paste.co.id Open in urlscan Pro
5.189.137.168 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paste.co.id/U4QpQI3Ncp
Submission Tags: falconsandbox
Submission: On September 11 via api (September 11th 2021, 6:06:08 pm UTC) from US — Scanned from DE

Summary HTTP 155 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 38 IPs in 5 countries across 42 domains to perform 155 HTTP transactions. The main IP is 5.189.137.168, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is paste.co.id.
TLS certificate: Issued by R3 on August 21st 2021. Valid for: 3 months.

This is the only time paste.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	5.189.137.168 5.189.137.168	51167 (CONTABO) (CONTABO)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.16.19.94 104.16.19.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
6	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
13	139.45.197.250 139.45.197.250	9002 (RETN-AS) (RETN-AS)
21	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	109.203.125.88 109.203.125.88	31727 (NODE4-AS) (NODE4-AS)
2	74.125.133.97 74.125.133.97	15169 (GOOGLE) (GOOGLE)
1	104.26.12.118 104.26.12.118	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.197.234 139.45.197.234	9002 (RETN-AS) (RETN-AS)
4	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
3	74.125.206.138 74.125.206.138	15169 (GOOGLE) (GOOGLE)
6	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
1	139.45.197.243 139.45.197.243	9002 (RETN-AS) (RETN-AS)
5	74.125.133.156 74.125.133.156	15169 (GOOGLE) (GOOGLE)
1	66.102.1.155 66.102.1.155	15169 (GOOGLE) (GOOGLE)
7	173.194.76.147 173.194.76.147	15169 (GOOGLE) (GOOGLE)
1	172.67.75.33 172.67.75.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	139.45.197.162 139.45.197.162	9002 (RETN-AS) (RETN-AS)
4	139.45.197.156 139.45.197.156	9002 (RETN-AS) (RETN-AS)
1	74.125.206.155 74.125.206.155	15169 (GOOGLE) (GOOGLE)
1	142.251.35.162 142.251.35.162	15169 (GOOGLE) (GOOGLE)
3	139.45.197.240 139.45.197.240	9002 (RETN-AS) (RETN-AS)
4	104.22.25.116 104.22.25.116	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.162.156.35 178.162.156.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 5	99.84.82.74 99.84.82.74	16509 (AMAZON-02) (AMAZON-02)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	209.205.219.146 209.205.219.146	55081 (24SHELLS) (24SHELLS)
5 5	18.195.239.175 18.195.239.175	16509 (AMAZON-02) (AMAZON-02)
3 4	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
2 2	96.46.183.20 96.46.183.20	7979 (SERVERS-COM) (SERVERS-COM)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
1	104.19.216.61 104.19.216.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	142.250.80.66 142.250.80.66	15169 (GOOGLE) (GOOGLE)
2	142.250.80.1 142.250.80.1	15169 (GOOGLE) (GOOGLE)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	23.227.139.243 23.227.139.243	55081 (24SHELLS) (24SHELLS)
2	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
2	139.45.197.238 139.45.197.238	() ()
155	38

16 5.189.137.168 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi465240.contaboserver.net

paste.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.65.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dozubatan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)

seeptoag.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pseepsie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.203.125.88 (United Kingdom)

ASN31727 (NODE4-AS, GB)
PTR: server.switchtowood.co.uk

www.qrcoder.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.133.97 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.12.118 (United States)

ASN13335 (CLOUDFLARENET, US)

iclickcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.234 (United Kingdom)

ASN9002 (RETN-AS, GB)

bedrapiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.206.138 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f138.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

toglooman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)

onmarshtompor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.125.133.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.102.1.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 173.194.76.147 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.33 (United States)

ASN13335 (CLOUDFLARENET, US)

static.lalaping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.162 (United Kingdom)

ASN9002 (RETN-AS, GB)

interst12.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.156 (United Kingdom)

ASN9002 (RETN-AS, GB)

static.cdnativepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.206.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f155.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.35.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.240 (United Kingdom)

ASN9002 (RETN-AS, GB)

propeller-tracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.22.25.116 (None, )

ASN13335 (CLOUDFLARENET, US)

littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.19.134.78 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.156.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

perf.cdnads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 99.84.82.74 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-82-74.muc50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.205.219.146 (Piscataway, United States)

ASN55081 (24SHELLS, US)
PTR: static-146-219-205-209.24shells.net

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.195.239.175 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-239-175.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.19.147.44 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

usermatch.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.46.183.20 (United States) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.216.61 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.1 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.139.243 (Piscataway, United States) 1 redirects

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

o.wowreality.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.238 (None, )

ASN- ()

forflygonom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	mgid.com jsc.mgid.com c.mgid.com cdn.mgid.com servicer.mgid.com s-img.mgid.com cm.mgid.com	376 KB
16	paste.co.id paste.co.id	409 KB
10	seeptoag.net seeptoag.net	64 KB
8	google.com www.google.com adservice.google.com	36 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	175 KB
7	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	11 KB
6	toglooman.com toglooman.com	126 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	scorecardresearch.com 2 redirects sb.scorecardresearch.com	3 KB
5	interst12.com interst12.com	159 KB
5	inpagepush.com inpagepush.com	33 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	littlecdn.com littlecdn.com	35 KB
4	cdnativepush.com static.cdnativepush.com	8 KB
4	rtmark.net my.rtmark.net	2 KB
4	cloudflare.com cdnjs.cloudflare.com	49 KB
3	propeller-tracking.com propeller-tracking.com	4 KB
3	pseepsie.com pseepsie.com	44 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	forflygonom.com forflygonom.com	650 B
2	wowreality.info o.wowreality.info	398 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	755 B
2	creativecdn.com 2 redirects creativecdn.com	687 B
2	betweendigital.com 2 redirects ads.betweendigital.com	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	907 B
2	1rx.io 2 redirects sync.1rx.io	743 B
2	unrulymedia.com 1 redirects usermatch.targeting.unrulymedia.com sync.targeting.unrulymedia.com	614 B
2	adtelligent.com 1 redirects s.adtelligent.com sync.adtelligent.com	1 KB
2	googletagmanager.com www.googletagmanager.com	81 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
1	lentainform.com cm.lentainform.com	495 B
1	idealmedia.io cm.idealmedia.io	413 B
1	cdnads.com perf.cdnads.com	323 B
1	googletagservices.com www.googletagservices.com	27 KB
1	googleadservices.com partner.googleadservices.com	626 B
1	lalaping.com static.lalaping.com	34 KB
1	onmarshtompor.com onmarshtompor.com	833 B
1	dozubatan.com dozubatan.com	30 KB
1	bedrapiona.com bedrapiona.com	2 KB
1	iclickcdn.com iclickcdn.com	22 KB
1	qrcoder.co.uk www.qrcoder.co.uk
0	e-volution.ai Failed sync.e-volution.ai Failed
155	42

	Domain	Requested by
17	s-img.mgid.com	jsc.mgid.com
16	paste.co.id	paste.co.id cdnjs.cloudflare.com
10	seeptoag.net	paste.co.id seeptoag.net
8	cm.mgid.com	jsc.mgid.com s.adtelligent.com
7	www.google.com	paste.co.id tpc.googlesyndication.com
6	toglooman.com	iclickcdn.com toglooman.com
6	pagead2.googlesyndication.com	paste.co.id pagead2.googlesyndication.com tpc.googlesyndication.com
5	x.bidswitch.net	5 redirects
5	sb.scorecardresearch.com	2 redirects jsc.mgid.com
5	interst12.com	toglooman.com interst12.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	inpagepush.com	paste.co.id inpagepush.com
4	littlecdn.com	interst12.com
4	cdn.mgid.com	paste.co.id jsc.mgid.com
4	static.cdnativepush.com	paste.co.id inpagepush.com
4	c.mgid.com	jsc.mgid.com
4	my.rtmark.net	paste.co.id onmarshtompor.com inpagepush.com
4	cdnjs.cloudflare.com	paste.co.id
3	servicer.mgid.com	jsc.mgid.com
3	propeller-tracking.com	interst12.com propeller-tracking.com
3	pseepsie.com	iclickcdn.com pseepsie.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	forflygonom.com
2	o.wowreality.info	static.lalaping.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	rtb-usw.mfadsrvr.com	2 redirects
2	creativecdn.com	2 redirects
2	ads.betweendigital.com	2 redirects
2	match.adsrvr.org	2 redirects
2	sync.1rx.io	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	www.googletagmanager.com	paste.co.id www.googletagmanager.com
2	jsc.mgid.com	paste.co.id jsc.mgid.com
2	maxcdn.bootstrapcdn.com	paste.co.id maxcdn.bootstrapcdn.com
1	sync.adtelligent.com	1 redirects
1	token.rubiconproject.com	eus.rubiconproject.com
1	cm.g.doubleclick.net	1 redirects
1	cm.lentainform.com
1	cm.idealmedia.io
1	sync.targeting.unrulymedia.com
1	usermatch.targeting.unrulymedia.com	1 redirects
1	s.adtelligent.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	perf.cdnads.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.lalaping.com	toglooman.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	onmarshtompor.com	iclickcdn.com
1	dozubatan.com	iclickcdn.com
1	bedrapiona.com	iclickcdn.com
1	iclickcdn.com	paste.co.id
1	www.qrcoder.co.uk	paste.co.id
0	sync.e-volution.ai Failed
155	55

This site contains links to these domains. Also see Links.

Domain
widgets.mgid.com
www.mgid.com
www.imdb.com
blog.goo.ne.jp
q.hatena.ne.jp
answers.launchpad.net
gist.github.com

Subject Issuer	Validity	Valid
paste.co.id R3	`2021-08-21` - `2021-11-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
inpagepush.com R3	`2021-07-30` - `2021-10-28`	3 months	crt.sh
seeptoag.net R3	`2021-08-11` - `2021-11-09`	3 months	crt.sh
qrcoder.co.uk cPanel, Inc. Certification Authority	`2021-08-14` - `2021-11-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
bedrapiona.com R3	`2021-08-03` - `2021-11-01`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
dozubatan.com R3	`2021-08-10` - `2021-11-08`	3 months	crt.sh
pseepsie.com R3	`2021-08-16` - `2021-11-14`	3 months	crt.sh
toglooman.com R3	`2021-09-07` - `2021-12-06`	3 months	crt.sh
onmarshtompor.com R3	`2021-08-04` - `2021-11-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
interst12.com R3	`2021-07-26` - `2021-10-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
cdnativepush.com R3	`2021-07-14` - `2021-10-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
propeller-tracking.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-05` - `2021-11-05`	a year	crt.sh
*.cdnads.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-07` - `2021-11-23`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-08-05` - `2021-11-03`	3 months	crt.sh
*.targeting.unrulymedia.com DigiCert SHA2 Secure Server CA	`2020-05-04` - `2022-05-09`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
wowreality.info R3	`2021-07-30` - `2021-10-28`	3 months	crt.sh
forflygonom.com R3	`2021-08-10` - `2021-11-08`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://paste.co.id/U4QpQI3Ncp
Frame ID: A177774E002EA0D6EDC119AB828DA899
Requests: 117 HTTP requests in this frame

Frame: https://onmarshtompor.com/fac.php?OAID=5f37bc7e692e4808b6aa434f8cbc9c29&oaidts=1631383552
Frame ID: 2554F579511D8FADA7D1266C0CCB0B8E
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: C6A409FE221697971E9A7566B1FDD191
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html
Frame ID: 79610879F656F30E8FBEEC7F74C044A8
Requests: 1 HTTP requests in this frame

Frame: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D4195571952%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DMfmJmNn6ushC7g1_-Yqnao5Or_Rq8YTJrbHnt5RwNyGW3SSMr6nFRbenSumQnjmBEao11dSeKTMXsyiSwu3OZ4jDc5Lt7Bp7IGvuB8KSs-7fXuT6_yESIjj4aV37yx_aC7-B6FMw6Px3eB24e_CNwyUdED1VtgheGk_q5q2wPNkaM0ubpo51IM1zG99_GrGlGgfzDj70aCkFLOpWaP_a3PiSI0uUoz_CWjF-WyDMjfKso4oQMlSL3vUp7SQAcoeGexRHbPTyFEOM9iZcwolRAmC3vg2-fJEMdP4nOQ%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Da24b7c16-a588-4ec0-85fb-31ae7781073c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FU4QpQI3Ncp%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Frame ID: 3DB7F678D00B637A77D75F545862D00D
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1631383553&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631383552972&bpp=3&bdt=686&idt=442&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7468184500076&frm=20&pv=2&ga_vid=1862058005.1631383553&ga_sid=1631383553&ga_hid=1869705893&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3936335703320062&pem=197&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=455
Frame ID: E656885147233D9E554570D4E33A5A03
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.1227730195~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1631383553&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631383553609&bpp=2&bdt=1323&idt=-M&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D93b7de212e29d29a-229f5126edca00f0%3AT%3D1631383553%3ART%3D1631383553%3AS%3DALNI_MZ8BM7MFi7B-D9euN1yK-DlBcdKDw&prev_fmts=0x0&nras=2&correlator=7468184500076&frm=20&pv=1&ga_vid=1862058005.1631383553&ga_sid=1631383553&ga_hid=1869705893&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=1655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3936335703320062&pem=197&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=92eHuExA18&p=https%3A//paste.co.id&dtd=10
Frame ID: AA4E168C5C92001FB1F6E2E62A97FE2F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=1213588912&adf=2179270891&pi=t.aa~a.2711115096~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1631383553&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631383553609&bpp=1&bdt=1324&idt=-M&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D93b7de212e29d29a-229f5126edca00f0%3AT%3D1631383553%3ART%3D1631383553%3AS%3DALNI_MZ8BM7MFi7B-D9euN1yK-DlBcdKDw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7468184500076&frm=20&pv=1&ga_vid=1862058005.1631383553&ga_sid=1631383553&ga_hid=1869705893&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=1979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3936335703320062&pem=197&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=UbdHWrQSVH&p=https%3A//paste.co.id&dtd=15
Frame ID: BB68DB56BB7402585801464C40EA914C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=90&adk=2820297975&adf=1011119886&pi=t.aa~a.2711115096~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1631383553&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x90&url=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631383553609&bpp=1&bdt=1324&idt=0&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D93b7de212e29d29a-229f5126edca00f0%3AT%3D1631383553%3ART%3D1631383553%3AS%3DALNI_MZ8BM7MFi7B-D9euN1yK-DlBcdKDw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=7468184500076&frm=20&pv=1&ga_vid=1862058005.1631383553&ga_sid=1631383553&ga_hid=1869705893&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=2455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3936335703320062&pem=197&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Fza4FZivgT&p=https%3A//paste.co.id&dtd=18
Frame ID: E317D0031E11153EB51C186D6CFCD4D1
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1631383553880485114676
Frame ID: F38B0694B33608EDB789E612D6F7C552
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 3693074B8B223E64B228DAAD32FA818F
Requests: 3 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: 541EDB120FD6770197A0E9D44B848420
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: BD0576370077CD5F087758339130573C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5676B840C85CCAE8075D4F959944A798
Requests: 2 HTTP requests in this frame

Frame: https://static.cdnativepush.com/contents/s/27/37/a4/8fd12ad9d8597ca0ddca80c749/0738745987824.png
Frame ID: 0BE37FF75E2230D6C5D97FB471C6A787
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

56897fsdh - Paste.co.id

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prism (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

prism\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

155
Requests

99 %
HTTPS

0 %
IPv6

42
Domains

55
Subdomains

38
IPs

5
Countries

1849 kB
Transfer

4113 kB
Size

45
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.mgid.com/?utm_source=paste.co.id&utm_medium=referral&utm_campaign=widgets&utm_content=997452

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164857/i/57333099/0/pp/1/1?h=xv9I7Km__XWvyNreD2mw7JIyz8ujVAtMmxA3I5O59Oabz3zaTG1UsvcMk-qcRRKn&rid=e79ffeef-132a-11ec-b63a-d094662c1c35&tt=Direct&att=3&afrd=8&iv=11&ct=1&muid=l8bR8wC3yz5b

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193510/i/57333099/0/pp/2/1?h=xv9I7Km__XWvyNreD2mw7KAy-eefVGwSwatesX6rutH0tyRZssjjL-20CS8fDtuJ&rid=e79ffeef-132a-11ec-b63a-d094662c1c35&tt=Direct&att=3&afrd=8&iv=11&ct=1&muid=l8bR8wC3yz5b

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164920/i/57333099/0/pp/3/1?h=xv9I7Km__XWvyNreD2mw7E7KCz3iuNnPJP2Dm4XQY9o9YG0fyeXUEWQXP3LZmbAW&rid=e79ffeef-132a-11ec-b63a-d094662c1c35&tt=Direct&att=3&afrd=8&iv=11&ct=1&muid=l8bR8wC3yz5b

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164841/i/57333099/0/pp/4/1?h=xv9I7Km__XWvyNreD2mw7HyIwuWgwariIUSe4eFi8lG1B08unJpAIy4Zqh61eva8&rid=e79ffeef-132a-11ec-b63a-d094662c1c35&tt=Direct&att=3&afrd=8&iv=11&ct=1&muid=l8bR8wC3yz5b

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965678/
Title: https://www.imdb.com/list/ls097965678/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965611/
Title: https://www.imdb.com/list/ls097965611/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965638/
Title: https://www.imdb.com/list/ls097965638/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965669/
Title: https://www.imdb.com/list/ls097965669/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965677/
Title: https://www.imdb.com/list/ls097965677/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965683/
Title: https://www.imdb.com/list/ls097965683/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965202/
Title: https://www.imdb.com/list/ls097965202/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965251/
Title: https://www.imdb.com/list/ls097965251/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965270/
Title: https://www.imdb.com/list/ls097965270/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965279/
Title: https://www.imdb.com/list/ls097965279/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965269/
Title: https://www.imdb.com/list/ls097965269/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965226/
Title: https://www.imdb.com/list/ls097965226/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965240/
Title: https://www.imdb.com/list/ls097965240/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965295/
Title: https://www.imdb.com/list/ls097965295/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965285/
Title: https://www.imdb.com/list/ls097965285/

Search URL Search Domain Scan URL

URL: https://blog.goo.ne.jp/weddoz/e/7c070b14b0fe6f122cfad0ce3d8db509
Title: https://blog.goo.ne.jp/weddoz/e/7c070b14b0fe6f122cfad0ce3d8db509

Search URL Search Domain Scan URL

URL: https://q.hatena.ne.jp/1573682219
Title: https://q.hatena.ne.jp/1573682219

Search URL Search Domain Scan URL

URL: https://q.hatena.ne.jp/1573682268
Title: https://q.hatena.ne.jp/1573682268

Search URL Search Domain Scan URL

URL: https://answers.launchpad.net/ubuntu/+question/685849
Title: https://answers.launchpad.net/ubuntu/+question/685849

Search URL Search Domain Scan URL

URL: https://gist.github.com/kmonaalaxiq/87990bebe66d86daf6810756dd370053
Title: https://gist.github.com/kmonaalaxiq/87990bebe66d86daf6810756dd370053

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164907/i/57333099/0/pp/1/1?h=xv9I7Km__XWvyNreD2mw7MntARUKECv-p45PN0xLBSAd0OXQ-zfuvCy7xs4QRleQ&rid=e7a01d90-132a-11ec-b63a-d094662c1c35&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164841/i/57333099/0/pp/2/1?h=xv9I7Km__XWvyNreD2mw7HyIwuWgwariIUSe4eFi8lECj34HwpQme1p6DvAEV4gO&rid=e7a01d90-132a-11ec-b63a-d094662c1c35&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193526/i/57333099/0/pp/3/1?h=xv9I7Km__XWvyNreD2mw7CgtFzCuBeCy9iutwYi7KXIMhsh7by8MUgFXhsrQqI43&rid=e7a01d90-132a-11ec-b63a-d094662c1c35&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164912/i/57333099/0/pp/4/1?h=xv9I7Km__XWvyNreD2mw7Egvkr7KUFjmTgE9tKV5B26KnW3dI3xM-3bAWKugDBXl&rid=e7a01d90-132a-11ec-b63a-d094662c1c35&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193499/i/57333099/0/pp/1/1?h=xv9I7Km__XWvyNreD2mw7Adfn80mGP0DBIhTeVRumC5Klm_ar0GoDNjXlZCrrkAN&rid=e7a0a0e5-132a-11ec-9cb1-d0946675f626&tt=Direct&att=3&afrd=8&iv=11&ct=1&muid=l8bR8wC3yz5b

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193504/i/57333099/0/pp/2/1?h=xv9I7Km__XWvyNreD2mw7Hl9U37eMe__mkQeim3tIcviqC4Rfd6KrnKS4oEs01UM&rid=e7a0a0e5-132a-11ec-9cb1-d0946675f626&tt=Direct&att=3&afrd=8&iv=11&ct=1&muid=l8bR8wC3yz5b

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164890/i/57333099/0/pp/3/1?h=xv9I7Km__XWvyNreD2mw7J5bwzkoINRwtxlCHjU7oPjw3jvWR5LUflZg7p3IG2lF&rid=e7a0a0e5-132a-11ec-9cb1-d0946675f626&tt=Direct&att=3&afrd=8&iv=11&ct=1&muid=l8bR8wC3yz5b

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164857/i/57333099/0/pp/4/1?h=xv9I7Km__XWvyNreD2mw7JIyz8ujVAtMmxA3I5O59ObsfLjLovFub_tKci3Dd-V7&rid=e7a0a0e5-132a-11ec-9cb1-d0946675f626&tt=Direct&att=3&afrd=8&iv=11&ct=1&muid=l8bR8wC3yz5b

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 121

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 124

https://x.bidswitch.net/sync?dsp_id=303&user_id=l8bR8wC3yz5b HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l8bR8wC3yz5b HTTP 302
https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/00291a84-3de3-4dbc-8c08-d51dcfe7e618?gdpr=&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/bidswitch/00291a84-3de3-4dbc-8c08-d51dcfe7e618?gdpr=&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/bidswitch/00291a84-3de3-4dbc-8c08-d51dcfe7e618?zcc=1&dspret=0&cb=1631383554315 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-17d63829-104a-49ba-9390-ef57b57a294e-003

Request Chain 126

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=26d2ceff-e412-4165-ab6a-30445d4b82a3&ttl=1633975554

Request Chain 127

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=ecdcb628-25c0-53fe-96df-c72af7e33728&ssp=mgid&expires=30&user_group=1 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=00291a84-3de3-4dbc-8c08-d51dcfe7e618&gdpr=&gdpr_consent=&us_privacy=

Request Chain 128

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=hcV59Y9dpuCMdRyze03r&pi=mgid&tc=1

Request Chain 129

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=fce8ca69-2116-4216-a9a0-4f90f5db267a

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDhiUjh3QzN5ejVi&muidn=l8bR8wC3yz5b HTTP 302
https://cm.mgid.com/google?muidn=l8bR8wC3yz5b&google_ula={guid},5&google_gid=CAESENjN-8vO2Nve0XFMZyZBxSA&google_cver=1

Request Chain 132

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1631383553994&ns_c=UTF-8&cv=3.5&c8=56897fsdh%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1631383553994&ns_c=UTF-8&cv=3.5&c8=56897fsdh%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&c9=

Request Chain 133

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1631383553995&ns_c=UTF-8&cv=3.5&c8=56897fsdh%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1631383553995&ns_c=UTF-8&cv=3.5&c8=56897fsdh%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&c9=

Request Chain 137

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D HTTP 302
https://cm.mgid.com/m?cdsp=617666&c=13493298d8585539

155 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request U4QpQI3Ncp Show response
paste.co.id/ 85 KB
25 KB 2979ms
2299ms Document
text/html 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/U4QpQI3Ncp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: c999d28f053582f6e78b22191ea6b6291c80df51035f685544c4f7f2ff212fa3

Request headers

:method: GET
:authority: paste.co.id
:scheme: https
:path: /U4QpQI3Ncp
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
content-type: text/html; charset=UTF-8
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
set-cookie: XSRF-TOKEN=eyJpdiI6InpBQVlDUDN1ZndsRkYyVmhsWXFjUVE9PSIsInZhbHVlIjoiOGd5TFdld1djRDhKa1hFc05qdDdmYkV2TVE3ekZPYjFxSGRwbm00dG82dmQ2NDBTRHJ3Y0srZldhUUZBcEdxdiIsIm1hYyI6ImU1Y2FkOGQ1MWI2NWE5MzNlZDRkNjk0YTgxMjBmMzFmYWJmNjZjM2FjNDA4ZDQ0MTVhYTMwZTY0ODFjNGQ3MzEifQ%3D%3D; expires=Sat, 11-Sep-2021 20:05:52 GMT; Max-Age=7200; path=/ pasteshr_session=eyJpdiI6IkxKV0Y4aEtCQnV6SXFwVHNJTUZHVFE9PSIsInZhbHVlIjoiXC9MbGhDMU1xaldGaW9qV2d4K1Y0Zk5Md2dvbFlNMU94a3lacTkxaDBIaEJYRFdPYnI2d3pOemw5elY4NTF0N0UiLCJtYWMiOiI0ZWViOGUwZDQyNmFmZTYzM2YyNTg4NDIxNDgzMGJiYzllOGMwMTc2NjAzYjA5NjBjNDQ0ODBmZmQxYmIzNDVhIn0%3D; expires=Sat, 11-Sep-2021 20:05:52 GMT; Max-Age=7200; path=/; httponly
content-encoding: gzip
vary: Accept-Encoding
content-length: 24950
date: Sat, 11 Sep 2021 18:05:52 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 68ms
25ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617
age: 12227606
cdn-cachedat: 2021-04-23 07:08:31
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: ec580bd8b923316e0940945df3d5dddc
cf-ray: 68d2d3a23f0127b4-PRG
cdn-requestcountrycode: CZ
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.min.css
paste.co.id/css/ 138 KB
18 KB 17ms
15ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/bootstrap.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

:path: /css/bootstrap.min.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InpBQVlDUDN1ZndsRkYyVmhsWXFjUVE9PSIsInZhbHVlIjoiOGd5TFdld1djRDhKa1hFc05qdDdmYkV2TVE3ekZPYjFxSGRwbm00dG82dmQ2NDBTRHJ3Y0srZldhUUZBcEdxdiIsIm1hYyI6ImU1Y2FkOGQ1MWI2NWE5MzNlZDRkNjk0YTgxMjBmMzFmYWJmNjZjM2FjNDA4ZDQ0MTVhYTMwZTY0ODFjNGQ3MzEifQ%3D%3D; pasteshr_session=eyJpdiI6IkxKV0Y4aEtCQnV6SXFwVHNJTUZHVFE9PSIsInZhbHVlIjoiXC9MbGhDMU1xaldGaW9qV2d4K1Y0Zk5Md2dvbFlNMU94a3lacTkxaDBIaEJYRFdPYnI2d3pOemw5elY4NTF0N0UiLCJtYWMiOiI0ZWViOGUwZDQyNmFmZTYzM2YyNTg4NDIxNDgzMGJiYzllOGMwMTc2NjAzYjA5NjBjNDQ0ODBmZmQxYmIzNDVhIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/U4QpQI3Ncp
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/U4QpQI3Ncp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: br
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
etag: "22688-5be452f6-4a15aa;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 18560
expires: Sat, 18 Sep 2021 18:05:52 GMT

GET
H2 200 mdb.min.css
paste.co.id/css/ 226 KB
22 KB 20ms
18ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/mdb.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045

Request headers

:path: /css/mdb.min.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InpBQVlDUDN1ZndsRkYyVmhsWXFjUVE9PSIsInZhbHVlIjoiOGd5TFdld1djRDhKa1hFc05qdDdmYkV2TVE3ekZPYjFxSGRwbm00dG82dmQ2NDBTRHJ3Y0srZldhUUZBcEdxdiIsIm1hYyI6ImU1Y2FkOGQ1MWI2NWE5MzNlZDRkNjk0YTgxMjBmMzFmYWJmNjZjM2FjNDA4ZDQ0MTVhYTMwZTY0ODFjNGQ3MzEifQ%3D%3D; pasteshr_session=eyJpdiI6IkxKV0Y4aEtCQnV6SXFwVHNJTUZHVFE9PSIsInZhbHVlIjoiXC9MbGhDMU1xaldGaW9qV2d4K1Y0Zk5Md2dvbFlNMU94a3lacTkxaDBIaEJYRFdPYnI2d3pOemw5elY4NTF0N0UiLCJtYWMiOiI0ZWViOGUwZDQyNmFmZTYzM2YyNTg4NDIxNDgzMGJiYzllOGMwMTc2NjAzYjA5NjBjNDQ0ODBmZmQxYmIzNDVhIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/U4QpQI3Ncp
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/U4QpQI3Ncp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: br
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
etag: "38940-5be452f6-4a15a9;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 22616
expires: Sat, 18 Sep 2021 18:05:52 GMT

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/ 15 KB
2 KB 82ms
25ms Stylesheet
text/css 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/select2.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 87512
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1624
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-3b5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VCO9H4Mlwwf4bFUq1EL13%2BMl9AjahCzCNVk4AKVVFB6dwFwG%2FESPxsDF53qtgt4vKQ%2BVsvlfozKWbqr%2Bbdi%2FMwgX442HQpxaqoRGKhFS9%2B6g5DGvJ6tTkB0yhBvTsaBN2v3C52m6"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68d2d3a25abe4107-PRG
expires: Thu, 01 Sep 2022 18:05:52 GMT

GET
H2 200 special.min.css
paste.co.id/css/skins/ 3 KB
866 B 34ms
33ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/skins/special.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: d801a7aee4bfe2c958fd643f0cbeec4594298233004ada814fbff90eeb0b1c0b

Request headers

:path: /css/skins/special.min.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InpBQVlDUDN1ZndsRkYyVmhsWXFjUVE9PSIsInZhbHVlIjoiOGd5TFdld1djRDhKa1hFc05qdDdmYkV2TVE3ekZPYjFxSGRwbm00dG82dmQ2NDBTRHJ3Y0srZldhUUZBcEdxdiIsIm1hYyI6ImU1Y2FkOGQ1MWI2NWE5MzNlZDRkNjk0YTgxMjBmMzFmYWJmNjZjM2FjNDA4ZDQ0MTVhYTMwZTY0ODFjNGQ3MzEifQ%3D%3D; pasteshr_session=eyJpdiI6IkxKV0Y4aEtCQnV6SXFwVHNJTUZHVFE9PSIsInZhbHVlIjoiXC9MbGhDMU1xaldGaW9qV2d4K1Y0Zk5Md2dvbFlNMU94a3lacTkxaDBIaEJYRFdPYnI2d3pOemw5elY4NTF0N0UiLCJtYWMiOiI0ZWViOGUwZDQyNmFmZTYzM2YyNTg4NDIxNDgzMGJiYzllOGMwMTc2NjAzYjA5NjBjNDQ0ODBmZmQxYmIzNDVhIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/U4QpQI3Ncp
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/U4QpQI3Ncp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: br
last-modified: Wed, 24 Apr 2019 12:08:22 GMT
server: LiteSpeed
etag: "bab-5cc051b6-5052d5;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 778
expires: Sat, 18 Sep 2021 18:05:52 GMT

GET
H2 200 app.min.css
paste.co.id/css/ 648 B
311 B 34ms
33ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/app.min.css?v=1.2
Requested by: Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b

Request headers

:path: /css/app.min.css?v=1.2
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InpBQVlDUDN1ZndsRkYyVmhsWXFjUVE9PSIsInZhbHVlIjoiOGd5TFdld1djRDhKa1hFc05qdDdmYkV2TVE3ekZPYjFxSGRwbm00dG82dmQ2NDBTRHJ3Y0srZldhUUZBcEdxdiIsIm1hYyI6ImU1Y2FkOGQ1MWI2NWE5MzNlZDRkNjk0YTgxMjBmMzFmYWJmNjZjM2FjNDA4ZDQ0MTVhYTMwZTY0ODFjNGQ3MzEifQ%3D%3D; pasteshr_session=eyJpdiI6IkxKV0Y4aEtCQnV6SXFwVHNJTUZHVFE9PSIsInZhbHVlIjoiXC9MbGhDMU1xaldGaW9qV2d4K1Y0Zk5Md2dvbFlNMU94a3lacTkxaDBIaEJYRFdPYnI2d3pOemw5elY4NTF0N0UiLCJtYWMiOiI0ZWViOGUwZDQyNmFmZTYzM2YyNTg4NDIxNDgzMGJiYzllOGMwMTc2NjAzYjA5NjBjNDQ0ODBmZmQxYmIzNDVhIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/U4QpQI3Ncp
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/U4QpQI3Ncp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: br
last-modified: Fri, 05 Jun 2020 17:06:52 GMT
server: LiteSpeed
etag: "288-5eda7bac-4a15ad;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 222
expires: Sat, 18 Sep 2021 18:05:52 GMT

GET
H2 200 prism-okadia.css
paste.co.id/plugins/prismjs/ 13 KB
3 KB 34ms
34ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism-okadia.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6

Request headers

:path: /plugins/prismjs/prism-okadia.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InpBQVlDUDN1ZndsRkYyVmhsWXFjUVE9PSIsInZhbHVlIjoiOGd5TFdld1djRDhKa1hFc05qdDdmYkV2TVE3ekZPYjFxSGRwbm00dG82dmQ2NDBTRHJ3Y0srZldhUUZBcEdxdiIsIm1hYyI6ImU1Y2FkOGQ1MWI2NWE5MzNlZDRkNjk0YTgxMjBmMzFmYWJmNjZjM2FjNDA4ZDQ0MTVhYTMwZTY0ODFjNGQ3MzEifQ%3D%3D; pasteshr_session=eyJpdiI6IkxKV0Y4aEtCQnV6SXFwVHNJTUZHVFE9PSIsInZhbHVlIjoiXC9MbGhDMU1xaldGaW9qV2d4K1Y0Zk5Md2dvbFlNMU94a3lacTkxaDBIaEJYRFdPYnI2d3pOemw5elY4NTF0N0UiLCJtYWMiOiI0ZWViOGUwZDQyNmFmZTYzM2YyNTg4NDIxNDgzMGJiYzllOGMwMTc2NjAzYjA5NjBjNDQ0ODBmZmQxYmIzNDVhIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/U4QpQI3Ncp
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/U4QpQI3Ncp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: br
last-modified: Tue, 29 Jan 2019 22:43:52 GMT
server: LiteSpeed
etag: "326d-5c50d728-4c4795;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3354
expires: Sat, 18 Sep 2021 18:05:52 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 353ms
142ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

2bf197fa38847e6db1d4a45ddd4c79159d33ba65664a8f3ab1285bd23b96a0da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49461
x-xss-protection: 0
server: cafe
etag: 16557277385670404818
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 11 Sep 2021 18:05:52 GMT

GET
H2 200 3509488 Show response
inpagepush.com/400/ 84 KB
30 KB 122ms
30ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3509488

Requested by

Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d0e63c12b933f4c70dcf3880a7bbfb550f56a42e3aabed8c2e88f44df994921a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: de74214fa1c8f73d03ca7ec911085022
pragma: no-cache
date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 ntfc.php Show response
seeptoag.net/ 15 KB
6 KB 74ms
17ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/ntfc.php?p=3534037
Requested by: Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8f1385838fa75da4b5f1ea1f44898ed01e77b1f678a1afe30326cd283978fd1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 09:06:02 GMT
server: nginx
etag: W/"612f427a-3b23"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H3 200 default-avatar.png
paste.co.id/img/ 7 KB
7 KB 79ms
78ms Image
image/png 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paste.co.id/img/default-avatar.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517

Request headers

:path: /img/default-avatar.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InpBQVlDUDN1ZndsRkYyVmhsWXFjUVE9PSIsInZhbHVlIjoiOGd5TFdld1djRDhKa1hFc05qdDdmYkV2TVE3ekZPYjFxSGRwbm00dG82dmQ2NDBTRHJ3Y0srZldhUUZBcEdxdiIsIm1hYyI6ImU1Y2FkOGQ1MWI2NWE5MzNlZDRkNjk0YTgxMjBmMzFmYWJmNjZjM2FjNDA4ZDQ0MTVhYTMwZTY0ODFjNGQ3MzEifQ%3D%3D; pasteshr_session=eyJpdiI6IkxKV0Y4aEtCQnV6SXFwVHNJTUZHVFE9PSIsInZhbHVlIjoiXC9MbGhDMU1xaldGaW9qV2d4K1Y0Zk5Md2dvbFlNMU94a3lacTkxaDBIaEJYRFdPYnI2d3pOemw5elY4NTF0N0UiLCJtYWMiOiI0ZWViOGUwZDQyNmFmZTYzM2YyNTg4NDIxNDgzMGJiYzllOGMwMTc2NjAzYjA5NjBjNDQ0ODBmZmQxYmIzNDVhIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: paste.co.id
referer: https://paste.co.id/U4QpQI3Ncp
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/U4QpQI3Ncp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
last-modified: Wed, 28 Nov 2018 16:58:44 GMT
server: LiteSpeed
etag: "1b2d-5bfec944-90052b;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 6957
expires: Sat, 18 Sep 2021 18:05:52 GMT

GET
H2 200 paste.co.id.997452.js Show response
jsc.mgid.com/p/a/ 2 KB
1 KB 117ms
46ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79608ed044b1bf4569cf31dcd176a26f53c471a03970ed70464412da09e82ecc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: NVEV87EKW60AHYZ9
last-modified: Wed, 08 Sep 2021 08:19:02 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2: x0u/lUat5DtMvU8qO5SPR52R0aKLrmsHclPyWE8rtV9Kyl20SiYsmuUqBOEtWW6jcrIcp0uM9CM=
cf-bgj: minify
server: cloudflare
etag: W/"dea68416d34cb5dd06911963861adb91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 68d2d3a33d74277c-PRG
expires: Sat, 11 Sep 2021 21:05:52 GMT

GET
H/1.1 403
Forbidden /
www.qrcoder.co.uk/api/v1/ 0
0 97ms
27ms Image
text/html 109.203.125.88
NODE4-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.qrcoder.co.uk/api/v1/?size=4&text=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp
Requested by: Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 109.203.125.88 , United Kingdom, ASN31727 (NODE4-AS, GB),
Reverse DNS: server.switchtowood.co.uk
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
27 KB 25ms
25ms Script
application/javascript 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4929
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27433
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7C3zVCKwZsrf0sACGvrN66DvMvXnDZJgJnp29IwvTG59kOlON%2B7dT6OTNFtWBhjmH1QIQZB6pmMRN6fCvbJq138Nw0Rac6Hfg4%2B41EW2OH%2BVTDmRTCzWk4HW%2FWHVr2IkAqV8XWbg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68d2d3a26ad64107-PRG
expires: Thu, 01 Sep 2022 18:05:52 GMT

GET
H3 200 bootstrap.min.js Show response
paste.co.id/js/ 50 KB
13 KB 18ms
18ms Script
application/x-javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/bootstrap.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

:path: /js/bootstrap.min.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InpBQVlDUDN1ZndsRkYyVmhsWXFjUVE9PSIsInZhbHVlIjoiOGd5TFdld1djRDhKa1hFc05qdDdmYkV2TVE3ekZPYjFxSGRwbm00dG82dmQ2NDBTRHJ3Y0srZldhUUZBcEdxdiIsIm1hYyI6ImU1Y2FkOGQ1MWI2NWE5MzNlZDRkNjk0YTgxMjBmMzFmYWJmNjZjM2FjNDA4ZDQ0MTVhYTMwZTY0ODFjNGQ3MzEifQ%3D%3D; pasteshr_session=eyJpdiI6IkxKV0Y4aEtCQnV6SXFwVHNJTUZHVFE9PSIsInZhbHVlIjoiXC9MbGhDMU1xaldGaW9qV2d4K1Y0Zk5Md2dvbFlNMU94a3lacTkxaDBIaEJYRFdPYnI2d3pOemw5elY4NTF0N0UiLCJtYWMiOiI0ZWViOGUwZDQyNmFmZTYzM2YyNTg4NDIxNDgzMGJiYzllOGMwMTc2NjAzYjA5NjBjNDQ0ODBmZmQxYmIzNDVhIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/U4QpQI3Ncp
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/U4QpQI3Ncp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: br
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
etag: "c75f-5be452f6-4418f5;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 13341
expires: Sat, 18 Sep 2021 18:05:52 GMT

GET
H3 200 mdb.min.js Show response
paste.co.id/js/ 204 KB
59 KB 19ms
18ms Script
application/x-javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/mdb.min.js?v=2
Requested by: Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669

Request headers

:path: /js/mdb.min.js?v=2
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InpBQVlDUDN1ZndsRkYyVmhsWXFjUVE9PSIsInZhbHVlIjoiOGd5TFdld1djRDhKa1hFc05qdDdmYkV2TVE3ekZPYjFxSGRwbm00dG82dmQ2NDBTRHJ3Y0srZldhUUZBcEdxdiIsIm1hYyI6ImU1Y2FkOGQ1MWI2NWE5MzNlZDRkNjk0YTgxMjBmMzFmYWJmNjZjM2FjNDA4ZDQ0MTVhYTMwZTY0ODFjNGQ3MzEifQ%3D%3D; pasteshr_session=eyJpdiI6IkxKV0Y4aEtCQnV6SXFwVHNJTUZHVFE9PSIsInZhbHVlIjoiXC9MbGhDMU1xaldGaW9qV2d4K1Y0Zk5Md2dvbFlNMU94a3lacTkxaDBIaEJYRFdPYnI2d3pOemw5elY4NTF0N0UiLCJtYWMiOiI0ZWViOGUwZDQyNmFmZTYzM2YyNTg4NDIxNDgzMGJiYzllOGMwMTc2NjAzYjA5NjBjNDQ0ODBmZmQxYmIzNDVhIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/U4QpQI3Ncp
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/U4QpQI3Ncp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: br
last-modified: Tue, 29 Jan 2019 22:15:46 GMT
server: LiteSpeed
etag: "331d6-5c50d092-441907;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 60235
expires: Sat, 18 Sep 2021 18:05:52 GMT

GET
H3 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/ 65 KB
16 KB 52ms
30ms Script
application/javascript 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/select2.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1202188
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15668
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-1042e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKudsdT7udVgAkiF4txpqdSFWmFiAEEcBdn%2FcfmkL4MPI16rx5nXj3YEkcc4h7EiY3qHIhCfGeBbjGSxrjazH7JE2GTt2gC8oahD6Jj1cEYhKMoAUtjU6g3iRbrhzy%2BVrD0pAmh4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68d2d3a2ec71278c-PRG
expires: Thu, 01 Sep 2022 18:05:52 GMT

GET
H3 200 ads.js Show response
paste.co.id/js/ 22 B
85 B 69ms
67ms Script
application/x-javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/ads.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140

Request headers

:path: /js/ads.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InpBQVlDUDN1ZndsRkYyVmhsWXFjUVE9PSIsInZhbHVlIjoiOGd5TFdld1djRDhKa1hFc05qdDdmYkV2TVE3ekZPYjFxSGRwbm00dG82dmQ2NDBTRHJ3Y0srZldhUUZBcEdxdiIsIm1hYyI6ImU1Y2FkOGQ1MWI2NWE5MzNlZDRkNjk0YTgxMjBmMzFmYWJmNjZjM2FjNDA4ZDQ0MTVhYTMwZTY0ODFjNGQ3MzEifQ%3D%3D; pasteshr_session=eyJpdiI6IkxKV0Y4aEtCQnV6SXFwVHNJTUZHVFE9PSIsInZhbHVlIjoiXC9MbGhDMU1xaldGaW9qV2d4K1Y0Zk5Md2dvbFlNMU94a3lacTkxaDBIaEJYRFdPYnI2d3pOemw5elY4NTF0N0UiLCJtYWMiOiI0ZWViOGUwZDQyNmFmZTYzM2YyNTg4NDIxNDgzMGJiYzllOGMwMTc2NjAzYjA5NjBjNDQ0ODBmZmQxYmIzNDVhIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/U4QpQI3Ncp
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/U4QpQI3Ncp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
last-modified: Sat, 14 Mar 2020 00:25:06 GMT
server: LiteSpeed
etag: "16-5e6c2462-441908;;;"
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 22
expires: Sat, 18 Sep 2021 18:05:52 GMT

GET
H3 200 app.min.js Show response
paste.co.id/js/ 1 KB
710 B 69ms
67ms Script
application/x-javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/app.min.js?v=1.5
Requested by: Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93

Request headers

:path: /js/app.min.js?v=1.5
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InpBQVlDUDN1ZndsRkYyVmhsWXFjUVE9PSIsInZhbHVlIjoiOGd5TFdld1djRDhKa1hFc05qdDdmYkV2TVE3ekZPYjFxSGRwbm00dG82dmQ2NDBTRHJ3Y0srZldhUUZBcEdxdiIsIm1hYyI6ImU1Y2FkOGQ1MWI2NWE5MzNlZDRkNjk0YTgxMjBmMzFmYWJmNjZjM2FjNDA4ZDQ0MTVhYTMwZTY0ODFjNGQ3MzEifQ%3D%3D; pasteshr_session=eyJpdiI6IkxKV0Y4aEtCQnV6SXFwVHNJTUZHVFE9PSIsInZhbHVlIjoiXC9MbGhDMU1xaldGaW9qV2d4K1Y0Zk5Md2dvbFlNMU94a3lacTkxaDBIaEJYRFdPYnI2d3pOemw5elY4NTF0N0UiLCJtYWMiOiI0ZWViOGUwZDQyNmFmZTYzM2YyNTg4NDIxNDgzMGJiYzllOGMwMTc2NjAzYjA5NjBjNDQ0ODBmZmQxYmIzNDVhIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/U4QpQI3Ncp
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/U4QpQI3Ncp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: br
last-modified: Sat, 14 Mar 2020 00:34:12 GMT
server: LiteSpeed
etag: "5b0-5e6c2684-4418f7;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 643
expires: Sat, 18 Sep 2021 18:05:52 GMT

GET
H3 200 prism.js Show response
paste.co.id/plugins/prismjs/ 328 KB
112 KB 69ms
67ms Script
application/x-javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a

Request headers

:path: /plugins/prismjs/prism.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6InpBQVlDUDN1ZndsRkYyVmhsWXFjUVE9PSIsInZhbHVlIjoiOGd5TFdld1djRDhKa1hFc05qdDdmYkV2TVE3ekZPYjFxSGRwbm00dG82dmQ2NDBTRHJ3Y0srZldhUUZBcEdxdiIsIm1hYyI6ImU1Y2FkOGQ1MWI2NWE5MzNlZDRkNjk0YTgxMjBmMzFmYWJmNjZjM2FjNDA4ZDQ0MTVhYTMwZTY0ODFjNGQ3MzEifQ%3D%3D; pasteshr_session=eyJpdiI6IkxKV0Y4aEtCQnV6SXFwVHNJTUZHVFE9PSIsInZhbHVlIjoiXC9MbGhDMU1xaldGaW9qV2d4K1Y0Zk5Md2dvbFlNMU94a3lacTkxaDBIaEJYRFdPYnI2d3pOemw5elY4NTF0N0UiLCJtYWMiOiI0ZWViOGUwZDQyNmFmZTYzM2YyNTg4NDIxNDgzMGJiYzllOGMwMTc2NjAzYjA5NjBjNDQ0ODBmZmQxYmIzNDVhIn0%3D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/U4QpQI3Ncp
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/U4QpQI3Ncp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: br
last-modified: Sat, 24 Nov 2018 17:17:38 GMT
server: LiteSpeed
etag: "521a1-5bf987b2-4c4790;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 114523
expires: Sat, 18 Sep 2021 18:05:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
41 KB 77ms
36ms Script
application/javascript 74.125.133.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-174907544-1

Requested by

Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

1ebadfc20873c85989ad7e6e26b02cd1bcb89ea20cadce26ae4b4741194c4b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41185
x-xss-protection: 0
expires: Sat, 11 Sep 2021 18:05:52 GMT

GET
H2 200 tag.min.js Show response
iclickcdn.com/ 62 KB
22 KB 98ms
28ms Script
text/javascript 104.26.12.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iclickcdn.com/tag.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 187120fddf9f88b8bbdec717ed2a51cb226d264558f12d1f813df3eadeccf100

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
age: 22118
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
x-trace-id: 0d65c7ba4f26dfb7cacb5a7f1029d666
pragma: no-cache
last-modified: Thu, 09 Sep 2021 09:38:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKy7H5kBS%2F%2Bwex8IDJ2BORxrCfFpMxICMGkLKfWWuSZuy4nge6KuMGTV0jOMx2Y5yM6P%2BSTbYDE5AkstGjuQc4slrh82KaNphakm9nBDPgtRE11bPWQbXrCeNfcxfe8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 68d2d3a3385b2790-PRG
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Sun, 12 Sep 2021 11:57:14 GMT

GET
H3 200 Roboto-Light.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 34ms
34ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Light.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75

Request headers

sec-fetch-mode: cors
origin: https://paste.co.id
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6InpBQVlDUDN1ZndsRkYyVmhsWXFjUVE9PSIsInZhbHVlIjoiOGd5TFdld1djRDhKa1hFc05qdDdmYkV2TVE3ekZPYjFxSGRwbm00dG82dmQ2NDBTRHJ3Y0srZldhUUZBcEdxdiIsIm1hYyI6ImU1Y2FkOGQ1MWI2NWE5MzNlZDRkNjk0YTgxMjBmMzFmYWJmNjZjM2FjNDA4ZDQ0MTVhYTMwZTY0ODFjNGQ3MzEifQ%3D%3D; pasteshr_session=eyJpdiI6IkxKV0Y4aEtCQnV6SXFwVHNJTUZHVFE9PSIsInZhbHVlIjoiXC9MbGhDMU1xaldGaW9qV2d4K1Y0Zk5Md2dvbFlNMU94a3lacTkxaDBIaEJYRFdPYnI2d3pOemw5elY4NTF0N0UiLCJtYWMiOiI0ZWViOGUwZDQyNmFmZTYzM2YyNTg4NDIxNDgzMGJiYzllOGMwMTc2NjAzYjA5NjBjNDQ0ODBmZmQxYmIzNDVhIn0%3D
:path: /font/roboto/Roboto-Light.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: paste.co.id
referer: https://paste.co.id/css/mdb.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/css/mdb.min.css
Origin: https://paste.co.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
etag: "c0e4-5be452f6-900467;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 49380
expires: Sat, 18 Sep 2021 18:05:52 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 90ms
67ms Font
font/woff2 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://paste.co.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 601, 617, 718
access-control-allow-origin: *
cdn-cachedat: 2021-08-02 20:43:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 123d9c34dd743a6dca7fd22890f35093
accept-ranges: bytes
cf-ray: 68d2d3a2ff5b4131-PRG
cdn-requestcountrycode: CZ
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 Roboto-Regular.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 51ms
50ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Regular.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0

Request headers

sec-fetch-mode: cors
origin: https://paste.co.id
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6InpBQVlDUDN1ZndsRkYyVmhsWXFjUVE9PSIsInZhbHVlIjoiOGd5TFdld1djRDhKa1hFc05qdDdmYkV2TVE3ekZPYjFxSGRwbm00dG82dmQ2NDBTRHJ3Y0srZldhUUZBcEdxdiIsIm1hYyI6ImU1Y2FkOGQ1MWI2NWE5MzNlZDRkNjk0YTgxMjBmMzFmYWJmNjZjM2FjNDA4ZDQ0MTVhYTMwZTY0ODFjNGQ3MzEifQ%3D%3D; pasteshr_session=eyJpdiI6IkxKV0Y4aEtCQnV6SXFwVHNJTUZHVFE9PSIsInZhbHVlIjoiXC9MbGhDMU1xaldGaW9qV2d4K1Y0Zk5Md2dvbFlNMU94a3lacTkxaDBIaEJYRFdPYnI2d3pOemw5elY4NTF0N0UiLCJtYWMiOiI0ZWViOGUwZDQyNmFmZTYzM2YyNTg4NDIxNDgzMGJiYzllOGMwMTc2NjAzYjA5NjBjNDQ0ODBmZmQxYmIzNDVhIn0%3D
:path: /font/roboto/Roboto-Regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: paste.co.id
referer: https://paste.co.id/css/mdb.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/css/mdb.min.css
Origin: https://paste.co.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
etag: "c054-5be452f6-900463;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 49236
expires: Sat, 18 Sep 2021 18:05:52 GMT

GET
H3 200 Roboto-Bold.woff2
paste.co.id/font/roboto/ 49 KB
49 KB 22ms
21ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Bold.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716

Request headers

sec-fetch-mode: cors
origin: https://paste.co.id
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6InpBQVlDUDN1ZndsRkYyVmhsWXFjUVE9PSIsInZhbHVlIjoiOGd5TFdld1djRDhKa1hFc05qdDdmYkV2TVE3ekZPYjFxSGRwbm00dG82dmQ2NDBTRHJ3Y0srZldhUUZBcEdxdiIsIm1hYyI6ImU1Y2FkOGQ1MWI2NWE5MzNlZDRkNjk0YTgxMjBmMzFmYWJmNjZjM2FjNDA4ZDQ0MTVhYTMwZTY0ODFjNGQ3MzEifQ%3D%3D; pasteshr_session=eyJpdiI6IkxKV0Y4aEtCQnV6SXFwVHNJTUZHVFE9PSIsInZhbHVlIjoiXC9MbGhDMU1xaldGaW9qV2d4K1Y0Zk5Md2dvbFlNMU94a3lacTkxaDBIaEJYRFdPYnI2d3pOemw5elY4NTF0N0UiLCJtYWMiOiI0ZWViOGUwZDQyNmFmZTYzM2YyNTg4NDIxNDgzMGJiYzllOGMwMTc2NjAzYjA5NjBjNDQ0ODBmZmQxYmIzNDVhIn0%3D
:path: /font/roboto/Roboto-Bold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: paste.co.id
referer: https://paste.co.id/css/mdb.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/css/mdb.min.css
Origin: https://paste.co.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
etag: "c338-5be452f6-900465;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 49976
expires: Sat, 18 Sep 2021 18:05:52 GMT

GET
H2 200 zone Show response
seeptoag.net/ 698 B
982 B 207ms
205ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/zone?pub=0&zone_id=3534037&is_mobile=false&domain=paste.co.id&var=&ymid=&var_3=

Requested by

Host: seeptoag.net
URL: https://seeptoag.net/ntfc.php?p=3534037

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

6f9d506ca46f012b32e85827a5af350f3652633d7a61404c814059ffa66d5a1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: 700223f25643422d2d0af793e8dfbde1
date: Sat, 11 Sep 2021 18:05:52 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 698

GET
H2 200 universal.min.js Show response
seeptoag.net/pfe/current/ 101 KB
37 KB 43ms
14ms Fetch
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/pfe/current/universal.min.js?v=3.1.323
Requested by: Host: seeptoag.net
URL: https://seeptoag.net/ntfc.php?p=3534037
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: ea5b2f0ae6e51e58a4849658ff814852af1f2134408d0be55062dbcc1b5868fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 09:06:02 GMT
server: nginx
etag: W/"612f427a-192d7"
content-type: application/javascript
access-control-allow-origin: https://paste.co.id
cache-control: no-cache
access-control-allow-credentials: true

GET
H3 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/ 10 KB
4 KB 28ms
28ms Script
application/javascript 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/plugins/prismjs/prism.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 621533
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2905
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e29-29a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hLc4T5MTpGXzwx%2BZIZHCUwuNUHgf1g0Kn0bbZNS0lw2fbxs7cMpQT73APCvXEMUaa6QlNAWC9cJbz7eOiuA1yA%2FlRvmZZMDLI7oI80kQ7dZyOw1sC27u8ZU7wc5pJcEJQYdIMF0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68d2d3a4880a278c-PRG
expires: Thu, 01 Sep 2022 18:05:52 GMT

POST
H3 200 get-paste Show response
paste.co.id/ 2 KB
2 KB 305ms
304ms XHR
application/json 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/get-paste
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 533a745b338c9bf0748da352fdf77182678a3ee77d7ab7c1f522d3b2fb1081ad

Request headers

sec-fetch-mode: cors
origin: https://paste.co.id
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: XSRF-TOKEN=eyJpdiI6InpBQVlDUDN1ZndsRkYyVmhsWXFjUVE9PSIsInZhbHVlIjoiOGd5TFdld1djRDhKa1hFc05qdDdmYkV2TVE3ekZPYjFxSGRwbm00dG82dmQ2NDBTRHJ3Y0srZldhUUZBcEdxdiIsIm1hYyI6ImU1Y2FkOGQ1MWI2NWE5MzNlZDRkNjk0YTgxMjBmMzFmYWJmNjZjM2FjNDA4ZDQ0MTVhYTMwZTY0ODFjNGQ3MzEifQ%3D%3D; pasteshr_session=eyJpdiI6IkxKV0Y4aEtCQnV6SXFwVHNJTUZHVFE9PSIsInZhbHVlIjoiXC9MbGhDMU1xaldGaW9qV2d4K1Y0Zk5Md2dvbFlNMU94a3lacTkxaDBIaEJYRFdPYnI2d3pOemw5elY4NTF0N0UiLCJtYWMiOiI0ZWViOGUwZDQyNmFmZTYzM2YyNTg4NDIxNDgzMGJiYzllOGMwMTc2NjAzYjA5NjBjNDQ0ODBmZmQxYmIzNDVhIn0%3D
content-length: 63
:path: /get-paste
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: paste.co.id
referer: https://paste.co.id/U4QpQI3Ncp
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://paste.co.id/U4QpQI3Ncp
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
server: LiteSpeed
x-ratelimit-remaining: 58
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
set-cookie: XSRF-TOKEN=eyJpdiI6InUrenhjc1RWUVwvYlRpd0x6YXBodGJ3PT0iLCJ2YWx1ZSI6IlY4MDEzR2Y0d2FxSzBNTTJLelhqYVwvUTZjcklYYU9lc3laS0Z3aG9vOWRXN3pkWFgxcnNzU09GK3BLXC9CaE9FQiIsIm1hYyI6IjAyYjZkYTI0YzViZGZlMzM4NThlNTRiMDk1OWEwYTM5N2VjOTkyODIyMjYxMmUyYTkwMThjNTI2YzlkODZlNTAifQ%3D%3D; expires=Sat, 11-Sep-2021 20:05:53 GMT; Max-Age=7200; path=/ pasteshr_session=eyJpdiI6IjdncUhWNXhtOXhzTkY0VG9XTCtJVnc9PSIsInZhbHVlIjoiUDRXMkVGYUZrSWxFM0s4STZQTFFIaFpvamF5VDYyNjBCSGxcL0Rha3YwSlYyMVhwMU9iTjk2VnZmeHBzcVwvYUV1IiwibWFjIjoiZmY2MjEwNDU1NmU3M2I3MDg4NzcyNzJlZjU5NmYyMjc0ZjEwZGRhNjJhNzI3YTBlZGUyMDdlYmZiNTdmNDdlNiJ9; expires=Sat, 11-Sep-2021 20:05:53 GMT; Max-Age=7200; path=/; httponly
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1585

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 69ms
43ms Script
application/javascript 74.125.133.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137362802-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-174907544-1

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.133.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

eac892b9f0e1485a263dafcd2ec8ed443ebe2377dddd818caa8528ad4d259a10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41191
x-xss-protection: 0
expires: Sat, 11 Sep 2021 18:05:52 GMT

GET
H3 200 paste.co.id.997452.es6.js Show response
jsc.mgid.com/p/a/ 232 KB
65 KB 80ms
55ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86d346d04ac4304fa681a2a2ab854cf156cbae19ff35a188cc600cc5d0d03164

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: VDCYMPX6QNSQHBRE
last-modified: Wed, 08 Sep 2021 08:19:02 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2: VvWyKt7bSDDgvBTYVK3LFfQybkicYGdosGntY3YnBkRx29kfpr85PT69Vf15GQZWrvzXBovf8c4=
cf-bgj: minify
server: cloudflare
etag: W/"6d86f368fa811fddbfeb7b9ec37f0497"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 68d2d3a4db6e412c-PRG
expires: Sat, 11 Sep 2021 21:05:52 GMT

GET
H2 200 / Show response
bedrapiona.com/5/3724584/ 3 KB
2 KB 100ms
36ms XHR
application/json 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/3724584/?oo=1&js_build=2
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: dd1768310eff00cb3991ade0438089211dd37ba53cdf36b02714379e23ee7709

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: 2b3e8b0b3ce67db029fb04787c169820
pragma: no-cache, no-cache
date: Sat, 11 Sep 2021 18:05:50 GMT
content-encoding: gzip
server: nginx
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://paste.co.id
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 custom
seeptoag.net/ Frame 0
0 13ms
13ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: H2
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Sep 2021 18:05:52 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

POST
H2 200 custom Show response
seeptoag.net/ 39 B
322 B 15ms
14ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 03b140866ef3608286922d78d49bf526
date: Sat, 11 Sep 2021 18:05:52 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 70ms
15ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=f718cd75d4284a169b259fbaafe92d0f&zoneId=3534037&checkDuplicate=true&ymid=&var=

Requested by

Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

99a9a57687ac274dd9bd60a0e66c1a653252d7826f4d12dc9e1b19ab006fcec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:50 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 55ms
15ms Script
text/javascript 74.125.206.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137362802-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4040
date: Sat, 11 Sep 2021 16:58:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19747
expires: Sat, 11 Sep 2021 18:58:32 GMT

GET
H2 200 3724582 Show response
dozubatan.com/400/ 84 KB
30 KB 106ms
26ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dozubatan.com/400/3724582

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

577788094c26973f186b0f1e87c8c30e9efba4f79c6b848e681fe61ead06f9e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: 373073b90718ce31fffab593c2f40cb3
pragma: no-cache
date: Sat, 11 Sep 2021 18:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 tag.min.js Show response
pseepsie.com/pfe/current/ 15 KB
6 KB 118ms
13ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pseepsie.com/pfe/current/tag.min.js?z=4022315
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: fc6b00b39c6831d32690a5f33fe637ecfee459123b835d461428e16ea7157842

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:50 GMT
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 09:05:59 GMT
server: nginx
etag: W/"612f4277-3bfd"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 1 Show response
toglooman.com/ 7 KB
4 KB 102ms
15ms Script
text/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/1?z=3724583
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: cf94b70c9262e1316e2e9fab0c177aa4f934dd88eec424766c25ef204a063aff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: gzip
x-sc: mFod3xPGGhmL7iLQJiIV4lPIWmFDEBYZh2t7PqWdypsz3o1gPbw8gZ3hWWI2vPaiw2dZWzow7x8uBGt6YNUlxfl0USE=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fac.php Show response
onmarshtompor.com/ Frame 2554 203 B
833 B 82ms
14ms Document
text/html 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/fac.php?OAID=5f37bc7e692e4808b6aa434f8cbc9c29&oaidts=1631383552

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ce51ecc2a64d161865461a62c8bc439b34cee475f23d4d11f082e167c93c6ea1

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onmarshtompor.com
:scheme: https
:path: /fac.php?OAID=5f37bc7e692e4808b6aa434f8cbc9c29&oaidts=1631383552
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/

Response headers

server: nginx
date: Sat, 11 Sep 2021 18:05:52 GMT
content-type: text/html; charset=utf8
content-length: 203
x-trace-id: f97786e8361d6be9a750daca0b8f446c
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
set-cookie: OAID=5f37bc7e692e4808b6aa434f8cbc9c29; expires=Sun, 11 Sep 2022 18:05:52 GMT; path=/; secure; SameSite=None oaidts=1631383552; expires=Sun, 11 Sep 2022 18:05:52 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff

GET
H2 200 defaultSkin.min.js Show response
seeptoag.net/pfe/current/ 56 KB
19 KB 16ms
15ms Fetch
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/pfe/current/defaultSkin.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 09:06:02 GMT
server: nginx
etag: W/"612f427a-df63"
content-type: application/javascript
access-control-allow-origin: https://paste.co.id
cache-control: no-cache
access-control-allow-credentials: true

GET
DATA 200
OK truncated
/ Frame C6A4 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 custom Show response
seeptoag.net/ 39 B
322 B 31ms
31ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 071e29669389e1d3fc785e50727bb36f
date: Sat, 11 Sep 2021 18:05:52 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

OPTIONS
H2 200 custom
seeptoag.net/ Frame 0
0 14ms
13ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: H2
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Sep 2021 18:05:52 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 33ms
17ms XHR
text/plain 74.125.206.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1869705893&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&ul=en-us&de=UTF-8&dt=56897fsdh%20-%20Paste.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1417832897&gjid=18298230&cid=1862058005.1631383553&tid=UA-137362802-1&_gid=1398806871.1631383553&_r=1&gtm=2ou910&z=552547187

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.206.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 29ms
16ms XHR
text/plain 74.125.206.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1869705893&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&ul=en-us&de=UTF-8&dt=56897fsdh%20-%20Paste.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=1831494892&gjid=1885257954&cid=1862058005.1631383553&tid=UA-174907544-1&_gid=1398806871.1631383553&_r=1&gtm=2ou910&z=1002444850

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.206.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/ 251 KB
93 KB 242ms
147ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

cadedca735c6ec45885014e69884b741d9ef44349cd95c9271ae066216d49f6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95406
x-xss-protection: 0
server: cafe
etag: 12270461373536854434
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Sep 2021 18:05:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/ Frame 7961 10 KB
5 KB 57ms
15ms Document
text/html 74.125.133.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f156.1e100.net

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210908/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 10 Sep 2021 19:21:15 GMT
expires: Fri, 24 Sep 2021 19:21:15 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 81878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
458 B 54ms
15ms XHR
text/plain 66.102.1.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-137362802-1&cid=1862058005.1631383553&jid=1417832897&gjid=18298230&_gid=1398806871.1631383553&_u=YEBAAUAAAAAAAC~&z=2012665156

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 11 Sep 2021 18:05:53 GMT
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
my.rtmark.net/ Frame 2554 43 B
490 B 15ms
15ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=5f37bc7e692e4808b6aa434f8cbc9c29

Requested by

Host: onmarshtompor.com
URL: https://onmarshtompor.com/fac.php?OAID=5f37bc7e692e4808b6aa434f8cbc9c29&oaidts=1631383552

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onmarshtompor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:50 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 13293501ebf05e760330afacc365ea4f Show response
toglooman.com/27/ 362 KB
119 KB 30ms
30ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://toglooman.com/27/13293501ebf05e760330afacc365ea4f

Requested by

Host: toglooman.com
URL: https://toglooman.com/1?z=3724583

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2ade0514f4ae341d4604f27388983fbf26365f0f8d4eedec941e1250e99e7cef

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 08:39:03 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age:290304000, public
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Thu, 18 Sep 2081 08:39:03 GMT

GET
H2 200 38 Show response
toglooman.com/42/ 0
495 B 58ms
57ms Script
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/42/38?z=3724583
Requested by: Host: toglooman.com
URL: https://toglooman.com/1?z=3724583
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:53 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
540 B 16ms
16ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

99a9a57687ac274dd9bd60a0e66c1a653252d7826f4d12dc9e1b19ab006fcec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:50 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 zone Show response
pseepsie.com/ 667 B
951 B 17ms
17ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pseepsie.com/zone?pub=0&zone_id=4022315&is_mobile=false&domain=paste.co.id&var=&ymid=&var_3=

Requested by

Host: pseepsie.com
URL: https://pseepsie.com/pfe/current/tag.min.js?z=4022315

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4ff785592da634e9b55ffdc2188b46323ca88811ee53af3ef4a14bc8cf5552d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: 64a0e99fc05bb3584f051198d6851eb3
date: Sat, 11 Sep 2021 18:05:50 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 667

GET
H2 200 universal.min.js Show response
pseepsie.com/pfe/current/ 101 KB
37 KB 101ms
66ms Fetch
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pseepsie.com/pfe/current/universal.min.js?v=3.1.323
Requested by: Host: pseepsie.com
URL: https://pseepsie.com/pfe/current/tag.min.js?z=4022315
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: ea5b2f0ae6e51e58a4849658ff814852af1f2134408d0be55062dbcc1b5868fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:53 GMT
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 09:06:02 GMT
server: nginx
etag: W/"612f427a-192d7"
content-type: application/javascript
access-control-allow-origin: https://paste.co.id
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 94ms
39ms Image
image/gif 173.194.76.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-137362802-1&cid=1862058005.1631383553&jid=1417832897&_u=YEBAAUAAAAAAAC~&z=1827006003

Requested by

Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3509488 Show response
inpagepush.com/500/ 4 KB
2 KB 134ms
133ms XHR
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3509488?excludes=&oaid=f718cd75d4284a169b259fbaafe92d0f&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

9b0444fa7b061b4fdb8d93eae1c54ea001d2f106e6ab87794269506ff36acab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 8499569cd8ffcafb1492f76d9bd86bd1
pragma: no-cache
date: Sat, 11 Sep 2021 18:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H2 200 3509488
inpagepush.com/500/ Frame 0
0 45ms
14ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Sep 2021 18:05:45 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://paste.co.id
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 online.js Show response
static.lalaping.com/ 84 KB
34 KB 98ms
26ms Script
application/javascript 172.67.75.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lalaping.com/online.js?ver=2.0.0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/13293501ebf05e760330afacc365ea4f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 17:10:39 GMT
server: cloudflare
age: 4292
etag: W/"5fbbed0f-14f3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DV3x1RvjhiMBNfvS0V6Npzi7wYaHpcQRpJbLxKvFbomSVzQ8OyNIpXraRjDFZaoP1Luwph2BGELSZmEnlkB3c%2BF%2BMsUq4XwiISVR%2BXqrmT%2B8Z8tcWNu2WBQBu2zOD5vF9RKfJLk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68d2d3a7bab32790-PRG

POST
H2 200 9 Show response
toglooman.com/ 6 KB
3 KB 33ms
33ms XHR
application/json 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=3724583&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&sah=1200&drf=&hil=1&ist=0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/13293501ebf05e760330afacc365ea4f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: dd65eef6504beb2389df69c2e9241e32e1511ffb6b5694c87cd59dec308fdc39

Request headers

Referer: https://paste.co.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:53 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 9
toglooman.com/ Frame 0
0 42ms
13ms Preflight 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=3724583&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&sah=1200&drf=&hil=1&ist=0
Protocol: H2
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Sep 2021 18:05:53 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://paste.co.id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 img.gif
my.rtmark.net/ 43 B
490 B 23ms
23ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=ae161155b55147e0a6cce8e3fd5f6c88

Requested by

Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:51 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 11 Show response
toglooman.com/ 0
519 B 18ms
17ms XHR
image/jpeg 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/11?rnd=2251751927&z=3724583&b=5362695&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=MfmJmNn6ushC7g1_-Yqnao5Or_Rq8YTJrbHnt5RwNyGW3SSMr6nFRbenSumQnjmBEao11dSeKTMXsyiSwu3OZ4jDc5Lt7Bp7IGvuB8KSs-7fXuT6_yESIjj4aV37yx_aC7-B6FMw6Px3eB24e_CNwyUdED1VtgheGk_q5q2wPNkaM0ubpo51IM1zG99_GrGlGgfzDj70aCkFLOpWaP_a3PiSI0uUoz_CWjF-WyDMjfKso4oQMlSL3vUp7SQAcoeGexRHbPTyFEOM9iZcwolRAmC3vg2-fJEMdP4nOQ==&ruid=a24b7c16-a588-4ec0-85fb-31ae7781073c&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&sah=1200&drf=&hil=1&ist=0&ot=78
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/13293501ebf05e760330afacc365ea4f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:53 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK Cookie set / Show response
interst12.com/ Frame 3DB7 20 KB
6 KB 166ms
92ms Document
text/html 139.45.197.162
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D4195571952%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DMfmJmNn6ushC7g1_-Yqnao5Or_Rq8YTJrbHnt5RwNyGW3SSMr6nFRbenSumQnjmBEao11dSeKTMXsyiSwu3OZ4jDc5Lt7Bp7IGvuB8KSs-7fXuT6_yESIjj4aV37yx_aC7-B6FMw6Px3eB24e_CNwyUdED1VtgheGk_q5q2wPNkaM0ubpo51IM1zG99_GrGlGgfzDj70aCkFLOpWaP_a3PiSI0uUoz_CWjF-WyDMjfKso4oQMlSL3vUp7SQAcoeGexRHbPTyFEOM9iZcwolRAmC3vg2-fJEMdP4nOQ%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Da24b7c16-a588-4ec0-85fb-31ae7781073c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FU4QpQI3Ncp%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/13293501ebf05e760330afacc365ea4f
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.162 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.18
Resource Hash: 6795954681603084f270829ef3109cb506934b8d2d6d3346b016db2ae9fd4d31

Request headers

Host: interst12.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://paste.co.id/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/

Response headers

Server: nginx
Date: Sat, 11 Sep 2021 18:05:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.18
Set-Cookie: reverse=BGTKfRpgMzZRLGpzQ3VV9M-_701ozx-TrF8ACox-lGk; expires=Sat, 11-Sep-2021 19:05:53 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

GET
H2 200 / Show response
c.mgid.com/pv/ 0
280 B 164ms
154ms Script
text/plain 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1631383553252383879271&uniqId=17041&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&lu=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&sessionId=613cf001-12132&pageView=1&pvid=17bd60984e4b9b02a83&site=414527&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 68d2d3a7f85a277c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 5 KB
5 KB 149ms
52ms Image
image/png 173.194.76.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.76.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f147.1e100.net

Software

sffe /

Resource Hash

29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5087
x-xss-protection: 0
expires: Sat, 11 Sep 2021 18:05:53 GMT

GET
H3 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 143ms
46ms Image
image/png 173.194.76.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.76.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f147.1e100.net

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5969
x-xss-protection: 0
expires: Sat, 11 Sep 2021 18:05:53 GMT

GET
H3 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 13 KB
13 KB 129ms
33ms Image
image/png 173.194.76.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.76.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f147.1e100.net

Software

sffe /

Resource Hash

262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13504
x-xss-protection: 0
expires: Sat, 11 Sep 2021 18:05:53 GMT

GET
H3 200 googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 7 KB
7 KB 157ms
61ms Image
image/png 173.194.76.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.76.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f147.1e100.net

Software

sffe /

Resource Hash

9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
expires: Sat, 11 Sep 2021 18:05:53 GMT

GET
H3 200 googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 4 KB
4 KB 138ms
42ms Image
image/png 173.194.76.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.76.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f147.1e100.net

Software

sffe /

Resource Hash

a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3934
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 11 Sep 2021 18:05:53 GMT

GET
H/1.1 200
OK 0738745987824.png
static.cdnativepush.com/contents/s/27/37/a4/8fd12ad9d8597ca0ddca80c749/ 577 B
1 KB 127ms
13ms Image
image/png 139.45.197.156
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/27/37/a4/8fd12ad9d8597ca0ddca80c749/0738745987824.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b0e7fadc3bee4745eb7e38e7684dc1ab8ffb8639d16f1ebdc21cbca2f9dbcc0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 18:05:53 GMT
Last-Modified: Thu, 21 Feb 2019 14:00:06 GMT
Server: nginx
ETag: "5c6eaee6-241"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 577

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 85ms
34ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
content-encoding: br
cf-cache-status: HIT
age: 4858
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 26D5PESFJ3W3C6DA
x-amz-id-2: eutjixPqny2kLtVDkSPgrFz3u2lxc4FXrDErS9xMhTrXgSAmhHeBctWPt+h98HIq6AOxJRjeSOM=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 68d2d3a8b9e3277c-PRG
expires: Sun, 12 Sep 2021 18:05:53 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
904 B 84ms
34ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
content-encoding: br
cf-cache-status: HIT
age: 4858
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 68d2d3a8b9e2277c-PRG
expires: Sun, 12 Sep 2021 18:05:53 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
626 B 60ms
17ms Script
text/javascript 74.125.206.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=paste.co.id&callback=_gfp_s_&client=ca-pub-4712388827405335

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f155.1e100.net

Software

cafe /

Resource Hash

3ab4b1287b3970b02e108541609b9bfb1615c0909435f918639713d3d164b491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 305ms
113ms Script
application/javascript 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paste.co.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 11 Sep 2021 18:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E656 12 KB
5 KB 155ms
136ms Document
text/html 74.125.133.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1631383553&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631383552972&bpp=3&bdt=686&idt=442&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7468184500076&frm=20&pv=2&ga_vid=1862058005.1631383553&ga_sid=1631383553&ga_hid=1869705893&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3936335703320062&pem=197&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=455

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.133.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f156.1e100.net

Software

cafe /

Resource Hash

56d83ff1f4fdfeec0bc83a774646b35429cefa444ae4ed667a57898931fe3239

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1631383553&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631383552972&bpp=3&bdt=686&idt=442&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7468184500076&frm=20&pv=2&ga_vid=1862058005.1631383553&ga_sid=1631383553&ga_hid=1869705893&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3936335703320062&pem=197&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=455
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 11 Sep 2021 18:05:53 GMT
server: cafe
content-length: 4824
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 11-Sep-2021 18:20:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 11 Sep 2021 18:05:53 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 150ms
144ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

sffe /

Resource Hash

74696de7db3cfc983f841facfdca75dbf4c114af467b05e23fe6d95694cab0fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1631273431406706"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27627
x-xss-protection: 0
expires: Sat, 11 Sep 2021 18:05:53 GMT

GET
H2 200 fv.js Show response
propeller-tracking.com/ Frame 3DB7 5 KB
3 KB 70ms
12ms Script
text/javascript 139.45.197.240
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propeller-tracking.com/fv.js?t=72747&cb=709308924

Requested by

Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D4195571952%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DMfmJmNn6ushC7g1_-Yqnao5Or_Rq8YTJrbHnt5RwNyGW3SSMr6nFRbenSumQnjmBEao11dSeKTMXsyiSwu3OZ4jDc5Lt7Bp7IGvuB8KSs-7fXuT6_yESIjj4aV37yx_aC7-B6FMw6Px3eB24e_CNwyUdED1VtgheGk_q5q2wPNkaM0ubpo51IM1zG99_GrGlGgfzDj70aCkFLOpWaP_a3PiSI0uUoz_CWjF-WyDMjfKso4oQMlSL3vUp7SQAcoeGexRHbPTyFEOM9iZcwolRAmC3vg2-fJEMdP4nOQ%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Da24b7c16-a588-4ec0-85fb-31ae7781073c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FU4QpQI3Ncp%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://interst12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-trace-id: d38c5c73c1554227d2fcc4fcb9cb6fa8
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 style.css
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/ Frame 3DB7 12 KB
3 KB 92ms
20ms Stylesheet
text/css 104.22.25.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/style.css?v=1518177503492
Requested by: Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D4195571952%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DMfmJmNn6ushC7g1_-Yqnao5Or_Rq8YTJrbHnt5RwNyGW3SSMr6nFRbenSumQnjmBEao11dSeKTMXsyiSwu3OZ4jDc5Lt7Bp7IGvuB8KSs-7fXuT6_yESIjj4aV37yx_aC7-B6FMw6Px3eB24e_CNwyUdED1VtgheGk_q5q2wPNkaM0ubpo51IM1zG99_GrGlGgfzDj70aCkFLOpWaP_a3PiSI0uUoz_CWjF-WyDMjfKso4oQMlSL3vUp7SQAcoeGexRHbPTyFEOM9iZcwolRAmC3vg2-fJEMdP4nOQ%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Da24b7c16-a588-4ec0-85fb-31ae7781073c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FU4QpQI3Ncp%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.25.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://interst12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
content-encoding: br
cf-cache-status: HIT
age: 6586
last-modified: Thu, 12 Aug 2021 11:38:21 GMT
server: cloudflare
etag: W/"6115082d-30c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
cf-ray: 68d2d3a98a434114-PRG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 audible.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame 3DB7 3 KB
3 KB 23ms
21ms Image
image/png 104.22.25.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/audible.png
Requested by: Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D4195571952%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DMfmJmNn6ushC7g1_-Yqnao5Or_Rq8YTJrbHnt5RwNyGW3SSMr6nFRbenSumQnjmBEao11dSeKTMXsyiSwu3OZ4jDc5Lt7Bp7IGvuB8KSs-7fXuT6_yESIjj4aV37yx_aC7-B6FMw6Px3eB24e_CNwyUdED1VtgheGk_q5q2wPNkaM0ubpo51IM1zG99_GrGlGgfzDj70aCkFLOpWaP_a3PiSI0uUoz_CWjF-WyDMjfKso4oQMlSL3vUp7SQAcoeGexRHbPTyFEOM9iZcwolRAmC3vg2-fJEMdP4nOQ%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Da24b7c16-a588-4ec0-85fb-31ae7781073c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FU4QpQI3Ncp%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.25.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://interst12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
cf-cache-status: HIT
age: 6586
content-length: 3429
last-modified: Thu, 12 Aug 2021 11:38:21 GMT
server: cloudflare
etag: "6115082d-d65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 68d2d3a99a544114-PRG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H/1.1 200
OK 0100657458245.jpeg
interst12.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/ Frame 3DB7 52 KB
53 KB 29ms
28ms Image
image/jpeg 139.45.197.162
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interst12.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/0100657458245.jpeg
Requested by: Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D4195571952%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DMfmJmNn6ushC7g1_-Yqnao5Or_Rq8YTJrbHnt5RwNyGW3SSMr6nFRbenSumQnjmBEao11dSeKTMXsyiSwu3OZ4jDc5Lt7Bp7IGvuB8KSs-7fXuT6_yESIjj4aV37yx_aC7-B6FMw6Px3eB24e_CNwyUdED1VtgheGk_q5q2wPNkaM0ubpo51IM1zG99_GrGlGgfzDj70aCkFLOpWaP_a3PiSI0uUoz_CWjF-WyDMjfKso4oQMlSL3vUp7SQAcoeGexRHbPTyFEOM9iZcwolRAmC3vg2-fJEMdP4nOQ%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Da24b7c16-a588-4ec0-85fb-31ae7781073c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FU4QpQI3Ncp%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.162 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D4195571952%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DMfmJmNn6ushC7g1_-Yqnao5Or_Rq8YTJrbHnt5RwNyGW3SSMr6nFRbenSumQnjmBEao11dSeKTMXsyiSwu3OZ4jDc5Lt7Bp7IGvuB8KSs-7fXuT6_yESIjj4aV37yx_aC7-B6FMw6Px3eB24e_CNwyUdED1VtgheGk_q5q2wPNkaM0ubpo51IM1zG99_GrGlGgfzDj70aCkFLOpWaP_a3PiSI0uUoz_CWjF-WyDMjfKso4oQMlSL3vUp7SQAcoeGexRHbPTyFEOM9iZcwolRAmC3vg2-fJEMdP4nOQ%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Da24b7c16-a588-4ec0-85fb-31ae7781073c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FU4QpQI3Ncp%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 18:05:53 GMT
Last-Modified: Thu, 31 Jan 2019 11:14:34 GMT
Server: nginx
ETag: "5c52d89a-d0e0"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 53472

GET
H/1.1 200
OK 0933414948049.jpeg
interst12.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/ Frame 3DB7 14 KB
15 KB 54ms
26ms Image
image/jpeg 139.45.197.162
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interst12.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/0933414948049.jpeg
Requested by: Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D4195571952%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DMfmJmNn6ushC7g1_-Yqnao5Or_Rq8YTJrbHnt5RwNyGW3SSMr6nFRbenSumQnjmBEao11dSeKTMXsyiSwu3OZ4jDc5Lt7Bp7IGvuB8KSs-7fXuT6_yESIjj4aV37yx_aC7-B6FMw6Px3eB24e_CNwyUdED1VtgheGk_q5q2wPNkaM0ubpo51IM1zG99_GrGlGgfzDj70aCkFLOpWaP_a3PiSI0uUoz_CWjF-WyDMjfKso4oQMlSL3vUp7SQAcoeGexRHbPTyFEOM9iZcwolRAmC3vg2-fJEMdP4nOQ%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Da24b7c16-a588-4ec0-85fb-31ae7781073c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FU4QpQI3Ncp%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.162 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D4195571952%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DMfmJmNn6ushC7g1_-Yqnao5Or_Rq8YTJrbHnt5RwNyGW3SSMr6nFRbenSumQnjmBEao11dSeKTMXsyiSwu3OZ4jDc5Lt7Bp7IGvuB8KSs-7fXuT6_yESIjj4aV37yx_aC7-B6FMw6Px3eB24e_CNwyUdED1VtgheGk_q5q2wPNkaM0ubpo51IM1zG99_GrGlGgfzDj70aCkFLOpWaP_a3PiSI0uUoz_CWjF-WyDMjfKso4oQMlSL3vUp7SQAcoeGexRHbPTyFEOM9iZcwolRAmC3vg2-fJEMdP4nOQ%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Da24b7c16-a588-4ec0-85fb-31ae7781073c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FU4QpQI3Ncp%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 18:05:53 GMT
Last-Modified: Mon, 26 Mar 2018 13:01:51 GMT
Server: nginx
ETag: "5ab8ef3f-393b"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 14651

GET
H/1.1 200
OK 0350025199145.jpeg
interst12.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/ Frame 3DB7 35 KB
35 KB 55ms
27ms Image
image/jpeg 139.45.197.162
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interst12.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/0350025199145.jpeg
Requested by: Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D4195571952%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DMfmJmNn6ushC7g1_-Yqnao5Or_Rq8YTJrbHnt5RwNyGW3SSMr6nFRbenSumQnjmBEao11dSeKTMXsyiSwu3OZ4jDc5Lt7Bp7IGvuB8KSs-7fXuT6_yESIjj4aV37yx_aC7-B6FMw6Px3eB24e_CNwyUdED1VtgheGk_q5q2wPNkaM0ubpo51IM1zG99_GrGlGgfzDj70aCkFLOpWaP_a3PiSI0uUoz_CWjF-WyDMjfKso4oQMlSL3vUp7SQAcoeGexRHbPTyFEOM9iZcwolRAmC3vg2-fJEMdP4nOQ%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Da24b7c16-a588-4ec0-85fb-31ae7781073c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FU4QpQI3Ncp%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.162 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D4195571952%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DMfmJmNn6ushC7g1_-Yqnao5Or_Rq8YTJrbHnt5RwNyGW3SSMr6nFRbenSumQnjmBEao11dSeKTMXsyiSwu3OZ4jDc5Lt7Bp7IGvuB8KSs-7fXuT6_yESIjj4aV37yx_aC7-B6FMw6Px3eB24e_CNwyUdED1VtgheGk_q5q2wPNkaM0ubpo51IM1zG99_GrGlGgfzDj70aCkFLOpWaP_a3PiSI0uUoz_CWjF-WyDMjfKso4oQMlSL3vUp7SQAcoeGexRHbPTyFEOM9iZcwolRAmC3vg2-fJEMdP4nOQ%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Da24b7c16-a588-4ec0-85fb-31ae7781073c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FU4QpQI3Ncp%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 18:05:53 GMT
Last-Modified: Tue, 17 Jul 2018 10:46:08 GMT
Server: nginx
ETag: "5b4dc8f0-8b17"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 35607

GET
H/1.1 200
OK 01289039865190.jpeg
interst12.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/ Frame 3DB7 49 KB
50 KB 57ms
28ms Image
image/jpeg 139.45.197.162
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interst12.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/01289039865190.jpeg
Requested by: Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D4195571952%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DMfmJmNn6ushC7g1_-Yqnao5Or_Rq8YTJrbHnt5RwNyGW3SSMr6nFRbenSumQnjmBEao11dSeKTMXsyiSwu3OZ4jDc5Lt7Bp7IGvuB8KSs-7fXuT6_yESIjj4aV37yx_aC7-B6FMw6Px3eB24e_CNwyUdED1VtgheGk_q5q2wPNkaM0ubpo51IM1zG99_GrGlGgfzDj70aCkFLOpWaP_a3PiSI0uUoz_CWjF-WyDMjfKso4oQMlSL3vUp7SQAcoeGexRHbPTyFEOM9iZcwolRAmC3vg2-fJEMdP4nOQ%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Da24b7c16-a588-4ec0-85fb-31ae7781073c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FU4QpQI3Ncp%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.162 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D4195571952%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DMfmJmNn6ushC7g1_-Yqnao5Or_Rq8YTJrbHnt5RwNyGW3SSMr6nFRbenSumQnjmBEao11dSeKTMXsyiSwu3OZ4jDc5Lt7Bp7IGvuB8KSs-7fXuT6_yESIjj4aV37yx_aC7-B6FMw6Px3eB24e_CNwyUdED1VtgheGk_q5q2wPNkaM0ubpo51IM1zG99_GrGlGgfzDj70aCkFLOpWaP_a3PiSI0uUoz_CWjF-WyDMjfKso4oQMlSL3vUp7SQAcoeGexRHbPTyFEOM9iZcwolRAmC3vg2-fJEMdP4nOQ%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Da24b7c16-a588-4ec0-85fb-31ae7781073c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FU4QpQI3Ncp%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 18:05:53 GMT
Last-Modified: Thu, 31 Jan 2019 11:14:34 GMT
Server: nginx
ETag: "5c52d89a-c502"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 50434

GET
H2 200 player.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame 3DB7 28 KB
28 KB 23ms
22ms Image
image/png 104.22.25.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/player.png
Requested by: Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D4195571952%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DMfmJmNn6ushC7g1_-Yqnao5Or_Rq8YTJrbHnt5RwNyGW3SSMr6nFRbenSumQnjmBEao11dSeKTMXsyiSwu3OZ4jDc5Lt7Bp7IGvuB8KSs-7fXuT6_yESIjj4aV37yx_aC7-B6FMw6Px3eB24e_CNwyUdED1VtgheGk_q5q2wPNkaM0ubpo51IM1zG99_GrGlGgfzDj70aCkFLOpWaP_a3PiSI0uUoz_CWjF-WyDMjfKso4oQMlSL3vUp7SQAcoeGexRHbPTyFEOM9iZcwolRAmC3vg2-fJEMdP4nOQ%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Da24b7c16-a588-4ec0-85fb-31ae7781073c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FU4QpQI3Ncp%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.25.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://interst12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
cf-cache-status: HIT
age: 1409
content-length: 28527
last-modified: Thu, 12 Aug 2021 11:38:21 GMT
server: cloudflare
etag: "6115082d-6f6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 68d2d3a99a564114-PRG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 script.js Show response
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/ Frame 3DB7 1 KB
562 B 21ms
21ms Script
application/javascript 104.22.25.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/script.js?v=1518177503494
Requested by: Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D4195571952%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DMfmJmNn6ushC7g1_-Yqnao5Or_Rq8YTJrbHnt5RwNyGW3SSMr6nFRbenSumQnjmBEao11dSeKTMXsyiSwu3OZ4jDc5Lt7Bp7IGvuB8KSs-7fXuT6_yESIjj4aV37yx_aC7-B6FMw6Px3eB24e_CNwyUdED1VtgheGk_q5q2wPNkaM0ubpo51IM1zG99_GrGlGgfzDj70aCkFLOpWaP_a3PiSI0uUoz_CWjF-WyDMjfKso4oQMlSL3vUp7SQAcoeGexRHbPTyFEOM9iZcwolRAmC3vg2-fJEMdP4nOQ%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Da24b7c16-a588-4ec0-85fb-31ae7781073c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FU4QpQI3Ncp%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.25.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://interst12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
content-encoding: br
cf-cache-status: HIT
age: 1707
last-modified: Thu, 12 Aug 2021 11:38:21 GMT
server: cloudflare
etag: W/"6115082d-58b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
cf-ray: 68d2d3a98a464114-PRG
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 204 vctx Show response
propeller-tracking.com/ Frame 3DB7 0
490 B 13ms
13ms XHR
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propeller-tracking.com/vctx?t=72747

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=72747&cb=709308924

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://interst12.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: 9b419520ee3bb33aa547cb0999d186ad
pragma: no-cache
date: Sat, 11 Sep 2021 18:05:53 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://interst12.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 204 vbl
propeller-tracking.com/ Frame 3DB7 0
490 B 15ms
15ms Ping
text/plain 139.45.197.240
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://propeller-tracking.com/vbl?t=72747&bid=undefined&aid=undefined

Requested by

Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=72747&cb=709308924

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://interst12.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-trace-id: 97c227b3e8bf265f717f1e9f5fde8ff6
pragma: no-cache
date: Sat, 11 Sep 2021 18:05:53 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://interst12.com
access-control-expose-headers: Authorization
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AA4E 436 B
236 B 145ms
145ms Document
text/html 74.125.133.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.1227730195~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1631383553&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631383553609&bpp=2&bdt=1323&idt=-M&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D93b7de212e29d29a-229f5126edca00f0%3AT%3D1631383553%3ART%3D1631383553%3AS%3DALNI_MZ8BM7MFi7B-D9euN1yK-DlBcdKDw&prev_fmts=0x0&nras=2&correlator=7468184500076&frm=20&pv=1&ga_vid=1862058005.1631383553&ga_sid=1631383553&ga_hid=1869705893&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=1655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3936335703320062&pem=197&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=92eHuExA18&p=https%3A//paste.co.id&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.133.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f156.1e100.net

Software

cafe /

Resource Hash

192690a4913fa720a6702b087f9537c782a5818079e0fa2d93f1a715d87bfd77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.1227730195~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1631383553&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631383553609&bpp=2&bdt=1323&idt=-M&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D93b7de212e29d29a-229f5126edca00f0%3AT%3D1631383553%3ART%3D1631383553%3AS%3DALNI_MZ8BM7MFi7B-D9euN1yK-DlBcdKDw&prev_fmts=0x0&nras=2&correlator=7468184500076&frm=20&pv=1&ga_vid=1862058005.1631383553&ga_sid=1631383553&ga_hid=1869705893&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=1655&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3936335703320062&pem=197&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=92eHuExA18&p=https%3A//paste.co.id&dtd=10
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 11 Sep 2021 18:05:53 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: IDE=AHWqTUmf3ajXdU2-h3eTj_Y-FkX_LKm-Ir8YuCpgt4KLFDeKTToN9pH-5lLfBNkqw9A; expires=Mon, 11-Sep-2023 18:05:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 11 Sep 2021 18:05:53 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BB68 436 B
236 B 137ms
137ms Document
text/html 74.125.133.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=1213588912&adf=2179270891&pi=t.aa~a.2711115096~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1631383553&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631383553609&bpp=1&bdt=1324&idt=-M&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D93b7de212e29d29a-229f5126edca00f0%3AT%3D1631383553%3ART%3D1631383553%3AS%3DALNI_MZ8BM7MFi7B-D9euN1yK-DlBcdKDw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7468184500076&frm=20&pv=1&ga_vid=1862058005.1631383553&ga_sid=1631383553&ga_hid=1869705893&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=1979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3936335703320062&pem=197&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=UbdHWrQSVH&p=https%3A//paste.co.id&dtd=15

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.133.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f156.1e100.net

Software

cafe /

Resource Hash

6e57ebec627babcca3ab3dd255df76515350667df68cdfbb459dfd07d2392c91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=1213588912&adf=2179270891&pi=t.aa~a.2711115096~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1631383553&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631383553609&bpp=1&bdt=1324&idt=-M&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D93b7de212e29d29a-229f5126edca00f0%3AT%3D1631383553%3ART%3D1631383553%3AS%3DALNI_MZ8BM7MFi7B-D9euN1yK-DlBcdKDw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7468184500076&frm=20&pv=1&ga_vid=1862058005.1631383553&ga_sid=1631383553&ga_hid=1869705893&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=1979&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3936335703320062&pem=197&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=UbdHWrQSVH&p=https%3A//paste.co.id&dtd=15
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 11 Sep 2021 18:05:53 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: IDE=AHWqTUngWcwEt5ypAQ-m0m8CfSFibyu-DVhSemyXYzvzYQBHFAHFQZzLoThNV14Merk; expires=Mon, 11-Sep-2023 18:05:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 11 Sep 2021 18:05:53 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E317 436 B
236 B 136ms
135ms Document
text/html 74.125.133.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=90&adk=2820297975&adf=1011119886&pi=t.aa~a.2711115096~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1631383553&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x90&url=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631383553609&bpp=1&bdt=1324&idt=0&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D93b7de212e29d29a-229f5126edca00f0%3AT%3D1631383553%3ART%3D1631383553%3AS%3DALNI_MZ8BM7MFi7B-D9euN1yK-DlBcdKDw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=7468184500076&frm=20&pv=1&ga_vid=1862058005.1631383553&ga_sid=1631383553&ga_hid=1869705893&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=2455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3936335703320062&pem=197&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Fza4FZivgT&p=https%3A//paste.co.id&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.133.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f156.1e100.net

Software

cafe /

Resource Hash

08dd76c58e5fe67aa1cfd444c3f15feaac6cf76f8e5fe22150144723a1695d20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&h=90&adk=2820297975&adf=1011119886&pi=t.aa~a.2711115096~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1631383553&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x90&url=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631383553609&bpp=1&bdt=1324&idt=0&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D93b7de212e29d29a-229f5126edca00f0%3AT%3D1631383553%3ART%3D1631383553%3AS%3DALNI_MZ8BM7MFi7B-D9euN1yK-DlBcdKDw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=7468184500076&frm=20&pv=1&ga_vid=1862058005.1631383553&ga_sid=1631383553&ga_hid=1869705893&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=200&ady=2455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062297&oid=3&pvsid=3936335703320062&pem=197&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=Fza4FZivgT&p=https%3A//paste.co.id&dtd=18
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 11 Sep 2021 18:05:53 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: IDE=AHWqTUm_6sD5LuTepgYKw2k-WyWs6hRKt3q_Ef0EH-5oQuxnREKTFBh9baPtl4GBfEg; expires=Mon, 11-Sep-2023 18:05:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 11 Sep 2021 18:05:53 GMT
cache-control: private

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 94ms
77ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?pv=5&cbuster=1631383553665546785311&uniqId=17041&niet=4g&nisd=false&jsv=es6&w=840&h=235&p3_w=201&p3_h=189&maxw_3=201&maxh_3=189&cols=4&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&lu=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&sessionId=613cf001-12132&pageView=1&pvid=17bd60984e4b9b02a83&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 424f9a4be9edd22bc39eb49be4ea2767d82a86b445b9be09a380fc21e62f9e3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 68d2d3aa9e2b277c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 93ms
76ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?w=840&h=235&p3_w=201&p3_h=189&maxw_3=201&maxh_3=189&cols=4&pv=5&cbuster=1631383553666543185981&uniqId=003a3&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&lu=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&sessionId=613cf001-12132&pageView=0&pvid=17bd60984e4b9b02a83&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d72f1af96a417d4e0b10589929b9e6acf517acadfa1ddcbbfb86d64984ab7164

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 68d2d3aa9e27277c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 97ms
81ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?w=255&h=398&p3_w=90&p3_h=166&maxw_3=90&maxh_3=166&cols=2&pv=5&cbuster=1631383553666983374450&uniqId=174e7&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&lu=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&sessionId=613cf001-12132&pageView=0&pvid=17bd60984e4b9b02a83&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd98c7bf1708ac1bd739ac6ae942f4084174d3beb977565a458ce0ca959aab51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 68d2d3aa9e28277c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

OPTIONS
H2 200 custom
seeptoag.net/ Frame 0
0 14ms
13ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: H2
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Sep 2021 18:05:53 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

POST
H2 200 custom Show response
seeptoag.net/ 39 B
322 B 15ms
14ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/U4QpQI3Ncp

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 41b934fa8fe6c1aca9a74b0554d098ed
date: Sat, 11 Sep 2021 18:05:53 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 213ms
120ms XHR
application/json 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210908&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

77d5f63d41bbe1414b6e4ce17f60eed561c33e20c9b123c432b8cbad1dd79bf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 11 Sep 2021 18:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8568
x-xss-protection: 0

GET
H3 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 28ms
27ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
content-encoding: br
cf-cache-status: HIT
age: 4858
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 26D5PESFJ3W3C6DA
x-amz-id-2: eutjixPqny2kLtVDkSPgrFz3u2lxc4FXrDErS9xMhTrXgSAmhHeBctWPt+h98HIq6AOxJRjeSOM=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 68d2d3ab697f412c-PRG
expires: Sun, 12 Sep 2021 18:05:53 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 27ms
25ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
content-encoding: br
cf-cache-status: HIT
age: 4858
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 68d2d3ab6985412c-PRG
expires: Sun, 12 Sep 2021 18:05:53 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2RhYzIzNWU5MTYyNmE1Njg5YTQ2Y2EyYmQ2YzY0NDhlLmpwZw.webp
s-img.mgid.com/g/8164907/492x328/0x119x501x334/ 27 KB
27 KB 76ms
36ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164907/492x328/0x119x501x334/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2RhYzIzNWU5MTYyNmE1Njg5YTQ2Y2EyYmQ2YzY0NDhlLmpwZw.webp?v=1631383553-XwZTV3zETPuAv3Gz-YTAIBJ8EwGxskS2KR9x3Ul1qZk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4c72f97941f1878114b8fa4525f9b3017044ccddbf6608c02fd4e974c764507

Request headers

Referer: https://paste.co.id/
Origin: https://paste.co.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:45:49 GMT
x-mg-request-uuid: cd0e297f-1b9c-4989-9edd-c640af817e7c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68d2d3abadf14125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27362
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMTkvMTAxOTI0LzZkMTFhZWMwMjgyODAxZTRmNjkzYTUwYTY1MTcxZWY1LmpwZWc_dD0xNTMyMDA3NzA3OTU2.webp
s-img.mgid.com/g/8164841/492x328/14x0x549x366/ 15 KB
15 KB 436ms
396ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164841/492x328/14x0x549x366/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMTkvMTAxOTI0LzZkMTFhZWMwMjgyODAxZTRmNjkzYTUwYTY1MTcxZWY1LmpwZWc_dD0xNTMyMDA3NzA3OTU2.webp?v=1631383553-3AnJ-Kil791Eovn8nid7y23lbO088j-e709gx9G2nlY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 584da7c6986031c42f3472e86765df15923f7a73dee6c220e8b0e4fd7abd81cb

Request headers

Referer: https://paste.co.id/
Origin: https://paste.co.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:54 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 10:37:44 GMT
x-mg-request-uuid: eb054623-3ea2-4efc-8dc9-78599fefc15b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68d2d3abadee4125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15192
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp
s-img.mgid.com/g/8193526/492x328/0x26x798x532/ 19 KB
19 KB 72ms
32ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193526/492x328/0x26x798x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp?v=1631383553-2GHfjdF4J5Ks1znxRxseL9XwoBsTPOyfEXfo4_KEhVY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 328df6c6e2f817f5200362d19822d6b995fc8baf01ba8b49f267e5cb65f1c5cf

Request headers

Referer: https://paste.co.id/
Origin: https://paste.co.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:25:12 GMT
x-mg-request-uuid: e40fa161-bd96-42db-960e-d08aebb5abd1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68d2d3abadf24125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19280
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp
s-img.mgid.com/g/8164912/492x328/0x0x1081x720/ 12 KB
13 KB 99ms
59ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164912/492x328/0x0x1081x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp?v=1631383553-7pZ-Nod7BC7G1eK1kosrSGkNcBSM07Rigm2JoeMN8TE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d290daa6e15ba87ab2163d78a8d1f73ab6e9dd6d9c3e6c165eec487b0beaae05

Request headers

Referer: https://paste.co.id/
Origin: https://paste.co.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:25:56 GMT
x-mg-request-uuid: fdf941cb-c567-43ab-bbca-588453b99574
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68d2d3abbe1a4125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12780
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp
s-img.mgid.com/g/8164857/492x328/0x89x1080x720/ 8 KB
8 KB 81ms
48ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164857/492x328/0x89x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp?v=1631383553-j0u5TI0DTejcq6Zz1nJeb6mwLdEqTw5dNv5kGYsQDys
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfa81932a2ad47de588692d49c7f3999458e34703c82fcd66d78e1f51a582445

Request headers

Referer: https://paste.co.id/
Origin: https://paste.co.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:55:24 GMT
x-mg-request-uuid: 80e21819-f41d-4cd6-a3a8-cfa1f0256472
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68d2d3abadeb4125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8092
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTAtMTEvMTAxOTI0LzJiNTlhYjQ1M2I3YTIxYjI3YTQwZGZlYWZhNTUxYWQ4LmpwZWc_dD0xNTA3NzM0ODcwMjM4.webp
s-img.mgid.com/g/8193510/492x328/0x0x753x502/ 10 KB
11 KB 67ms
34ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193510/492x328/0x0x753x502/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTAtMTEvMTAxOTI0LzJiNTlhYjQ1M2I3YTIxYjI3YTQwZGZlYWZhNTUxYWQ4LmpwZWc_dD0xNTA3NzM0ODcwMjM4.webp?v=1631383553-GSN_srYkxNyYkKYseKKE8kAjC5tbEs9zsy8fBKEiAxs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e069b07616e65a002bdc8ccd372f9e6c57f25ac60564d9fad62bcf01c0333e59

Request headers

Referer: https://paste.co.id/
Origin: https://paste.co.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:07:31 GMT
x-mg-request-uuid: abaeab68-040a-44fb-97ab-b6c71bcf3aa5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68d2d3abadf04125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10728
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDYvMTAxOTI0LzExZWEyMDkxYmFhZWUzYjA1NTIxZmI4NmUxMTQ0YTAxLmpwZWc.webp
s-img.mgid.com/g/8164920/492x328/0x0x603x402/ 10 KB
10 KB 192ms
162ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164920/492x328/0x0x603x402/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDYvMTAxOTI0LzExZWEyMDkxYmFhZWUzYjA1NTIxZmI4NmUxMTQ0YTAxLmpwZWc.webp?v=1631383553-AhN8vYPTNjrHrOvY47EZqA1OB8Pg2L6g4zH8WUOpMeA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6af808ed9e7bff50752fa079ce83791261e95d70f058589b92c0427355680380

Request headers

Referer: https://paste.co.id/
Origin: https://paste.co.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:54 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 10:45:58 GMT
x-mg-request-uuid: 38c2d437-e12b-49a2-b010-0983ed872fe2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68d2d3abade64125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10134
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzgyM2MzYzM5MzQxY2M3N2UyYWNlYTNlYzFhMGIxMmMzLmpwZWc.webp
s-img.mgid.com/g/8193499/492x328/125x507x492x328/ 35 KB
36 KB 71ms
49ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193499/492x328/125x507x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzgyM2MzYzM5MzQxY2M3N2UyYWNlYTNlYzFhMGIxMmMzLmpwZWc.webp?v=1631383553-jLb8i-LHErUhir0Ut_RRbu312KCnhOH4L3D42nwc9g8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9202a1fff0948d7069ec549f85b790647c337eccfcc55657fcbc262b5462a9c

Request headers

Referer: https://paste.co.id/
Origin: https://paste.co.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:35:45 GMT
x-mg-request-uuid: 3c7f9f07-e3c4-4baa-a07e-4674b8e5f3b0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68d2d3abadea4125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 36228
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp
s-img.mgid.com/g/8193504/492x328/88x0x631x420/ 15 KB
15 KB 83ms
61ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193504/492x328/88x0x631x420/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp?v=1631383553-S2cKx4A5oyWVZA7we4UksE1NmwjMVeZrP2PzeiAImrk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe4aa768a275ab1427a036acb14f473bc076b7ed611b4c593528d2eede9e9aaf

Request headers

Referer: https://paste.co.id/
Origin: https://paste.co.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:52:22 GMT
x-mg-request-uuid: 550d23f3-1db3-4fe4-8abb-788de42a5aaf
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68d2d3abaded4125-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14996
server: cloudflare

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzllOTNiZTE1MDgyNTBmNGU2M2M1ZDM5OWFhOGU0ZTA4LmpwZWc.webp
s-img.mgid.com/g/8164890/492x328/0x0x900x600/ 10 KB
10 KB 97ms
76ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164890/492x328/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzllOTNiZTE1MDgyNTBmNGU2M2M1ZDM5OWFhOGU0ZTA4LmpwZWc.webp?v=1631383553-x3CYVvrJMNqvCETP-aemFoXCObq_ACqnl-NVQEms7Zs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eb3b9de71c245edbae191d4a29ed5ddea11a3a6bc9c58941077aaef99f0c74b

Request headers

Referer: https://paste.co.id/
Origin: https://paste.co.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:54:55 GMT
x-mg-request-uuid: 124d77c6-7c36-4175-9351-d93f21de3699
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68d2d3abfbe9f9de-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10004
server: cloudflare

GET
H/1.1 200
OK perf.gif
perf.cdnads.com/ 43 B
323 B 78ms
14ms Image
image/gif 178.162.156.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://perf.cdnads.com/perf.gif
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.162.156.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 18:05:53 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=86400
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Sun, 12 Sep 2021 18:05:53 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 2 KB
824 B 94ms
74ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1631383553864542772129
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8996d952903faef98bfb3391b83d5658d004c613d161be0bdeeb8ecef23ec5a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: add39eb8-fc10-4600-82f8-ba9b4284f17c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 68d2d3abd8bd277c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame F38B 19 B
228 B 74ms
69ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1631383553880485114676
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: a3d8df7c-f9c0-45b9-9a88-62dcf8c9f019
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 68d2d3abd8c0277c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 83ms
18ms Script
application/javascript 99.84.82.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.82.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-82-74.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 13:35:45 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 102143
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4ba99d04800d29b58ab9861f60991a2b.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
x-amz-cf-id: faqB1CLlA5XwzKet5qF3Dgrrb93EqDFMQJ4z3ODsZGoeUSyTtoJ0Xg==

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2RhYzIzNWU5MTYyNmE1Njg5YTQ2Y2EyYmQ2YzY0NDhlLmpwZw.webp
s-img.mgid.com/g/8164907/492x328/0x119x501x334/ 27 KB
27 KB 67ms
66ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164907/492x328/0x119x501x334/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2RhYzIzNWU5MTYyNmE1Njg5YTQ2Y2EyYmQ2YzY0NDhlLmpwZw.webp?v=1631383553-XwZTV3zETPuAv3Gz-YTAIBJ8EwGxskS2KR9x3Ul1qZk
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4c72f97941f1878114b8fa4525f9b3017044ccddbf6608c02fd4e974c764507

Request headers

Referer: https://paste.co.id/
Origin: https://paste.co.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:45:49 GMT
x-mg-request-uuid: cd0e297f-1b9c-4989-9edd-c640af817e7c
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68d2d3ac0bfef9de-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27362
server: cloudflare

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp
s-img.mgid.com/g/8193526/492x328/0x26x798x532/ 19 KB
19 KB 25ms
25ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193526/492x328/0x26x798x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp?v=1631383553-2GHfjdF4J5Ks1znxRxseL9XwoBsTPOyfEXfo4_KEhVY
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 328df6c6e2f817f5200362d19822d6b995fc8baf01ba8b49f267e5cb65f1c5cf

Request headers

Referer: https://paste.co.id/
Origin: https://paste.co.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:25:12 GMT
x-mg-request-uuid: e40fa161-bd96-42db-960e-d08aebb5abd1
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68d2d3ac0bfff9de-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19280
server: cloudflare

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp
s-img.mgid.com/g/8164912/492x328/0x0x1081x720/ 12 KB
13 KB 81ms
81ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164912/492x328/0x0x1081x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp?v=1631383553-7pZ-Nod7BC7G1eK1kosrSGkNcBSM07Rigm2JoeMN8TE
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d290daa6e15ba87ab2163d78a8d1f73ab6e9dd6d9c3e6c165eec487b0beaae05

Request headers

Referer: https://paste.co.id/
Origin: https://paste.co.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:25:56 GMT
x-mg-request-uuid: fdf941cb-c567-43ab-bbca-588453b99574
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68d2d3ac0c02f9de-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12780
server: cloudflare

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp
s-img.mgid.com/g/8164857/492x328/0x89x1080x720/ 8 KB
8 KB 46ms
46ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164857/492x328/0x89x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp?v=1631383553-j0u5TI0DTejcq6Zz1nJeb6mwLdEqTw5dNv5kGYsQDys
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfa81932a2ad47de588692d49c7f3999458e34703c82fcd66d78e1f51a582445

Request headers

Referer: https://paste.co.id/
Origin: https://paste.co.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:55:24 GMT
x-mg-request-uuid: 80e21819-f41d-4cd6-a3a8-cfa1f0256472
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68d2d3ac0c04f9de-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8092
server: cloudflare

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTAtMTEvMTAxOTI0LzJiNTlhYjQ1M2I3YTIxYjI3YTQwZGZlYWZhNTUxYWQ4LmpwZWc_dD0xNTA3NzM0ODcwMjM4.webp
s-img.mgid.com/g/8193510/492x328/0x0x753x502/ 10 KB
11 KB 47ms
46ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193510/492x328/0x0x753x502/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTAtMTEvMTAxOTI0LzJiNTlhYjQ1M2I3YTIxYjI3YTQwZGZlYWZhNTUxYWQ4LmpwZWc_dD0xNTA3NzM0ODcwMjM4.webp?v=1631383553-GSN_srYkxNyYkKYseKKE8kAjC5tbEs9zsy8fBKEiAxs
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e069b07616e65a002bdc8ccd372f9e6c57f25ac60564d9fad62bcf01c0333e59

Request headers

Referer: https://paste.co.id/
Origin: https://paste.co.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:07:31 GMT
x-mg-request-uuid: abaeab68-040a-44fb-97ab-b6c71bcf3aa5
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68d2d3ac0c06f9de-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10728
server: cloudflare

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzgyM2MzYzM5MzQxY2M3N2UyYWNlYTNlYzFhMGIxMmMzLmpwZWc.webp
s-img.mgid.com/g/8193499/492x328/125x507x492x328/ 35 KB
36 KB 78ms
78ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193499/492x328/125x507x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzgyM2MzYzM5MzQxY2M3N2UyYWNlYTNlYzFhMGIxMmMzLmpwZWc.webp?v=1631383553-jLb8i-LHErUhir0Ut_RRbu312KCnhOH4L3D42nwc9g8
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9202a1fff0948d7069ec549f85b790647c337eccfcc55657fcbc262b5462a9c

Request headers

Referer: https://paste.co.id/
Origin: https://paste.co.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:35:45 GMT
x-mg-request-uuid: 3c7f9f07-e3c4-4baa-a07e-4674b8e5f3b0
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68d2d3ac1c0df9de-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 36228
server: cloudflare

GET
H3 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp
s-img.mgid.com/g/8193504/492x328/88x0x631x420/ 15 KB
15 KB 81ms
81ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193504/492x328/88x0x631x420/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp?v=1631383553-S2cKx4A5oyWVZA7we4UksE1NmwjMVeZrP2PzeiAImrk
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe4aa768a275ab1427a036acb14f473bc076b7ed611b4c593528d2eede9e9aaf

Request headers

Referer: https://paste.co.id/
Origin: https://paste.co.id
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:53 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:52:22 GMT
x-mg-request-uuid: 550d23f3-1db3-4fe4-8abb-788de42a5aaf
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 68d2d3ac1c0ef9de-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14996
server: cloudflare

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 3693
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

281 B
554 B

34ms
9ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1631383553864542772129
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://paste.co.id/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 11 Sep 2021 18:05:54 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Sat, 11 Sep 2021 18:05:54 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 541E 1 KB
879 B 314ms
87ms Document
text/html 209.205.219.146
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=658327
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1631383553864542772129
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 209.205.219.146 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS: static-146-219-205-209.24shells.net
Software: VertaMedia 1.0 /
Resource Hash: 16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://paste.co.id/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/

Response headers

Server: VertaMedia 1.0
Date: Sat, 11 Sep 2021 18:05:54 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 600
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET 34b9aae5baa016b251b9fc488f4a97cd.gif
sync.e-volution.ai/ 0
0

GET
H2

200

RX-17d63829-104a-49ba-9390-ef57b57a294e-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l8bR8wC3yz5b
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l8bR8wC3yz5b
https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/00291a84-3de3-4dbc-8c08-d51dcfe7e618?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/00291a84-3de3-4dbc-8c08-d51dcfe7e618?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/00291a84-3de3-4dbc-8c08-d51dcfe7e618?zcc=1&dspret=0&cb=1631383554315
https://sync.targeting.unrulymedia.com/csync/RX-17d63829-104a-49ba-9390-ef57b57a294e-003

43 B
395 B

18ms
12ms

Image
image/gif

213.19.147.44
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-17d63829-104a-49ba-9390-ef57b57a294e-003
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.44 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:54 GMT
server: Tengine
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-17d63829-104a-49ba-9390-ef57b57a294e-003
pragma: no-cache
date: Sat, 11 Sep 2021 18:05:54 GMT
cache-control: no-store, no-cache, must-revalidate
server: Tengine
content-type: text/html
expires: 0

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
413 B 456ms
74ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l8bR8wC3yz5b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 68d2d3aeb8b8f9de-PRG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=26d2ceff-e412-4165-ab6a-30445d4b82a3&ttl=1633975554

43 B
587 B

76ms
75ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=26d2ceff-e412-4165-ab6a-30445d4b82a3&ttl=1633975554
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:54 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 61dc9a85-7c60-4594-90d4-004cab304e23
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 68d2d3ad3d6e412c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

Redirect headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:54 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=26d2ceff-e412-4165-ab6a-30445d4b82a3&ttl=1633975554
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BU...
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BU...
https://x.bidswitch.net/sync?dsp_id=429&user_id=ecdcb628-25c0-53fe-96df-c72af7e33728&ssp=mgid&expires=30&user_group=1
https://cm.mgid.com/m?cdsp=433145&c=00291a84-3de3-4dbc-8c08-d51dcfe7e618&gdpr=&gdpr_consent=&us_privacy=

43 B
603 B

100ms
100ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=00291a84-3de3-4dbc-8c08-d51dcfe7e618&gdpr=&gdpr_consent=&us_privacy=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:54 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 4b9fbb13-1d6f-4a15-93f8-3409ca160775
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 68d2d3af49b5412c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=00291a84-3de3-4dbc-8c08-d51dcfe7e618&gdpr=&gdpr_consent=&us_privacy=
date: Sat, 11 Sep 2021 18:05:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=hcV59Y9dpuCMdRyze03r&pi=mgid&tc=1

43 B
587 B

78ms
78ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=hcV59Y9dpuCMdRyze03r&pi=mgid&tc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:54 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: edadee0c-c676-4189-97b8-3e8119a85bc7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 68d2d3ad3d55412c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=hcV59Y9dpuCMdRyze03r&pi=mgid&tc=1
pragma: no-cache
date: Sat, 11 Sep 2021 18:05:54 GMT, Sat, 11 Sep 2021 18:05:54 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=fce8ca69-2116-4216-a9a0-4f90f5db267a

43 B
635 B

90ms
90ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=fce8ca69-2116-4216-a9a0-4f90f5db267a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:54 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: d025f7b0-cddf-4647-ae00-771937723059
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 68d2d3b20fb4412c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=fce8ca69-2116-4216-a9a0-4f90f5db267a
date: Sat, 11 Sep 2021 18:05:54 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
495 B 144ms
77ms Image
image/gif 104.19.216.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l8bR8wC3yz5b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.216.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:54 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 68d2d3acb9a34113-PRG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDhiUjh3QzN5ejVi&muidn=l8bR8wC3yz5b
https://cm.mgid.com/google?muidn=l8bR8wC3yz5b&google_ula={guid},5&google_gid=CAESENjN-8vO2Nve0XFMZyZBxSA&google_cver=1

0
376 B

77ms
76ms

Image
text/plain

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l8bR8wC3yz5b&google_ula={guid},5&google_gid=CAESENjN-8vO2Nve0XFMZyZBxSA&google_cver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:54 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 68d2d3ae3f76412c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l8bR8wC3yz5b&google_ula={guid},5&google_gid=CAESENjN-8vO2Nve0XFMZyZBxSA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1631383553994&ns_c=UTF-8&cv=3.5&c8=56897fsdh%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1631383553994&ns_c=UTF-8&cv=3.5&c8=56897fsdh%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&c9=

64 B
331 B

30ms
30ms

Image
image/gif

99.84.82.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1631383553994&ns_c=UTF-8&cv=3.5&c8=56897fsdh%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.82.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-82-74.muc50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:54 GMT
via: 1.1 4ba99d04800d29b58ab9861f60991a2b.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: ekNW3WMYUqoxk8P9tIZsRhkkkE_8DVl8Y5WToD3KVZ0mHhZdTV9irg==

Redirect headers

date: Sat, 11 Sep 2021 18:05:54 GMT
via: 1.1 4ba99d04800d29b58ab9861f60991a2b.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1631383553994&ns_c=UTF-8&cv=3.5&c8=56897fsdh%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&c9=
content-length: 196
x-amz-cf-id: T9hviI8Jz7qI9WORrWPl3M-0cIL4Lvo7O4K6rjSclI24faxtJb6A8Q==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1631383553995&ns_c=UTF-8&cv=3.5&c8=56897fsdh%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1631383553995&ns_c=UTF-8&cv=3.5&c8=56897fsdh%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&c9=

64 B
330 B

31ms
31ms

Image
image/gif

99.84.82.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1631383553995&ns_c=UTF-8&cv=3.5&c8=56897fsdh%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.82.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-82-74.muc50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:54 GMT
via: 1.1 4ba99d04800d29b58ab9861f60991a2b.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 0C4sRSbV02tlORreJSA9MfjfUPeoYoSdNGnPLfmQHhHZ1sXrO6WvvA==

Redirect headers

date: Sat, 11 Sep 2021 18:05:54 GMT
via: 1.1 4ba99d04800d29b58ab9861f60991a2b.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1631383553995&ns_c=UTF-8&cv=3.5&c8=56897fsdh%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&c9=
content-length: 196
x-amz-cf-id: rOSgvdsx5-pytJ00lUWa0DCP5UXpBFOef2v3YpszbF7cUABg2tHU3Q==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 322ms
131ms Script
text/javascript 142.250.80.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 18:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sat, 11 Sep 2021 18:05:54 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3693 31 KB
10 KB 11ms
11ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 544c81d7b5f8cb9d5525b679b4d5a3b0c84a036e89a1a68ccd6e87b19cac8ad8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 18:05:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Aug 2021 22:28:41 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=76712
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9360
Expires: Sun, 12 Sep 2021 15:24:26 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 3693 284 B
536 B 52ms
16ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/jpg

GET
H3

200

m
cm.mgid.com/ Frame 541E
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
https://cm.mgid.com/m?cdsp=617666&c=13493298d8585539

43 B
619 B

85ms
85ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=617666&c=13493298d8585539
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=658327
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:54 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: aff66136-9a2e-46a6-90f6-cb240900fb2b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 68d2d3b06bea412c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

Redirect headers

Location: https://cm.mgid.com/m?cdsp=617666&c=13493298d8585539
Date: Sat, 11 Sep 2021 18:05:54 GMT
Server: VertaMedia 1.0
Etag: 13493298d8585539
Content-Length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame BD05 12 KB
5 KB 202ms
99ms Document
text/html 142.250.80.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sat, 11 Sep 2021 13:58:20 GMT
expires: Sun, 11 Sep 2022 13:58:20 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 14854
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5676 783 B
531 B 31ms
30ms Document
text/html 173.194.76.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.76.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f147.1e100.net

Software

GSE /

Resource Hash

ccbe6547943324d66cfc2343f9f8f944bf643a4c7e094a081a1a868d310459b6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z1HWsdGM8//6ogS9iRtNTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/

Response headers

expires: Sat, 11 Sep 2021 18:05:54 GMT
date: Sat, 11 Sep 2021 18:05:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-z1HWsdGM8//6ogS9iRtNTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5676 0
0 157ms
157ms Image
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210908&jk=3936335703320062&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s73-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

OPTIONS
H/1.1 200
OK add
o.wowreality.info/api/log/ Frame 0
0 108ms
23ms Preflight 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Protocol: HTTP/1.1
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sat, 11 Sep 2021 18:05:54 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://paste.co.id

POST
H/1.1 200
OK add Show response
o.wowreality.info/api/log/ 0
398 B 72ms
30ms XHR
text/plain 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Requested by: Host: static.lalaping.com
URL: https://static.lalaping.com/online.js?ver=2.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/json

Response headers

Date: Sat, 11 Sep 2021 18:05:54 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length: 0

GET
H3 200 N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js Show response
pagead2.googlesyndication.com/bg/ Frame BD05 35 KB
13 KB 94ms
94ms Script
text/javascript 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

sffe /

Resource Hash

379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 01:50:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13196
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Sep 2022 01:50:21 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 119ms
119ms Image
image/gif 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210908&jk=3936335703320062&bg=!OjmlOX3NAAYT0U73E9E7ACkAdvg8WjvGk-RtWo6cIY2vbwDbIbBotzHJIGknu52bLLn-PJOPGb3VegIAAABeUgAAAApoAQcKAOcRbOF8BbGeWhsY3sWPS2MqW0CpysiCbEqV3U2sTjI8Bz6ivqQn11-ZkfiW2TX4uTcYbsrNLrUM43ON8OoQEEjUsI3Slce_4YI3hzvrC1uouDSfwA61G-lJEyYuavKl0obY0SO7dRQO_IFMllerlfucX7nA1ITyAwUBnNNzMGiGiaiOOr7UR7avup4GebmMeNuktW3c4dFyiPC8aB1xA_kIoPDmAQoBY3FyERqYoZ8kY3zkanPPmEODzFLEK9okMnk9vX7oCngMcPrSZbXOHKhkTs2zEtrW1rMN5_0kpyUJb20JlbL5wN2ZAn7xAnb1oh9MaWq2TnBQ4guMCyrCDYfnovO4WHRuUkEWQZkEbP3-kgYXTwSZugLbYc3rLZo7abAGC-ai0jJAE7FuiW5nDZj1oHZjMMcgSTCtfyG_qbdiajKmqLdqhk5fuvUDssuBvzx6hvY5WsxmqQIDFo1KZr2K2TxcydCotX8NrsqBzbyYQqmKz6-x0PWcYdNIrIo-AFEHZFKdHnLz0ROxWur35pbIC7ynLjYMFoMqpdtKJey6JO548bLOyEDzTJSWgs0lJQ3EYxJKS2zVWMHQTq8px8G5_7nxF1Dnsh3Rfs1CQunmidYP8mgn3nXmNhOdcvz3KhNspoTjACHzewX7yyhSvXNbEQfygTCqV5K16TSSz3rjRQgERcvLmD6JGRRTMhqLYcsr4j4a4kR4RjhBw1rhdHJpSS3eW0s1XyJMu5wpHeLnsDddxW0jCTRFr6vPmsIObiZTb2ega6s1cjzNdcxEsjcVbOfdtLurgaHKWpVEGo6m8lpMAL40gh3820UtzhXZc6cpHS8NlVnUrejq1aUl9CMFZ9X8_QOILnjb_MGvuhIKj_FUgyaxdwbUo-Y8eHvjPyS1afrNEWo3VTD61zFUW4TvV81MjjnREI-o3t_cCPAaSPDnv2Oyh_bDpx4-pwbmAf09ykUKEDJNC7e0Pfrep56rnp5X0bueX6VXSbqlmhbbOmL_EInAQ6HjZMSoWL2RmclnyBz1bzwZUUc2t_66l6vUJoQ3R8tuD7nO0dkK_4L9ogyOUnqhdGwBBOvEN1LS5dghMTgUjM6RouwQ9VdWnBVlNmJl8q56OeV1HLZrzJLAoYgnJHJTntPicvOpj4MDnN6KXWeymEMmbQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 c
c.mgid.com/ 43 B
441 B 126ms
126ms Image
image/gif 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=90|193|24|xv9I7Km__XWvyNreD2mw7Adfn80mGP0DBIhTeVRumC5Klm_ar0GoDNjXlZCrrkAN&fw=1&extjs=66044&v=90|193|24|xv9I7Km__XWvyNreD2mw7Hl9U37eMe__mkQeim3tIcviqC4Rfd6KrnKS4oEs01UM&cid=997452&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=e7a0a0e5-132a-11ec-9cb1-d0946675f626&tt=Direct&iv=11&pageImp=1&pvid=17bd60984e4b9b02a83&muid=l8bR8wC3yz5b&cbuster=1631383555152811457269&tpl=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:55 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 738945a5-f111-4f7e-8bea-975979613915
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 68d2d3b3cb12412c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H3 200 c
c.mgid.com/ 43 B
440 B 140ms
140ms Image
image/gif 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?pv=3&v=202|216|40|xv9I7Km__XWvyNreD2mw7JIyz8ujVAtMmxA3I5O59Oabz3zaTG1UsvcMk-qcRRKn&fw=1&extjs=66044&v=202|216|8|xv9I7Km__XWvyNreD2mw7KAy-eefVGwSwatesX6rutH0tyRZssjjL-20CS8fDtuJ&v=202|216|8|xv9I7Km__XWvyNreD2mw7E7KCz3iuNnPJP2Dm4XQY9o9YG0fyeXUEWQXP3LZmbAW&cid=997452&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=e79ffeef-132a-11ec-b63a-d094662c1c35&tt=Direct&iv=11&pageImp=0&pvid=17bd60984e4b9b02a83&muid=l8bR8wC3yz5b&cbuster=1631383555153292627447&tpl=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:55 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 11f9f56e-e2c1-4d1a-9791-ce31462d2e98
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 68d2d3b3cb17412c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H3 200 c
c.mgid.com/ 43 B
441 B 162ms
162ms Image
image/gif 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?pv=3&v=202|216|8|xv9I7Km__XWvyNreD2mw7HyIwuWgwariIUSe4eFi8lG1B08unJpAIy4Zqh61eva8&extjs=66044&cid=997452&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=e79ffeef-132a-11ec-b63a-d094662c1c35&tt=Direct&iv=11&pageImp=0&pvid=17bd60984e4b9b02a83&muid=l8bR8wC3yz5b&cbuster=1631383555352729192168&tpl=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 18:05:55 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 9a013ce7-9e5d-42b7-ba3a-923362585ac1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 68d2d3b50e10412c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare

GET
H2 200 fI0S2Txn5tvtMhsG1ywObLPP3AO_xMJLahDsgaM7meaYJTW0HXE8-_8dxMGuWi6Te7aIxSuXlQlHvhWiGyFt_QL0G35RcuoVHpzTuMpvFtUfRIVHXpF5eYoYS-FhEXb9ahrQ-fNcU1Byef410NmnW94CR7xqkC6HUw5AzSnNqtrdPAwIocHrl0ciqqK1-WICsm-0a...
forflygonom.com/impression/ 43 B
326 B 77ms
13ms Image
image/gif 139.45.197.238

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forflygonom.com/impression/fI0S2Txn5tvtMhsG1ywObLPP3AO_xMJLahDsgaM7meaYJTW0HXE8-_8dxMGuWi6Te7aIxSuXlQlHvhWiGyFt_QL0G35RcuoVHpzTuMpvFtUfRIVHXpF5eYoYS-FhEXb9ahrQ-fNcU1Byef410NmnW94CR7xqkC6HUw5AzSnNqtrdPAwIocHrl0ciqqK1-WICsm-0aLzZFgwuBCrASbTRnqTcybWNdq89HOBYN87q5Ev4kL0gb4-eNaQbsBDMmPt_zVP18GQqb3-GBWGcwF40P_I5mdNmc2oYKbVGfDJ2lHnPOVE3NMlnMPqG5Hf7HBhwaLoJx5kwriBu2Zuh8ZXrW9R0-b1c-D7qN5w9KVPLTLRUp6saM_WGRCVlFHP0uGmn_WOYOw==?_z=3509488&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=14&pl=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: ade02fdff0da14f2dfab1e6456e840f4
pragma: no-cache
date: Sat, 11 Sep 2021 18:05:55 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
content-length: 43
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 0738745987824.png
static.cdnativepush.com/contents/s/27/37/a4/8fd12ad9d8597ca0ddca80c749/ Frame 0BE3 577 B
1 KB 12ms
11ms Image
image/png 139.45.197.156
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/27/37/a4/8fd12ad9d8597ca0ddca80c749/0738745987824.png
Requested by: Host: inpagepush.com
URL: https://inpagepush.com/400/3509488
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b0e7fadc3bee4745eb7e38e7684dc1ab8ffb8639d16f1ebdc21cbca2f9dbcc0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 18:06:02 GMT
Last-Modified: Thu, 21 Feb 2019 14:00:06 GMT
Server: nginx
ETag: "5c6eaee6-241"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 577

GET
H2 200 3509488 Show response
inpagepush.com/500/ 1 KB
1 KB 118ms
118ms XHR
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3509488?excludes=9625604&oaid=f718cd75d4284a169b259fbaafe92d0f&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=15&pl=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3883f171634a5303fac382b0d5234ebceb70a4739bfde667d810606c24bb517a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: ab046603c2473fe4cee3692806f3a3d2
pragma: no-cache
date: Sat, 11 Sep 2021 18:06:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H2 200 3509488
inpagepush.com/500/ Frame 0
0 16ms
16ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 11 Sep 2021 18:05:54 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://paste.co.id
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H/1.1 200
OK 01602088365889.png
static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/ 2 KB
3 KB 16ms
16ms Image
image/png 139.45.197.156
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/01602088365889.png
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 18:06:03 GMT
Last-Modified: Thu, 01 Jul 2021 09:13:54 GMT
Server: nginx
ETag: "60dd8752-86d"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 2157

GET
H2 200 cLQAlAu5pg1LyI4NPlT_OHYfg2mXa2ppoZxITCPY_6J4hF_nv2MQMpIf5U4Zi6vvaj8xjp8sK6TXa6umLWz7TBH1hE5ufMQGsTn5lEDU0fAwgTsJi60IGapeDNp-OvU_X1cE7HLQWOD9NMAZtIFf6IfH4hHWwC9FJFZWVXZYLzqnC_Vg_7_buGi5a2x5Cjm86fG6n...
forflygonom.com/impression/ 43 B
324 B 13ms
13ms Image
image/gif 139.45.197.238

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forflygonom.com/impression/cLQAlAu5pg1LyI4NPlT_OHYfg2mXa2ppoZxITCPY_6J4hF_nv2MQMpIf5U4Zi6vvaj8xjp8sK6TXa6umLWz7TBH1hE5ufMQGsTn5lEDU0fAwgTsJi60IGapeDNp-OvU_X1cE7HLQWOD9NMAZtIFf6IfH4hHWwC9FJFZWVXZYLzqnC_Vg_7_buGi5a2x5Cjm86fG6ndY_RQBAMbcU3InywLcYKTl0Tt9ooTfTxuxksavdZlxPErhKAzhwOhTna207ca5SVYcDfeICcuoe_7ZKkokb9W2dfNYDOgCW8EsENrNy4IqG7hNjYv-qBwCDhJ-d4tKIvGqklhtOjmLoizG5akEl2TNrQcqC4DpZiQu3-zJ9VJb-pZ9N1XqIe1zCSDsU22Y0Nw==?_z=3509488&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=15&pl=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-trace-id: 02d03091b1b01399ccd3e22ea3285508
pragma: no-cache
date: Sat, 11 Sep 2021 18:06:00 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
content-length: 43
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 01602088365889.png
static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/ Frame 0BE3 2 KB
3 KB 16ms
16ms Image
image/png 139.45.197.156
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/01602088365889.png
Requested by: Host: inpagepush.com
URL: https://inpagepush.com/400/3509488
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 18:06:08 GMT
Last-Modified: Thu, 01 Jul 2021 09:13:54 GMT
Server: nginx
ETag: "60dd8752-86d"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 2157

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.e-volution.ai
URL: https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l8bR8wC3yz5b

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
toglooman.com/42	1970-01-20 05:55:19	Name: OAID Value: ae161155b55147e0a6cce8e3fd5f6c88
toglooman.com/42	1970-01-20 05:55:19	Name: oaidts Value: 1631383552
.mgid.com/	1970-01-19 21:09:45	Name: __cf_bm Value: zfcB3Sx5fwZ6hxcDXqWEGL4P.BBhv92VHS2FR9pyrek-1631383552-0-AeMCpbBZ7vy2CDi45pe2SbL74d+cq9K48INTKQ95OIxMjV913g+Jo5VedsDlHvaRml8VzBDVrH5hok2t042KioQ=
bedrapiona.com/	1970-01-20 05:55:19	Name: OAID Value: 5f37bc7e692e4808b6aa434f8cbc9c29
bedrapiona.com/	1970-01-20 05:55:19	Name: oaidts Value: 1631383552
my.rtmark.net/	1970-01-20 05:55:19	Name: ID Value: f718cd75d4284a169b259fbaafe92d0f
onmarshtompor.com/	1970-01-20 05:55:19	Name: OAID Value: 5f37bc7e692e4808b6aa434f8cbc9c29
onmarshtompor.com/	1970-01-20 05:55:19	Name: oaidts Value: 1631383552
.paste.co.id/	1970-01-20 14:40:55	Name: _ga Value: GA1.3.1862058005.1631383553
.paste.co.id/	1970-01-19 21:11:09	Name: _gid Value: GA1.3.1398806871.1631383553
.paste.co.id/	1970-01-19 21:09:43	Name: _gat_gtag_UA_137362802_1 Value: 1
.paste.co.id/	1970-01-19 21:09:43	Name: _gat_gtag_UA_174907544_1 Value: 1
toglooman.com/	1970-01-20 05:55:19	Name: scm Value: 1
toglooman.com/	1970-01-20 05:55:19	Name: OAID Value: ae161155b55147e0a6cce8e3fd5f6c88
toglooman.com/	1970-01-20 05:55:19	Name: oaidts Value: 1631383552
dozubatan.com/	1970-01-20 05:55:19	Name: OAID Value: 316e8d077f9246ab977b7d030938c867
paste.co.id/	1970-01-19 21:09:50	Name: XSRF-TOKEN Value: eyJpdiI6InUrenhjc1RWUVwvYlRpd0x6YXBodGJ3PT0iLCJ2YWx1ZSI6IlY4MDEzR2Y0d2FxSzBNTTJLelhqYVwvUTZjcklYYU9lc3laS0Z3aG9vOWRXN3pkWFgxcnNzU09GK3BLXC9CaE9FQiIsIm1hYyI6IjAyYjZkYTI0YzViZGZlMzM4NThlNTRiMDk1OWEwYTM5N2VjOTkyODIyMjYxMmUyYTkwMThjNTI2YzlkODZlNTAifQ%3D%3D
paste.co.id/	1970-01-19 21:09:50	Name: pasteshr_session Value: eyJpdiI6IjdncUhWNXhtOXhzTkY0VG9XTCtJVnc9PSIsInZhbHVlIjoiUDRXMkVGYUZrSWxFM0s4STZQTFFIaFpvamF5VDYyNjBCSGxcL0Rha3YwSlYyMVhwMU9iTjk2VnZmeHBzcVwvYUV1IiwibWFjIjoiZmY2MjEwNDU1NmU3M2I3MDg4NzcyNzJlZjU5NmYyMjc0ZjEwZGRhNjJhNzI3YTBlZGUyMDdlYmZiNTdmNDdlNiJ9
inpagepush.com/	1970-01-20 05:55:19	Name: OAID Value: f718cd75d4284a169b259fbaafe92d0f
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: l8bR8wC3yz5b
.paste.co.id/	1970-01-20 06:31:19	Name: __gads Value: ID=93b7de212e29d29a-229f5126edca00f0:T=1631383553:RT=1631383553:S=ALNI_MZ8BM7MFi7B-D9euN1yK-DlBcdKDw
.doubleclick.net/	1970-01-20 14:40:55	Name: IDE Value: AHWqTUmf3ajXdU2-h3eTj_Y-FkX_LKm-Ir8YuCpgt4KLFDeKTToN9pH-5lLfBNkqw9A
paste.co.id/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C997452%22%3A%7B%22page%22%3A1%2C%22time%22%3A1631383553829%7D%7D
.scorecardresearch.com/	1970-01-20 14:26:31	Name: UID Value: 1T9HVII8JZ7QI9WORRWPL3g1631383554
.bidswitch.net/	1970-01-20 05:55:19	Name: c Value: 1631383554
.bidswitch.net/	1970-01-20 05:55:19	Name: tuuid_lu Value: 1631383554
.bidswitch.net/	1970-01-20 05:55:19	Name: tuuid Value: 00291a84-3de3-4dbc-8c08-d51dcfe7e618
.creativecdn.com/	1970-01-20 05:55:19	Name: u Value: hcV59Y9dpuCMdRyze03r
.creativecdn.com/	1970-01-20 05:55:19	Name: ts Value: 1631383554
.adsrvr.org/	1970-01-20 05:55:19	Name: TDID Value: 26d2ceff-e412-4165-ab6a-30445d4b82a3
.adsrvr.org/	1970-01-20 05:55:19	Name: TDCPM Value: CAEYBSABKAIyCwjumYXysNb6ORAFOAE.
.lentainform.com/	1970-01-25 20:31:23	Name: muidn Value: l8bR8wC3yz5b
.1rx.io/	1970-01-20 05:55:19	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-17d63829-104a-49ba-9390-ef57b57a294e-003%22%7D
.betweendigital.com/	1970-01-20 05:55:19	Name: dc Value: was1
.betweendigital.com/	1970-01-20 05:55:19	Name: tuuid Value: ecdcb628-25c0-53fe-96df-c72af7e33728
.betweendigital.com/	1970-01-20 05:55:19	Name: ss Value: 1
.targeting.unrulymedia.com/	1970-01-20 05:55:19	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-17d63829-104a-49ba-9390-ef57b57a294e-003%22%7D
.idealmedia.io/	1970-01-25 20:31:23	Name: muidn Value: l8bR8wC3yz5b
.betweendigital.com/	1970-01-20 05:55:19	Name: ut Value: YTzwAgAFzGDMmkLIUL-07G5sIZrT6fVoy4RTcA==
.adtelligent.com/	1970-01-19 22:39:00	Name: vmuid Value: 13493298d8585539
.mfadsrvr.com/	1970-01-20 14:40:55	Name: tuuid Value: fce8ca69-2116-4216-a9a0-4f90f5db267a
.mfadsrvr.com/	1970-01-20 14:40:55	Name: c Value: 1631383554
.mfadsrvr.com/	1970-01-20 14:40:55	Name: tuuid_lu Value: 1631383554
.mfadsrvr.com/	1970-01-20 14:40:55	Name: ssh Value: !mgid,1631383554
cm.mgid.com/	1970-01-19 21:52:55	Name: mg_sync Value: {"265689":1631383553,"287839":1631383554,"341189":1631383553,"363887":1631383553,"371158":1631383554,"433145":1631383554,"433146":1631383553,"516418":1631383553,"617666":1631383554}

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.qrcoder.co.uk/api/v1/?size=4&text=https%3A%2F%2Fpaste.co.id%2FU4QpQI3Ncp Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
deprecation	warning	URL: https://static.lalaping.com/online.js?ver=2.0.0 Message: RTP data channels are no longer supported. The "RtpDataChannels" constraint is currently ignored, and may cause an error at a later date.
deprecation	warning	URL: https://static.lalaping.com/online.js?ver=2.0.0 Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.betweendigital.com
adservice.google.com
bedrapiona.com
c.mgid.com
cdn.mgid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
dozubatan.com
eus.rubiconproject.com
forflygonom.com
googleads.g.doubleclick.net
iclickcdn.com
inpagepush.com
interst12.com
jsc.mgid.com
littlecdn.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
my.rtmark.net
o.wowreality.info
onmarshtompor.com
pagead2.googlesyndication.com
partner.googleadservices.com
paste.co.id
perf.cdnads.com
propeller-tracking.com
pseepsie.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
s.adtelligent.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
seeptoag.net
servicer.mgid.com
static.cdnativepush.com
static.lalaping.com
stats.g.doubleclick.net
sync.1rx.io
sync.adtelligent.com
sync.e-volution.ai
sync.targeting.unrulymedia.com
toglooman.com
token.rubiconproject.com
tpc.googlesyndication.com
usermatch.targeting.unrulymedia.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.qrcoder.co.uk
x.bidswitch.net
sync.e-volution.ai
104.109.78.125
104.16.19.94
104.16.221.74
104.18.11.207
104.19.134.78
104.19.136.78
104.19.216.61
104.22.25.116
104.26.12.118
109.203.125.88
139.45.195.254
139.45.195.8
139.45.197.156
139.45.197.162
139.45.197.234
139.45.197.237
139.45.197.238
139.45.197.239
139.45.197.240
139.45.197.243
139.45.197.250
142.250.65.226
142.250.80.1
142.250.80.66
142.251.35.162
172.67.75.33
173.194.76.147
178.162.156.35
18.195.239.175
185.184.8.65
2.19.35.65
209.205.219.146
213.19.147.44
23.227.139.243
35.212.212.222
5.189.137.168
66.102.1.155
69.173.144.138
74.125.133.156
74.125.133.97
74.125.206.138
74.125.206.155
76.223.111.131
96.46.183.20
99.84.82.74
01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c
073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669
08dd76c58e5fe67aa1cfd444c3f15feaac6cf76f8e5fe22150144723a1695d20
140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
187120fddf9f88b8bbdec717ed2a51cb226d264558f12d1f813df3eadeccf100
192690a4913fa720a6702b087f9537c782a5818079e0fa2d93f1a715d87bfd77
1ebadfc20873c85989ad7e6e26b02cd1bcb89ea20cadce26ae4b4741194c4b13
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
2ade0514f4ae341d4604f27388983fbf26365f0f8d4eedec941e1250e99e7cef
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bf197fa38847e6db1d4a45ddd4c79159d33ba65664a8f3ab1285bd23b96a0da
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
328df6c6e2f817f5200362d19822d6b995fc8baf01ba8b49f267e5cb65f1c5cf
36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
3883f171634a5303fac382b0d5234ebceb70a4739bfde667d810606c24bb517a
3ab4b1287b3970b02e108541609b9bfb1615c0909435f918639713d3d164b491
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3
424f9a4be9edd22bc39eb49be4ea2767d82a86b445b9be09a380fc21e62f9e3c
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4ff785592da634e9b55ffdc2188b46323ca88811ee53af3ef4a14bc8cf5552d9
533a745b338c9bf0748da352fdf77182678a3ee77d7ab7c1f522d3b2fb1081ad
544c81d7b5f8cb9d5525b679b4d5a3b0c84a036e89a1a68ccd6e87b19cac8ad8
55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
56d83ff1f4fdfeec0bc83a774646b35429cefa444ae4ed667a57898931fe3239
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
577788094c26973f186b0f1e87c8c30e9efba4f79c6b848e681fe61ead06f9e3
584da7c6986031c42f3472e86765df15923f7a73dee6c220e8b0e4fd7abd81cb
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6795954681603084f270829ef3109cb506934b8d2d6d3346b016db2ae9fd4d31
6af808ed9e7bff50752fa079ce83791261e95d70f058589b92c0427355680380
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e57ebec627babcca3ab3dd255df76515350667df68cdfbb459dfd07d2392c91
6f9d506ca46f012b32e85827a5af350f3652633d7a61404c814059ffa66d5a1c
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
74696de7db3cfc983f841facfdca75dbf4c114af467b05e23fe6d95694cab0fa
77d5f63d41bbe1414b6e4ce17f60eed561c33e20c9b123c432b8cbad1dd79bf7
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
79608ed044b1bf4569cf31dcd176a26f53c471a03970ed70464412da09e82ecc
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5
8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140
8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045
86d346d04ac4304fa681a2a2ab854cf156cbae19ff35a188cc600cc5d0d03164
871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed
8996d952903faef98bfb3391b83d5658d004c613d161be0bdeeb8ecef23ec5a0
89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568
8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716
8eb3b9de71c245edbae191d4a29ed5ddea11a3a6bc9c58941077aaef99f0c74b
8f1385838fa75da4b5f1ea1f44898ed01e77b1f678a1afe30326cd283978fd1c
900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93
94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75
99a9a57687ac274dd9bd60a0e66c1a653252d7826f4d12dc9e1b19ab006fcec8
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
9b0444fa7b061b4fdb8d93eae1c54ea001d2f106e6ab87794269506ff36acab7
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a
b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022
b0e7fadc3bee4745eb7e38e7684dc1ab8ffb8639d16f1ebdc21cbca2f9dbcc0b
b4c72f97941f1878114b8fa4525f9b3017044ccddbf6608c02fd4e974c764507
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f
be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
c999d28f053582f6e78b22191ea6b6291c80df51035f685544c4f7f2ff212fa3
cadedca735c6ec45885014e69884b741d9ef44349cd95c9271ae066216d49f6e
ccbe6547943324d66cfc2343f9f8f944bf643a4c7e094a081a1a868d310459b6
ce51ecc2a64d161865461a62c8bc439b34cee475f23d4d11f082e167c93c6ea1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf94b70c9262e1316e2e9fab0c177aa4f934dd88eec424766c25ef204a063aff
d0e63c12b933f4c70dcf3880a7bbfb550f56a42e3aabed8c2e88f44df994921a
d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78
d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac
d290daa6e15ba87ab2163d78a8d1f73ab6e9dd6d9c3e6c165eec487b0beaae05
d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517
d72f1af96a417d4e0b10589929b9e6acf517acadfa1ddcbbfb86d64984ab7164
d801a7aee4bfe2c958fd643f0cbeec4594298233004ada814fbff90eeb0b1c0b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd1768310eff00cb3991ade0438089211dd37ba53cdf36b02714379e23ee7709
dd65eef6504beb2389df69c2e9241e32e1511ffb6b5694c87cd59dec308fdc39
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfa81932a2ad47de588692d49c7f3999458e34703c82fcd66d78e1f51a582445
e069b07616e65a002bdc8ccd372f9e6c57f25ac60564d9fad62bcf01c0333e59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea5b2f0ae6e51e58a4849658ff814852af1f2134408d0be55062dbcc1b5868fc
eac892b9f0e1485a263dafcd2ec8ed443ebe2377dddd818caa8528ad4d259a10
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d
f9202a1fff0948d7069ec549f85b790647c337eccfcc55657fcbc262b5462a9c
fc6b00b39c6831d32690a5f33fe637ecfee459123b835d461428e16ea7157842
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd98c7bf1708ac1bd739ac6ae942f4084174d3beb977565a458ce0ca959aab51
fe4aa768a275ab1427a036acb14f473bc076b7ed611b4c593528d2eede9e9aaf
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

paste.co.id Open in urlscan Pro 5.189.137.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

155 Requests

99 %HTTPS

0 %IPv6

42 Domains

55 Subdomains

38 IPs

5 Countries

1849 kBTransfer

4113 kBSize

45 Cookies

34 Outgoing links

Redirected requests

155 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

paste.co.id Open in urlscan Pro
5.189.137.168 Public Scan

Screenshot
Live screenshot

Full Image

155
Requests

99 %
HTTPS

0 %
IPv6

42
Domains

55
Subdomains

38
IPs

5
Countries

1849 kB
Transfer

4113 kB
Size

45
Cookies

155 HTTP transactions
1 data transactions