT
age: 2787
cf-ray: 649292466c9ac2db-FRA
content-length: 10386
cf-request-id: 09cf79bfff0000c2db0d040000000001
last-modified: Thu, 24 Sep 2020 10:59:06 GMT
server: cloudflare
etag: "d05a5f55b79df2c78093c4088ad8ecda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 May 2021 15:33:01 GMT

GET
H2 200 01020141423258.png
littlecdn.com/contents/s/2a/05/20/cf0076b073ef2616ef2756b927/ Frame 63B9 66 KB
66 KB 18ms
17ms Image
image/png 2606:4700:10::6816:1974
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/contents/s/2a/05/20/cf0076b073ef2616ef2756b927/01020141423258.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9411bba13ac9d988cf2adddd933602dd8923d1cb8afb0241e4daa7a914d1ff1b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:19:28 GMT
cf-cache-status: HIT
age: 3592
content-length: 67442
cf-request-id: 09cf79c0320000c2dbdc01d000000001
last-modified: Wed, 19 Aug 2020 15:30:58 GMT
server: cloudflare
etag: "5f3d45b2-10772"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 64929246bd4ac2db-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

Verdicts & Comments Add Verdict or Comment

216 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
paste.co.id/	1970-01-19 17:59:39	Name: pasteshr_session Value: eyJpdiI6IkdzSk9rMkRrNGNLMkpJaDh4WU1aNlE9PSIsInZhbHVlIjoibTk0cFpVRGptZHdoVVwvM0dkTmJHVUE3TkhBMUp1dm1ueFpEMHB3UWEwb2Njb3JueUpWSmxqU2RTdUNPSk5vcVciLCJtYWMiOiIzYTk0Zjk1ZTg0ODQwODVjOGJkZGQyNDFiOTk5ZTg2ZjcyNWY2NzY5Yjk4NjczZjUwYTc1NmUxOGRjNzE0YTI2In0%3D
.paste.co.id/	1970-01-20 11:30:44	Name: _ga Value: GA1.3.1878121015.1619972353
.paste.co.id/	1970-01-19 17:59:32	Name: _gat_gtag_UA_174907544_1 Value: 1
.paste.co.id/	1970-01-19 17:59:32	Name: _gat_gtag_UA_137362802_1 Value: 1
.doubleclick.net/	1970-01-20 03:21:08	Name: IDE Value: AHWqTUlPPvA7IIzMt_OvjKaEl4rN34EF5-6w3Q1guKloNN1E24HmwVZTKHTKz3TemAk
paste.co.id/	1970-01-19 17:59:39	Name: XSRF-TOKEN Value: eyJpdiI6Inc3dXluUUl0clBkQ29lSlRvdjdaTEE9PSIsInZhbHVlIjoiT0c4eHViK2xpXC8wS1JySXd2RTg1S3hIbnJVdzhaQjRFbzdJYnRsb2Q0Y0RBRWJpeFUzcVo1MmtlTDhka1Nzd0siLCJtYWMiOiJkYTkwNDAzZmVjYjE3MTQwNjYxM2YxOTU1NmFlZTEwMzM2ZTY4NGExNmI0ODk2Y2ZjNTU3MzFmMTI5NmZiYjcxIn0%3D
.paste.co.id/	1970-01-19 18:00:58	Name: _gid Value: GA1.3.1147465148.1619972354

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js(Line 1) Message: [object HTMLImageElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bedrapiona.com
berkas.co
c.mgid.com
cdn.mgid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
dutorterraom.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
iclickcdn.com
inpagepush.com
ipp.littlecdn.com
jadserve.postrelease.com
jsc.mgid.com
littlecdn.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
my.rtmark.net
o.wowreality.info
onmarshtompor.com
pagead2.googlesyndication.com
partner.googleadservices.com
paste.co.id
prod.perf-serving.com
pseepsie.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
seeptoag.net
servicer.mgid.com
static.cdnativepush.com
static.lalaping.com
stats.g.doubleclick.net
toglooman.com
token.rubiconproject.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.qrcoder.co.uk
x.bidswitch.net
104.111.230.142
104.16.199.73
104.19.132.78
104.19.134.78
104.19.217.61
109.203.125.88
139.45.195.254
139.45.195.8
139.45.196.136
139.45.196.209
139.45.197.14
139.45.197.156
139.45.197.234
139.45.197.237
139.45.197.239
139.45.197.243
142.250.185.98
142.250.186.34
173.249.18.21
18.195.177.11
185.184.8.30
23.79.143.124
2606:4700:10::6816:1974
2606:4700:20::ac43:4b09
2606:4700:20::ac43:4b21
2606:4700::6810:135e
2606:4700::6812:acf
2a00:1450:4001:800::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2004
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9b
3.127.166.11
35.212.212.222
5.189.137.168
54.67.80.248
69.173.144.165
76.223.111.131
99.86.149.45
02f4e744bf2d5c62fdf46c942adb8eaeba1cb799c8cbd08c8b3406e3cdf2bb6c
031f00b22a8c37dc6f3a8ea8e33f3d958a579bb1fcddc00c9409a24d1e07c259
05456c1d20ceca65f7c4e3e88940e386f4b2b8b90f36a198e2b9168d01a519ec
073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669
09a0099bf7fefd4d080249360f6a41730158897b2c1613fe50eea9c5520eb9d8
0dc6aef7c3dc6c0d650db4782562b66a26ef4c9a0a9c7f80ba0117e1cbce20ae
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1be762ca8b026343f192db6cc5b13e8e8247204397b90e86bfd3efb7a8bc0f92
237b757471e0eda4c69dd3b31f44fc91f1b5ce56054617260250ec763ad89cd6
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
2713931e789c433f2ddd4f75f835064fb7ffcf477205ad25fced0f10c04a6c60
29c05b59c065f80b61637991e37a9e69757d76b64b43d227b5c17a0593f23ccd
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
2ab478e9edb837aa679a4ed9a14eb909410ae11c6a88aa5336d1dc12b4addf39
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
2c2d57216a359c0920452ad7672378b025c79ba102e6edd9f3616232c63210b0
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3545d968cbf164ef0f74d652493fc35b76666eee49b1e80f0a857e14dedd5de4
36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6
3ad5edcd61d0751f2d4fd182899be940061137c0adb7af1a50bd8e176813bbca
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3
42df38af75cdf94ea2b06ee79333679f1fd50c1a4a6c87266a0db434bfc43bd0
436845f0115705072e5de39f65e101ba10775334578ec1d0b209f1b857574f8c
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50bc7badf9f942668616ae8debe7ba69dac91ec7705ca0be11a04bf6fd0bfb04
532ebb63b21f25cd2321d533fa378e22801af099c6b8b115d66f5fb2a9b9f482
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
577e621432e58b2045d157f4e4cd7892763daa7271b98ff95647c5331d260de7
585551bc7b5fa153d86f9c27f754f1d06292bf9393dce87d3862bee66ce41181
5eb58957336c213965803eb8f38617c70deea70a22470a4e66a0712a870e9c09
62dadcf91b790af18b75663d3b07dc5099824148a32cc71c8e4d8fa99aabc745
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e5ae1415eee5faaf7bb30ab128fef3192a573638d89f9cd563a8036b4acd961
714e4b742a1ddc3565cfb472ac59b37a1bc03dd471e5d51a13647bfced2dbf5c
71922c96becf2a3bc84072ece4f9a39f15b587d9102739d799373fcff9909fe9
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
7915c0fae1490a0700dbc0bf5b62bec22d2e340943f14c93b5d63fd1a173795e
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5
7c45c9bf3189b8c7a74c01957bd346d229e623aaa4cc215560499e83887b2d10
8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140
846bc7f337382bd3a247081330309cf752863530de9e50e052ecbfbc4e94cb88
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045
8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716
8eff3e7a084be3c610ab7c8e6f65f858cdcd98d797fa1a3051551b2c618165af
8f40eb8f12acaa274789ed4fd686d118c75446d263a3951e27a0ed27a3cddfc8
900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93
903464b17d96c387bfc4d0a5032201b780d3b4c2f80c6920cf39036acd4dee01
9411bba13ac9d988cf2adddd933602dd8923d1cb8afb0241e4daa7a914d1ff1b
94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75
9890b523125c63685ab6e157e022072740363afb75a023b694cec0b986a25481
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a189243fe4d6bd3413c8c476d1a9b039763ff0e759bc42df5c4bbc6ddeaf794f
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a27d4fc52ed53701780f86f13dbfe1f484494b71f4209e624642ea785ed1487d
a2b6540fc10171c39f905869a1551d7685c585c791de358235a1431cae75632a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab96466cc0eed815ad3b3940fe7c9d64859162a835001798ccb5b14c8fa97f8e
acd11bcd9d35d4460505907fd1f0f94f30a41a57dbd61226217581b050ef3bc2
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
af00002220c22fbb4d3b3fcf80eac8e89f1f1432ad4c0b5f010a083c769f0210
af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a
b24778ddf954b52d774d1620e1f7a371a0366c6b431cb979c11e0bf4fc6caa5d
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
b6d0cd742a198805ce2b0ad6d533898464553bf5f804c8fc96689e5a03073331
b8a584fe1f639b77498ffd2808a10fd7fc62a7e3b9ac12ce004919a350ebbeaa
b8c0fab01b7993a3f88a8a2c25db50f8457c41860dd36e3c7969302dcaf0bd8c
b8c3f71afbeeed7e2dd4c4f436a8f1b75b8cc09a9849ef2f842016500d0f4788
bc302d3edfd14d6811c7dfe618531da49f9b67bb6c997ee88c993e9ca06529c7
bf3913065b4e4c05bbfe5b261b6227f79b5ae3b9ece80c90da9527e1b7920ac2
bfca681ab67c23df82e652f1e5959f8e519385f8fba0266eb6f504389770ee4c
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c66349b55d5d119b585c2ddf90e9f934d4a2ea9277001e5276763b9db4d99ae7
c718830a02116b19aeb65a9e8338c48c77f45968b75dabe71048cd0e606b6259
c74a8778f0a6a69b0af79a40e697d5657171d91181d614670da64aaa78ba0fd9
cb3bf642ca0b9894a1bf34fc3b5bbaaa29d66736e8e954a044d0efae153064ec
cc04af471245cade1ce31e02d776053ce83e360750a7cb59bbbecc5371eee4ea
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf10a3f6fdcb1babbab751e304b4cffca3ccbc67ec9090fe0a529e07211a1b08
d32e38a74e431b76f4fe7fef3483ebe3aa2db680ee34b5c4ac48034fcdfcd451
d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517
d801a7aee4bfe2c958fd643f0cbeec4594298233004ada814fbff90eeb0b1c0b
de0098b453750bb7beaedbd260a54dcee38b3e077869350ec9378a7102dd652d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0c33471158b183e0cc6bde6fd6fa614e82220087dc9a05017571ddad9c4426b
e18e7cd260a222b1afd64c7b0be9a9b0c7e43110cfeffcc98d23cb6b17a85b08
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f54cfc3ffc7283b374cf04246ea62c1f5067f10843a962fcc5ed4462b324868e
fbe28a1b807c1e7e6c98e4c5900817dc26fe9ee04cd549d97c9cdb057003ab78
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

paste.co.id Open in urlscan Pro 5.189.137.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

143 Requests

100 %HTTPS

42 %IPv6

39 Domains

52 Subdomains

44 IPs

5 Countries

2003 kBTransfer

4469 kBSize

7 Cookies

83 Outgoing links

Redirected requests

143 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paste.co.id Open in urlscan Pro
5.189.137.168 Public Scan

Screenshot
Live screenshot

Full Image

143
Requests

100 %
HTTPS

42 %
IPv6

39
Domains

52
Subdomains

44
IPs

5
Countries

2003 kB
Transfer

4469 kB
Size

7
Cookies

143 HTTP transactions
4 data transactions