paste.co.id Open in urlscan Pro
5.189.137.168 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paste.co.id/PQTZNTvCbL
Submission Tags: falconsandbox
Submission: On January 21 via api (January 21st 2021, 6:00:04 am UTC) from US

Summary HTTP 129 Redirects Links 58 Behaviour Indicators

Summary

This website contacted 35 IPs in 9 countries across 34 domains to perform 129 HTTP transactions. The main IP is 5.189.137.168, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is paste.co.id.
TLS certificate: Issued by R3 on December 20th 2020. Valid for: 3 months.

This is the only time paste.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	5.189.137.168 5.189.137.168	51167 (CONTABO) (CONTABO)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	139.45.196.72 139.45.196.72	9002 (RETN-AS) (RETN-AS)
10	139.45.196.209 139.45.196.209	9002 (RETN-AS) (RETN-AS)
2 35	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	109.203.125.88 109.203.125.88	31727 (NODE4-AS) (NODE4-AS)
1	173.249.18.21 173.249.18.21	51167 (CONTABO) (CONTABO)
1	2a00:1450:400... 2a00:1450:4001:816::2008	15169 (GOOGLE) (GOOGLE)
18	180.131.147.94 180.131.147.94	45719 (NAWALA-AS...) (NAWALA-AS-ID Nawala Project - DNS Filtering Project)
1	2606:4700:20:... 2606:4700:20::681a:d76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.195.82 139.45.195.82	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE)
5	139.45.196.30 139.45.196.30	9002 (RETN-AS) (RETN-AS)
1	139.45.196.108 139.45.196.108	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:97b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1 1	184.24.15.122 184.24.15.122	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.108.50.124 104.108.50.124	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2 2	54.228.21.183 54.228.21.183	16509 (AMAZON-02) (AMAZON-02)
5 5	18.195.193.185 18.195.193.185	16509 (AMAZON-02) (AMAZON-02)
1 1	94.130.12.122 94.130.12.122	24940 (HETZNER-AS) (HETZNER-AS)
2 3	213.19.147.150 213.19.147.150	3356 (LEVEL3) (LEVEL3)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	104.19.216.61 104.19.216.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	139.45.197.8 139.45.197.8	9002 (RETN-AS) (RETN-AS)
5	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
1	139.45.195.57 139.45.195.57	9002 (RETN-AS) (RETN-AS)
1	2606:4700:10:... 2606:4700:10::6816:1974	13335 (CLOUDFLAR...) (CLOUDFLARENET)
129	35

16 5.189.137.168 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi465240.contaboserver.net

paste.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.196.72 (Ascension Island)

ASN9002 (RETN-AS, GB)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.196.209 (Ascension Island)

ASN9002 (RETN-AS, GB)

seeptoag.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 104.19.133.78 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.203.125.88 (Salford, United Kingdom)

ASN31727 (NODE4-AS, GB)
PTR: euk-88894.eukservers.com

www.qrcoder.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.249.18.21 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: berkas.co

berkas.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 180.131.147.94 (Indonesia)

ASN45719 (NAWALA-AS-ID Nawala Project - DNS Filtering Project, ID)

arnalyze.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:d76 (United States)

ASN13335 (CLOUDFLARENET, US)

iclickcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.82 (Ascension Island)

ASN9002 (RETN-AS, GB)

bedrapiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.196.30 (Ascension Island)

ASN9002 (RETN-AS, GB)

toglooman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.196.108 (Ascension Island)

ASN9002 (RETN-AS, GB)

onmarshtompor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:97b (United States)

ASN13335 (CLOUDFLARENET, US)

static.lalaping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.15.122 (United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-15-122.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.50.124 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-50-124.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.228.21.183 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-21-183.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.195.193.185 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.12.122 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.150 (United Kingdom) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.216.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.8 (Ascension Island)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.254 (Ascension Island)

ASN9002 (RETN-AS, GB)

o.wowreality.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.57 (Ascension Island)

ASN9002 (RETN-AS, GB)

onstunkyr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1974 (United States)

ASN13335 (CLOUDFLARENET, US)

littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	mgid.com 2 redirects jsc.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com c.mgid.com	449 KB
18	arnalyze.net arnalyze.net	13 KB
16	paste.co.id paste.co.id	1 MB
10	seeptoag.net seeptoag.net	87 KB
6	google.com www.google.com	35 KB
6	inpagepush.com inpagepush.com	60 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	toglooman.com toglooman.com	124 KB
4	gstatic.com fonts.gstatic.com	42 KB
4	cloudflare.com cdnjs.cloudflare.com	48 KB
3	doubleclick.net 2 redirects stats.g.doubleclick.net cm.g.doubleclick.net	2 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	wowreality.info o.wowreality.info	398 B
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	1rx.io 2 redirects sync.1rx.io	1007 B
2	adsrvr.org 2 redirects match.adsrvr.org	906 B
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	279 B
2	googleapis.com fonts.googleapis.com	2 KB
2	googletagmanager.com www.googletagmanager.com	78 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
1	littlecdn.com littlecdn.com	7 KB
1	onstunkyr.com onstunkyr.com	482 B
1	rtmark.net my.rtmark.net	769 B
1	google.de www.google.de	107 B
1	lentainform.com cm.lentainform.com	558 B
1	idealmedia.io cm.idealmedia.io	556 B
1	unrulymedia.com sync.targeting.unrulymedia.com	452 B
1	splicky.com 1 redirects bidswitch-eu.splicky.com	229 B
1	lalaping.com static.lalaping.com	33 KB
1	onmarshtompor.com onmarshtompor.com
1	bedrapiona.com bedrapiona.com	2 KB
1	iclickcdn.com iclickcdn.com	23 KB
1	berkas.co berkas.co	4 KB
1	qrcoder.co.uk www.qrcoder.co.uk
129	34

	Domain	Requested by
18	s-img.mgid.com	paste.co.id
18	arnalyze.net	paste.co.id arnalyze.net
16	paste.co.id	paste.co.id cdnjs.cloudflare.com
10	seeptoag.net	paste.co.id seeptoag.net
6	www.google.com	paste.co.id
6	cm.mgid.com	jsc.mgid.com paste.co.id
6	inpagepush.com	paste.co.id iclickcdn.com inpagepush.com
5	x.bidswitch.net	5 redirects
5	toglooman.com	iclickcdn.com toglooman.com
4	c.mgid.com	2 redirects
4	servicer.mgid.com	jsc.mgid.com
4	fonts.gstatic.com	fonts.googleapis.com
4	cdnjs.cloudflare.com	paste.co.id
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	o.wowreality.info	static.lalaping.com
2	sync.1rx.io	2 redirects
2	match.adsrvr.org	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	fonts.googleapis.com	paste.co.id
2	www.googletagmanager.com	paste.co.id www.googletagmanager.com
2	jsc.mgid.com	paste.co.id
2	maxcdn.bootstrapcdn.com	paste.co.id maxcdn.bootstrapcdn.com
1	littlecdn.com
1	onstunkyr.com
1	my.rtmark.net	paste.co.id
1	www.google.de	paste.co.id
1	cm.lentainform.com	paste.co.id
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	cm.idealmedia.io	paste.co.id
1	sync.targeting.unrulymedia.com	paste.co.id
1	bidswitch-eu.splicky.com	1 redirects
1	eus.rubiconproject.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.lalaping.com	toglooman.com
1	onmarshtompor.com	iclickcdn.com
1	cdn.mgid.com	paste.co.id
1	bedrapiona.com	iclickcdn.com
1	iclickcdn.com	paste.co.id
1	berkas.co	paste.co.id
1	www.qrcoder.co.uk	paste.co.id
129	42

This site contains links to these domains. Also see Links.

Domain
widgets.mgid.com
www.mgid.com
sites.google.com
medium.com
freewatchliveevent.blogspot.com
ufc247liveonline.blogspot.com
www.facebook.com
paste.ircnet.su
pasteio.com
pastebin.com
berkas.co

Subject Issuer	Validity	Valid
paste.co.id R3	`2020-12-20` - `2021-03-20`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
inpagepush.com Let's Encrypt Authority X3	`2020-11-11` - `2021-02-09`	3 months	crt.sh
seeptoag.net R3	`2020-12-14` - `2021-03-14`	3 months	crt.sh
qrcoder.co.uk cPanel, Inc. Certification Authority	`2020-12-28` - `2021-03-28`	3 months	crt.sh
berkas.co R3	`2021-01-21` - `2021-04-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.arnalyze.net Let's Encrypt Authority X3	`2020-11-09` - `2021-02-07`	3 months	crt.sh
bedrapiona.com R3	`2020-12-07` - `2021-03-07`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
toglooman.com R3	`2020-12-15` - `2021-03-15`	3 months	crt.sh
onmarshtompor.com R3	`2021-01-13` - `2021-04-13`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh
*.targeting.unrulymedia.com DigiCert SHA2 Secure Server CA	`2020-05-04` - `2022-05-09`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
o.wowreality.info Let's Encrypt Authority X3	`2020-11-13` - `2021-02-11`	3 months	crt.sh
onstunkyr.com R3	`2021-01-03` - `2021-04-03`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://paste.co.id/PQTZNTvCbL
Frame ID: B7B7108F4F01EE963A4558A8D3BD4E49
Requests: 111 HTTP requests in this frame

Frame: https://onmarshtompor.com/fac.php
Frame ID: 283BE2DD1047554B149E95E98F3AF3DA
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1611208785230842151444
Frame ID: 1ED3D6C3F255778D1C0BC36055167D9C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: E8329C1DFAF40D90E6CF1CE52DB92467
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: E9B974FA1CDC43A29D43662FD8502813
Requests: 1 HTTP requests in this frame

Frame: https://s-img.mgid.com/g/3887987/328x328/115x0x800x800/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M4MDcxMDI4MzE4M2VkYWU1NThlNTgyNjBkNTQ2M2U5LmpwZWc.webp?v=1611208785-1eMZnk9O8Emsjbdm0B-PZpM600mqxruQ46hwuZCftSU
Frame ID: DA1CF56D65086C8F3D4E934A62CECB8C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

129
Requests

99 %
HTTPS

44 %
IPv6

34
Domains

42
Subdomains

35
IPs

9
Countries

2319 kB
Transfer

3646 kB
Size

0
Cookies

58 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.mgid.com/?utm_source=paste.co.id&utm_medium=referral&utm_campaign=widgets&utm_content=997452

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805577/i/57333099/0/pp/1/1?h=fOdZpgku58nGuA3N9b7swCatUVUbW-7JA7WvWUtuV3m0uhH_cEGXjpMsKIe8N662&rid=dc6aae75-5bad-11eb-a9d6-d094662c24f7&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/4147878/i/57333099/0/pp/2/1?h=fOdZpgku58nGuA3N9b7swC2f9zhutoClbHMVDuLVXv80RtW3bMg_Jn_4a2ueooLJ&rid=dc6aae75-5bad-11eb-a9d6-d094662c24f7&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805589/i/57333099/0/pp/3/1?h=fOdZpgku58nGuA3N9b7swA4QTN-4QHXQ_WvkMtnYg9naeA6Lf6-3tRvY5m0oMIRP&rid=dc6aae75-5bad-11eb-a9d6-d094662c24f7&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805500/i/57333099/0/pp/4/1?h=fOdZpgku58nGuA3N9b7swBQuzs1y9Qz_mz--5t8u311bHiKH_dc4eGU5eYwUE0vT&rid=dc6aae75-5bad-11eb-a9d6-d094662c24f7&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://sites.google.com/view/ufc-247-live-online/
Title: https://sites.google.com/view/ufc-247-live-online/

Search URL Search Domain Scan URL

URL: https://medium.com/
Title: https://medium.com/

Search URL Search Domain Scan URL

URL: https://freewatchliveevent.blogspot.com/2020/02/ufc-247-live-jones-vs-reyes-live.html
Title: https://freewatchliveevent.blogspot.com/2020/02/ufc-247-live-jones-vs-reyes-live.html

Search URL Search Domain Scan URL

URL: https://ufc247liveonline.blogspot.com/2020/02/ufc-247-live-stream-how-to-watch-jon.html
Title: https://ufc247liveonline.blogspot.com/2020/02/ufc-247-live-stream-how-to-watch-jon.html

Search URL Search Domain Scan URL

URL: https://www.facebook.com/watchJonesvsReyes/
Title: https://www.facebook.com/watchJonesvsReyes/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/events/496228604372133/
Title: https://www.facebook.com/events/496228604372133/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/events/1486646674833029/
Title: https://www.facebook.com/events/1486646674833029/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/UFC247LiveOnline/
Title: https://www.facebook.com/groups/UFC247LiveOnline/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/events/124744135509365/
Title: https://www.facebook.com/events/124744135509365/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/events/2487089238287140/
Title: https://www.facebook.com/events/2487089238287140/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WATCHUFCPPV/
Title: https://www.facebook.com/WATCHUFCPPV/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/events/2630246983888007/
Title: https://www.facebook.com/events/2630246983888007/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/4KHDVideoLive/
Title: https://www.facebook.com/4KHDVideoLive/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/events/472844546999878/
Title: https://www.facebook.com/events/472844546999878/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/events/1410393455809836/
Title: https://www.facebook.com/events/1410393455809836/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/events/635756170576137/
Title: https://www.facebook.com/events/635756170576137/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DominickReyesUFC/
Title: https://www.facebook.com/DominickReyesUFC/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HowToWatchUFCPayPerViewForFree/
Title: https://www.facebook.com/HowToWatchUFCPayPerViewForFree/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/events/185266876178952/
Title: https://www.facebook.com/events/185266876178952/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/events/1067711210255585/
Title: https://www.facebook.com/events/1067711210255585/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WatchUFCOnlineFreeLiveStream/
Title: https://www.facebook.com/WatchUFCOnlineFreeLiveStream/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/events/3031205926913420/
Title: https://www.facebook.com/events/3031205926913420/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Ufcppvtonight/
Title: https://www.facebook.com/Ufcppvtonight/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HowToWatchUFConESPN/
Title: https://www.facebook.com/HowToWatchUFConESPN/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/events/2523261954579089/
Title: https://www.facebook.com/events/2523261954579089/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UFC247FightCard/
Title: https://www.facebook.com/UFC247FightCard/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/events/161556961936418/
Title: https://www.facebook.com/events/161556961936418/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/watchufclivestreamingforfreeonustream/
Title: https://www.facebook.com/watchufclivestreamingforfreeonustream/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/events/662591947812606/
Title: https://www.facebook.com/events/662591947812606/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/events/607978583355146/
Title: https://www.facebook.com/events/607978583355146/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ufcstreamfreeonline/
Title: https://www.facebook.com/ufcstreamfreeonline/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/events/1627394137426433/
Title: https://www.facebook.com/events/1627394137426433/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Ufcfreestream/
Title: https://www.facebook.com/Ufcfreestream/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/events/266677657650755/
Title: https://www.facebook.com/events/266677657650755/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/events/591275424757100/
Title: https://www.facebook.com/events/591275424757100/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Redditufc/
Title: https://www.facebook.com/Redditufc/

Search URL Search Domain Scan URL

URL: http://paste.ircnet.su/view/2ec20191
Title: http://paste.ircnet.su/view/2ec20191

Search URL Search Domain Scan URL

URL: https://pasteio.com/xiyD8gCbH0Al
Title: https://pasteio.com/xiyD8gCbH0Al

Search URL Search Domain Scan URL

URL: https://pastebin.com/MRz4X91c
Title: https://pastebin.com/MRz4X91c

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=paste.co.id&utm_medium=referral&utm_campaign=widgets&utm_content=914924

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/5097644/i/126987/0/pp/1/1?h=gnzgJlvLdIhhwUGuO-nAVz8QVTxtJW7yobEPDNCNhjgQPlfu6oPrM5k-7cy1_meN&rid=dc828569-5bad-11eb-bc5e-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1&muid=l0kJW8nf7MXl

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3859212/i/126987/0/pp/2/1?h=gnzgJlvLdIhhwUGuO-nAVxIBhbiA5CLe0rwPDynVRqKSEywr6HSaop31lhYQkcrS&rid=dc828569-5bad-11eb-bc5e-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1&muid=l0kJW8nf7MXl

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3860767/i/126987/0/pp/3/1?h=gnzgJlvLdIhhwUGuO-nAV4E1J1PPOmASahfZ2Za-zV18thyU_BI-p93qxK0nJcI-&rid=dc828569-5bad-11eb-bc5e-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1&muid=l0kJW8nf7MXl

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805584/i/126987/0/pp/4/1?h=gnzgJlvLdIhhwUGuO-nAV9cHx2oD3jRdNoVF27yyy46cxsUAsnKfE9hpak_BqDix&rid=dc828569-5bad-11eb-bc5e-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1&muid=l0kJW8nf7MXl

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3944304/i/57333099/0/pp/1/1?h=fOdZpgku58nGuA3N9b7swLIMJ5uTVz5C-XRiTfFhLXQ1nwzZ5zo7ss6TcYAqn-4o&rid=dc7878be-5bad-11eb-a9d6-d094662c24f7&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1&muid=l0kJW8nf7MXl

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3839411/i/57333099/0/pp/2/1?h=fOdZpgku58nGuA3N9b7swN9xDB0sqaXiUaQlMkI2j-8ShYIMO_yGW13XBpINieLE&rid=dc7878be-5bad-11eb-a9d6-d094662c24f7&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1&muid=l0kJW8nf7MXl

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/4023144/i/57333099/0/pp/3/1?h=fOdZpgku58nGuA3N9b7swDPNovwjvySNG1HBbnLnJtnBvnbgVriSggHoDbBlLpWS&rid=dc7878be-5bad-11eb-a9d6-d094662c24f7&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1&muid=l0kJW8nf7MXl

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3864267/i/57333099/0/pp/4/1?h=fOdZpgku58nGuA3N9b7swAPFezQ1_BALw2FAVZwXf9WeXP2Xh8S9o__pRXORU-3k&rid=dc7878be-5bad-11eb-a9d6-d094662c24f7&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1&muid=l0kJW8nf7MXl

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/5097647/i/57333099/0/pp/1/1?h=fOdZpgku58nGuA3N9b7swFCEUwML50FBbqXSMzGfunjmBNhdxtQvifewoUMFfeeQ&rid=dc7a137a-5bad-11eb-aca4-d09466576dad&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1&muid=l0kJW8nf7MXl

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3859212/i/57333099/0/pp/2/1?h=fOdZpgku58nGuA3N9b7swBIBhbiA5CLe0rwPDynVRqL7x76NQi_Gm6rsYhKrMJth&rid=dc7a137a-5bad-11eb-aca4-d09466576dad&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1&muid=l0kJW8nf7MXl

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/6288121/i/57333099/0/pp/3/1?h=fOdZpgku58nGuA3N9b7swNT7LfZnLHmYqO-1ashrDPt0u7SCfUMYjjS9wsScRiFq&rid=dc7a137a-5bad-11eb-aca4-d09466576dad&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1&muid=l0kJW8nf7MXl

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/6288128/i/57333099/0/pp/4/1?h=fOdZpgku58nGuA3N9b7swCWRMIyTNNAUKGA9XE6aD5vxgqaONgM3VZgyUHIlSXHN&rid=dc7a137a-5bad-11eb-aca4-d09466576dad&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1&muid=l0kJW8nf7MXl

Search URL Search Domain Scan URL

URL: https://berkas.co/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://c.mgid.com/c?pv=2&v=0|0|0|ckLWOdItVGX9AsxKcHDeNlnMFdpHPmKy-E84NG6EZkDPOBGsf6L83QhW2oMM8vTj&cid=756446&f=1&h2=eQSu2z1uT5JoYjgdTlNK7I9geXN6CnYy2f3MxA5iwbg*&rid=z3509488zb5920476bcBEcp2ph2021012100h&psid=1_3509488&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzM4ODc5ODcvMzI4eDMyOC8xMTV4MHg4MDB4ODAwL2FIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TVRrdE1EY3ZNVEF4T1RJMEwyTTRNRGN4TURJNE16RTRNMlZrWVdVMU5UaGxOVGd5TmpCa05UUTJNMlU1TG1wd1pXYy53ZWJwP3Y9MTYxMTIwODc4NS0xZU1abms5TzhFbXNqYmRtMEItUFpwTTYwMG1xeHJ1UTQ2aHd1WkNmdFNV HTTP 301
https://s-img.mgid.com/g/3887987/328x328/115x0x800x800/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M4MDcxMDI4MzE4M2VkYWU1NThlNTgyNjBkNTQ2M2U5LmpwZWc.webp?v=1611208785-1eMZnk9O8Emsjbdm0B-PZpM600mqxruQ46hwuZCftSU

Request Chain 84

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 85

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDBrSlc4bmY3TVhs&muidn=l0kJW8nf7MXl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDBrSlc4bmY3TVhs&muidn=l0kJW8nf7MXl&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=l0kJW8nf7MXl&google_ula={guid},5&google_gid=CAESEN_BaYlsMMPzWvk4VHXLN2Q&google_cver=1

Request Chain 86

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=5a6a2f84-4946-40d1-a71e-26c933ab5c95&ttl=1613800786

Request Chain 87

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=af0cbafa-411e-4f44-990e-d3b700d8fe4b HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=af0cbafa-411e-4f44-990e-d3b700d8fe4b HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=af0cbafa-411e-4f44-990e-d3b700d8fe4b&gdpr=&gdpr_consent=&us_privacy=

Request Chain 88

https://x.bidswitch.net/sync?dsp_id=303&user_id=l0kJW8nf7MXl HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l0kJW8nf7MXl HTTP 302
https://sync.1rx.io/usersync/bidswitch/af0cbafa-411e-4f44-990e-d3b700d8fe4b?gdpr=&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/bidswitch/af0cbafa-411e-4f44-990e-d3b700d8fe4b?zcc=1&dspret=0&cb=1611208786798 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-44c9734a-7d9e-47b8-be6a-52269f5487b9-003

Request Chain 90

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=S5JDvS0gvANUkCElvs1P&pi=mgid&tc=1

Request Chain 117

https://c.mgid.com/c?pv=2&v=0|0|0|ckLWOdItVGX9AsxKcHDeNlnMFdpHPmKy-E84NG6EZkDPOBGsf6L83QhW2oMM8vTj&cid=756446&f=1&h2=eQSu2z1uT5JoYjgdTlNK7I9geXN6CnYy2f3MxA5iwbg*&rid=z3509488zb5920476bcBEcp2ph2021012100h&psid=1_3509488&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzM4ODc5ODcvMzI4eDMyOC8xMTV4MHg4MDB4ODAwL2FIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TVRrdE1EY3ZNVEF4T1RJMEwyTTRNRGN4TURJNE16RTRNMlZrWVdVMU5UaGxOVGd5TmpCa05UUTJNMlU1TG1wd1pXYy53ZWJwP3Y9MTYxMTIwODc4NS0xZU1abms5TzhFbXNqYmRtMEItUFpwTTYwMG1xeHJ1UTQ2aHd1WkNmdFNV HTTP 301
https://s-img.mgid.com/g/3887987/328x328/115x0x800x800/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M4MDcxMDI4MzE4M2VkYWU1NThlNTgyNjBkNTQ2M2U5LmpwZWc.webp?v=1611208785-1eMZnk9O8Emsjbdm0B-PZpM600mqxruQ46hwuZCftSU

129 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set PQTZNTvCbL Show response
paste.co.id/ 83 KB
84 KB 11638ms
11567ms Document
text/html 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/PQTZNTvCbL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: Apache / PHP/7.3.24
Resource Hash: 3f55d8fabc2e02c2cff7ae8cba38b6a2c2fb220567de09b0450c290bf89fbb3f

Request headers

Host: paste.co.id
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:59:32 GMT
Server: Apache
X-Powered-By: PHP/7.3.24
Cache-Control: no-cache, private
X-RateLimit-Limit: 60
X-RateLimit-Remaining: 59
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkJiTjg3WnNtVXdsTjhuTUdmSjRTWXc9PSIsInZhbHVlIjoiMUp0RnYwdjhVRkloUHVtZ3FLb2pCd0t4eW0zMlFsWEJnV0FhVkE5blVBN01qTDcxcjY0eFJEOE1IM2VibnQ3QiIsIm1hYyI6ImY3YjNhMWY1OGY1ZmYxMzdhYzEyYTZmYTY5OTIyMWNlNTJiM2RiOTEyYjBiODJiYzJmYjU4OTg4NDk4OGJlNmMifQ%3D%3D; expires=Thu, 21-Jan-2021 07:59:44 GMT; Max-Age=7200; path=/ pasteshr_session=eyJpdiI6Im41ZWVaTHBaK2hnRk1YK2hTSU9IcGc9PSIsInZhbHVlIjoiQWdidUlrZkVRazB1OGdqYnVRVFVDSWlBMzN0RElYWTh1aUk5MmRqMWxuTGFcL2FsTXVCQnVaQlpWc2xibjRFRXkiLCJtYWMiOiI1Yjg4MjYyM2Y2ZTk4ZTc0YTI1MTAyZjE4NmYwMzNmZWQ3YzBiZGQ3MzkyNWJiOGM5ZjI5ZjhjMjc1MTExOTUxIn0%3D; expires=Thu, 21-Jan-2021 07:59:44 GMT; Max-Age=7200; path=/; httponly
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 24ms
9ms Stylesheet
text/css 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H/1.1 200
OK bootstrap.min.css
paste.co.id/css/ 138 KB
138 KB 74ms
34ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/bootstrap.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: Apache /
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:59:44 GMT
Last-Modified: Thu, 08 Nov 2018 15:15:02 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 140936

GET
H/1.1 200
OK mdb.min.css
paste.co.id/css/ 226 KB
227 KB 98ms
35ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/mdb.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: Apache /
Resource Hash: 8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:59:44 GMT
Last-Modified: Thu, 08 Nov 2018 15:15:02 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 231744

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/ 15 KB
2 KB 11ms
10ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/select2.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 638693
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 1624
cf-request-id: 07c52010a100002c32c6ade000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-3b5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CRp4dKzIe63ya6YSTaoIsPI3MjJLPMMBYYTlai%2FgFgC26nl7%2FnOnv%2BgY%2F0XKA8UBPuDb0ECfVBJME75jFXHcOabrxqbL1uAQe4OVHI%2Beb%2BJ5HZyVOXG6T3tUA7yomJMdIQ%3D%3D"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 614ecf943d732c32-FRA
expires: Tue, 11 Jan 2022 05:59:44 GMT

GET
H/1.1 200
OK special.min.css
paste.co.id/css/skins/ 3 KB
3 KB 96ms
33ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/skins/special.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: Apache /
Resource Hash: d801a7aee4bfe2c958fd643f0cbeec4594298233004ada814fbff90eeb0b1c0b

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:59:44 GMT
Last-Modified: Wed, 24 Apr 2019 12:08:22 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2987

GET
H/1.1 200
OK app.min.css
paste.co.id/css/ 648 B
889 B 97ms
33ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/app.min.css?v=1.2
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: Apache /
Resource Hash: 8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:59:44 GMT
Last-Modified: Fri, 05 Jun 2020 17:06:52 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 648

GET
H/1.1 200
OK prism-okadia.css
paste.co.id/plugins/prismjs/ 13 KB
13 KB 98ms
34ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism-okadia.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: Apache /
Resource Hash: 36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:59:44 GMT
Last-Modified: Tue, 29 Jan 2019 22:43:52 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 12909

GET
H/1.1 200
OK 3509488 Show response
inpagepush.com/400/ 78 KB
28 KB 87ms
26ms Script
application/javascript 139.45.196.72
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3509488

Requested by

Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.72 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ddb9b800b28662d6f0db9e719891851fa3cb9c877161758fb5fe3cf0195bf03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: b2dab0a3613bde75dab9aba4f370aea7
Pragma: no-cache
Date: Thu, 21 Jan 2021 05:59:44 GMT
Content-Encoding: gzip
Vary: Origin
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK ntfc.php Show response
seeptoag.net/ 39 KB
11 KB 69ms
22ms Script
application/javascript 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/ntfc.php?p=3534037
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 008d5a9d53c757fadb7b3858ecdaa1f288bf20f9cb8baddc0a4d7babb2169369

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Jan 2021 05:59:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-9b9e"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK default-avatar.png
paste.co.id/img/ 7 KB
7 KB 39ms
37ms Image
image/png 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paste.co.id/img/default-avatar.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: Apache /
Resource Hash: d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:59:44 GMT
Last-Modified: Wed, 28 Nov 2018 16:58:44 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 6957

GET
H2 200 paste.co.id.997452.js Show response
jsc.mgid.com/p/a/ 239 KB
65 KB 89ms
42ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9625041c8a7a1e053e36d006f0613dfb5ea0bb81fd81c011fbc34a30c3cd55f

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 3550
cf-polished: origSize=244736
last-modified: Tue, 19 Jan 2021 13:19:59 GMT
x-amz-request-id: 8HCZ2M1S2WEJCH4J
x-amz-id-2: b+AVvgL1qjrP8M/QdUXRzxIwZ1b4ZAPsdSmkcXx/6v0y/DiRWlQkNZeg1q8RO+GXUpP8aXKFuPw=
cf-bgj: minify
server: cloudflare
etag: W/"f6a97373759c787174b0a35fa9b0e0fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 07c52011bb0000fa6cec043000000001
cf-ray: 614ecf95fdd6fa6c-AMS
expires: Thu, 21 Jan 2021 08:59:44 GMT

GET
H2 200 paste.co.id.914924.js Show response
jsc.mgid.com/p/a/ 238 KB
65 KB 125ms
78ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52f8bbea1f4d10a35bd29422b296e15d6d86ace05e21e18c798038dc3f50a677

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 3550
cf-polished: origSize=244172
last-modified: Wed, 20 Jan 2021 08:07:55 GMT
x-amz-request-id: 0C5F890725A974A4
x-amz-id-2: 0N6W+HeR3lST901ipTyE9+zb5OFv5gqWMs87O+HpyRqMcdLbNfBI+/nqY/RXYqLEE7xjQNozZpo=
cf-bgj: minify
server: cloudflare
etag: W/"6f12aec052922da0787be9fa9f0c3f60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 07c52011bb0000fa6cab2b6000000001
cf-ray: 614ecf95fdd7fa6c-AMS
expires: Thu, 21 Jan 2021 08:59:44 GMT

GET
H/1.1 403
Forbidden /
www.qrcoder.co.uk/api/v1/ 0
0 665ms
38ms Image
text/html 109.203.125.88
NODE4-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.qrcoder.co.uk/api/v1/?size=4&text=https%3A%2F%2Fpaste.co.id%2FPQTZNTvCbL
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 109.203.125.88 Salford, United Kingdom, ASN31727 (NODE4-AS, GB),
Reverse DNS: euk-88894.eukservers.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK logo.png
berkas.co/ds1/img/ 4 KB
4 KB 152ms
35ms Image
image/png 173.249.18.21
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://berkas.co/ds1/img/logo.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.249.18.21 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: berkas.co
Software: nginx/1.16.1 / RHZ SECURITY
Resource Hash: 5eb58957336c213965803eb8f38617c70deea70a22470a4e66a0712a870e9c09

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:59:44 GMT
ETag: "e5e-5a81d91e86dc0"
Last-Modified: Mon, 15 Jun 2020 11:17:19 GMT
Server: nginx/1.16.1
X-Powered-By: RHZ SECURITY
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3678

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
27 KB 10ms
10ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 23184
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 27433
cf-request-id: 07c520111000002c32d12df000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DCuEgNr9aaW5Lo%2FQv7PSDZszXHHu%2BucdKVK7ZCgZGLyOaWduFRXwb5qZESzub4G9QChk8FhpZaYvlLJd27wbcRxQbX6qOiVAJYcehVwvo0NUYsW04lHlJhZB8ta8rVxKvQ%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 614ecf94ee502c32-FRA
expires: Tue, 11 Jan 2022 05:59:44 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
paste.co.id/js/ 50 KB
50 KB 34ms
34ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/bootstrap.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: Apache /
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:59:44 GMT
Last-Modified: Thu, 08 Nov 2018 15:15:02 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 51039

GET
H/1.1 200
OK mdb.min.js Show response
paste.co.id/js/ 204 KB
205 KB 34ms
33ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/mdb.min.js?v=2
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: Apache /
Resource Hash: 073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:59:44 GMT
Last-Modified: Tue, 29 Jan 2019 22:15:46 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 209366

GET
H2 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/ 65 KB
16 KB 13ms
10ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/select2.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2253728
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 15668
cf-request-id: 07c520118800002c323c3e3000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-1042e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hySNrYBr0sQzv7Ia67kbn50qgFXKgRoC3sH%2BqG%2Fud8Fs779HNIDzH%2Br2VrNeV7Cq3byMkLJsBhEyLcS2AeL6Kye%2FU7yhiaDrdybZihm%2F56%2FWOwrK4vloCxXJXFp%2BeciTGw%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 614ecf95af802c32-FRA
expires: Tue, 11 Jan 2022 05:59:44 GMT

GET
H/1.1 200
OK ads.js Show response
paste.co.id/js/ 22 B
275 B 36ms
33ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/ads.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: Apache /
Resource Hash: 83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:59:44 GMT
Last-Modified: Sat, 14 Mar 2020 00:25:06 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 22

GET
H/1.1 200
OK app.min.js Show response
paste.co.id/js/ 1 KB
2 KB 38ms
35ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/app.min.js?v=1.5
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: Apache /
Resource Hash: 900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:59:44 GMT
Last-Modified: Sat, 14 Mar 2020 00:34:12 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1456

GET
H/1.1 200
OK prism.js Show response
paste.co.id/plugins/prismjs/ 328 KB
329 KB 40ms
38ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: Apache /
Resource Hash: af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:59:44 GMT
Last-Modified: Sat, 24 Nov 2018 17:17:38 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 336289

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-174907544-1

Requested by

Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6386d56a5db7c9252120e03372cccabea712109bc60d16790ae520e40263c7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39560
x-xss-protection: 0
last-modified: Thu, 21 Jan 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Jan 2021 05:59:44 GMT

GET
H2 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel/ 37 KB
12 KB 817ms
249ms Script
application/javascript 180.131.147.94
DNS Filtering Pro...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 180.131.147.94 , Indonesia, ASN45719 (NAWALA-AS-ID Nawala Project - DNS Filtering Project, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.25
Resource Hash: f6cb2c4c9c079acc6d20bb301334911ce189df64c8db2efb2ea1b99df30f206c

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: cache
date: Thu, 21 Jan 2021 05:59:45 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.25
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
expires: Thu, 21 Jan 2021 06:04:45 GMT

GET
H2 200 tag.min.js Show response
iclickcdn.com/ 81 KB
23 KB 39ms
19ms Script
application/javascript 2606:4700:20::681a:d76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iclickcdn.com/tag.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf44440b5a5d9f372b338ca5859fa02f7a8997b19bfe709fff0bd40a6d6f7f79

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
timing-allow-origin: *
age: 22031
access-control-allow-methods: GET, POST, OPTIONS
cf-request-id: 07c52011c00000325039ac6000000001
x-trace-id: 33229296a07558d726391960f237ef78
pragma: no-cache
last-modified: Wed, 20 Jan 2021 13:20:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sT3%2B9rHLVlG57bjH6xlWKfMNy9Mj5ylafUvCBlw3zyhOXH%2BBDs2cBVibL1D7fLm2MjUmjUEiYugXkZ4uPhdIdLjB6ICGfOSyzM4OCMvCx%2FxXoGIRAOAHBwg3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 614ecf95fc543250-FRA
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Thu, 21 Jan 2021 23:52:33 GMT

GET
H/1.1 200
OK Roboto-Light.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 37ms
37ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Light.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: Apache /
Resource Hash: 94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:59:44 GMT
Last-Modified: Thu, 08 Nov 2018 15:15:02 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 49380

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 22ms
8ms Font
font/woff2 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://paste.co.id
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 77171

GET
H/1.1 200
OK Roboto-Regular.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 40ms
40ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Regular.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: Apache /
Resource Hash: b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:59:44 GMT
Last-Modified: Thu, 08 Nov 2018 15:15:02 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 49236

GET
H/1.1 200
OK Roboto-Bold.woff2
paste.co.id/font/roboto/ 49 KB
49 KB 36ms
35ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Bold.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: Apache /
Resource Hash: 8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:59:44 GMT
Last-Modified: Thu, 08 Nov 2018 15:15:02 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 49976

GET
H2 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/ 10 KB
3 KB 10ms
10ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/plugins/prismjs/prism.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 636550
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 2905
cf-request-id: 07c520133c00002c32c2099000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e29-29a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hEkTUPyybNi0dkID9%2B5vRTCQEHGllEQMRNTSx0No%2FrWxmaKim6TKn5M6Fm%2Bu70ZftfMtd4wE0uyuitP%2Fyka7cNOAtsEwf4pbrdr3PKW6W2ScHuvc1Ko1OPi19Qukg0ak5g%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 614ecf985b632c32-FRA
expires: Tue, 11 Jan 2022 05:59:44 GMT

GET
H/1.1 200
OK zone Show response
seeptoag.net/ 716 B
1 KB 21ms
20ms Fetch
application/json 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/zone?pub=0&zone_id=3534037&is_mobile=false&domain=paste.co.id&var=&ymid=&var_3=

Requested by

Host: seeptoag.net
URL: https://seeptoag.net/ntfc.php?p=3534037

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3395f34890f7a118cabaf593ace676cc842da39dc910a64de6a700a6a37e85f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 2b035c932f45340e2845f08a8d92edf0
Date: Thu, 21 Jan 2021 05:59:44 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 716

GET
H/1.1 200
OK universal.min.js Show response
seeptoag.net/pfe/current/ 188 KB
54 KB 80ms
35ms Fetch
application/javascript 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/pfe/current/universal.min.js?v=3.1.281
Requested by: Host: seeptoag.net
URL: https://seeptoag.net/ntfc.php?p=3534037
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6d85189d6bb0bbafeab584b658483689630c0393c3be7f1bae6d2673c0957160

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Jan 2021 05:59:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-2ef30"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK / Show response
bedrapiona.com/5/3724584/ 3 KB
2 KB 81ms
21ms XHR
application/json 139.45.195.82
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/3724584/?oo=1
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.195.82 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6b3eaa5469d97186021c59f57f686280442d9f37c9706838f3816b13fb2b7f95

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: f0098b8b643333828965405ab6043510
Pragma: no-cache, no-cache
Date: Thu, 21 Jan 2021 05:59:44 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://paste.co.id
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK get-paste Show response
paste.co.id/ 3 KB
4 KB 2009ms
2008ms XHR
application/json 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/get-paste
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: Apache / PHP/7.3.24
Resource Hash: 9eba1dfe1f84fed6ec0c7b50bdabaffd74ff329520dc329cd08d636b85d3947f

Request headers

Accept: */*
Referer: https://paste.co.id/PQTZNTvCbL
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Thu, 21 Jan 2021 05:59:44 GMT
Server: Apache
X-Powered-By: PHP/7.3.24
X-RateLimit-Remaining: 58
Content-Type: application/json
Cache-Control: no-cache, private
Transfer-Encoding: chunked
X-RateLimit-Limit: 60
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98

GET
H2 200 css
fonts.googleapis.com/ 2 KB
646 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Jan 2021 04:13:20 GMT
server: ESF
date: Thu, 21 Jan 2021 05:59:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Jan 2021 05:59:44 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 26ms
25ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
age: 4213
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-id-2: Cnwert1GiENoysUfBDXPF2oxBVB7KvQCrQPePrf/gjyjLKV6G2s01OhrGpZe00vVtwDUBpnt1yc=
content-type: image/svg+xml
cf-ray: 614ecf9969f5fa6c-AMS
x-amz-request-id: DCB403D7254D6E85
cf-request-id: 07c52013e00000fa6cf38f5000000001

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137362802-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-174907544-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cbb5ec97796ace8b312817a4f214cd37c8461856f9ebf5e2475a52cb00471451

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39574
x-xss-protection: 0
last-modified: Thu, 21 Jan 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Jan 2021 05:59:44 GMT

GET
H/1.1 200
OK 3724582 Show response
inpagepush.com/400/ 78 KB
28 KB 27ms
26ms Script
application/javascript 139.45.196.72
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3724582

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.72 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

9ed94600f1118c77d5c8d509705462039cded560a4913517afbca5b6920b0bce

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: ca5618af5be50a72c4ae70f24e7d0a83
Pragma: no-cache
Date: Thu, 21 Jan 2021 05:59:44 GMT
Content-Encoding: gzip
Vary: Origin
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 1 Show response
toglooman.com/ 7 KB
4 KB 83ms
20ms Script
text/javascript 139.45.196.30
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/1?z=3724583
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.196.30 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8574d591615c183331795e7a7d13f68014669366908670ea0b29cabe922c18bd

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Jan 2021 05:59:45 GMT
Content-Encoding: gzip
X-Sc: G3DcUw1QhOm_SRrmszpfYrHPZq1fIslG9gEGKOd-zfapkyv-LsIpbGYPwmXz8pawpT6ucsxqSPVWU2jY8u0YQredZ7g=
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content fac.php
onmarshtompor.com/ Frame 283B 0
0 79ms
19ms Document
text/html 139.45.196.108
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/fac.php

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.108 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: onmarshtompor.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://paste.co.id/PQTZNTvCbL
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/PQTZNTvCbL

Response headers

Server: nginx
Date: Thu, 21 Jan 2021 05:59:45 GMT
Content-Type: text/html; charset=utf8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
X-Trace-Id: bdb8887bd426ab9b61c6a5d45f1e9085
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/css?family=Open+Sans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 20:12:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 553647
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Fri, 14 Jan 2022 20:12:17 GMT

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
2 KB 77ms
72ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?w=840&h=236&p3_w=201&p3_h=189&cols=4&pv=5&cbuster=1611208784999868448397&uniqId=08dfb&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FPQTZNTvCbL&lu=https%3A%2F%2Fpaste.co.id%2FPQTZNTvCbL&pageView=1&pvid=1772386fc67a4b095e4&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65aedd843259c8952425f29d342411f19c9cd8f9d4956c1a28093834e77dc0c7

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 614ecf9a5b1dfa6c-AMS
cf-request-id: 07c52014720000fa6c99145000000001

GET
H3-Q050 200 css
fonts.googleapis.com/ 22 KB
1 KB 43ms
28ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

297b33ba930feb975c6869804a999ec114c2235b151d019e4e844902f3ce41c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Jan 2021 04:02:01 GMT
server: ESF
date: Thu, 21 Jan 2021 05:59:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Jan 2021 05:59:45 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 532ebb63b21f25cd2321d533fa378e22801af099c6b8b115d66f5fb2a9b9f482

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 78ms
78ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?w=840&h=234&p3_w=201&p3_h=189&cols=4&pv=5&cbuster=1611208785090465588273&uniqId=0b97b&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FPQTZNTvCbL&lu=https%3A%2F%2Fpaste.co.id%2FPQTZNTvCbL&pageView=0&pvid=1772386fcc29b2af068&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 775144e9227bb6dabd93619be2bd4035860f7cbc3f74de37adbd01565941db8d

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 614ecf9adbbbfa6c-AMS
cf-request-id: 07c52014c80000fa6cfeb6d000000001

GET
H/1.1 200
OK 3509488 Show response
inpagepush.com/500/ 2 KB
2 KB 139ms
138ms XHR
application/javascript 139.45.196.72
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3509488?excludes=&oaid=baf91f9d49b543e0bbc541f230ec0793&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Fpaste.co.id%2FPQTZNTvCbL&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.72 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

7a42637f433656279254fc91082a1398b6544ac1157f3deb938b5bed604045af

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 21 Jan 2021 05:59:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 8f9c3108483c44807c05061ab761a3ed
Pragma: no-cache
Server: nginx
Vary: Origin
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H/1.1 200
OK 3509488
inpagepush.com/500/ Frame 0
0 80ms
19ms Other 139.45.196.72
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Server

139.45.196.72 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 21 Jan 2021 05:59:45 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Max-Age: 300
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 73ms
73ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?w=255&h=419&p3_w=90&p3_h=177&cols=2&pv=5&cbuster=1611208785107299697317&uniqId=003a9&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FPQTZNTvCbL&lu=https%3A%2F%2Fpaste.co.id%2FPQTZNTvCbL&pageView=0&pvid=1772386fcd3b84d0b4a&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4cdb4472d6a8be04a0e81dd67b103b0fdf19134592df20be9f145b814a7397d

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 614ecf9afbd9fa6c-AMS
cf-request-id: 07c52014d80000fa6cf800d000000001

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 35ms
20ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 15:35:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 570252
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Fri, 14 Jan 2022 15:35:33 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 33ms
21ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 06:19:46 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 85199
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Thu, 20 Jan 2022 06:19:46 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 32ms
20ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 14 Jan 2021 16:12:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 568060
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Fri, 14 Jan 2022 16:12:05 GMT

GET
H2 200 1 Show response
servicer.mgid.com/914924/ 3 KB
1 KB 72ms
71ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/914924/1?w=844&h=250&cols=2&pv=5&cbuster=1611208785161217875736&uniqId=15ebd&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FPQTZNTvCbL&lu=https%3A%2F%2Fpaste.co.id%2FPQTZNTvCbL&pageView=0&pvid=1772386fd0aa11c512e&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e28cb7cb138dc164989f739ffcbb81145ae30fe4eaa305f9c749d66329d7a25a

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 614ecf9b4c39fa6c-AMS
cf-request-id: 07c520150f0000fa6cfeb71000000001

GET
H/1.1 200
OK aa21ffd5bd79b60231a399dbeece7720 Show response
toglooman.com/27/ 361 KB
119 KB 28ms
28ms Script
application/javascript 139.45.196.30
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://toglooman.com/27/aa21ffd5bd79b60231a399dbeece7720

Requested by

Host: toglooman.com
URL: https://toglooman.com/1?z=3724583

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.30 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

608804b0adb56d57d8cadd4e0bed1a85d71995b18b7af443e904ab862e067249

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:59:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 20 Jan 2021 08:58:38 GMT
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: max-age:290304000, public
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Wed, 19 Feb 2081 08:58:38 GMT

GET
H/1.1 200
OK 38 Show response
toglooman.com/42/ 0
722 B 57ms
20ms Script
text/plain 139.45.196.30
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/42/38?z=3724583
Requested by: Host: toglooman.com
URL: https://toglooman.com/1?z=3724583
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.196.30 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Jan 2021 05:59:45 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Content-Length: 0
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137362802-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2413
date: Thu, 21 Jan 2021 05:19:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 21 Jan 2021 07:19:32 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
800 B 82ms
80ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1611208785225286783878
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e54d02bbe8b26e5a94a06e87f7b9b777b82f458db09c8ec42dc1ea016115873

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: db92ec7c-59e9-4473-9d12-a23116521edd
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 614ecf9bbcbdfa6c-AMS
cf-request-id: 07c52015510000fa6ce386c000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 1ED3 19 B
313 B 72ms
72ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1611208785230842151444
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 3fc45d2d-99e3-4559-be51-0203402a41a5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 614ecf9bbcc3fa6c-AMS
cf-request-id: 07c52015540000fa6c950dc000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE3MzIyNDdmN2U2MzM1YTA3OWUxYzVkNGZiYjE1OGYxLmpwZz90PTE0OTc5ODEzMDQ3OTE.webp
s-img.mgid.com/g/3805577/492x328/0x25x1024x682/ 34 KB
34 KB 34ms
32ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805577/492x328/0x25x1024x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE3MzIyNDdmN2U2MzM1YTA3OWUxYzVkNGZiYjE1OGYxLmpwZz90PTE0OTc5ODEzMDQ3OTE.webp?v=1611208785-sSX77_WoQdmpuMuGpl2ufL3z4ZAqxrZ_qwNe2ALRAXI
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 701c2e06ddf5bd1771d0c5a3c75fe2cc0a349a2caa4aecd207ba365ab57c0cb9

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:45 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:24:50 GMT
x-mg-request-uuid: 26e0d469-146a-45a2-97ae-73ce9cb1eb37
age: 6395225
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 614ecf9bccd2fa6c-AMS
content-length: 34518
cf-request-id: 07c520155d0000fa6ce8920000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzE0NjA2MWZlNTI0OTAxZTU1ODZjZGNkYzI2ZTg3OTQ2LmpwZw.webp
s-img.mgid.com/g/4147878/492x328/53x53x1209x806/ 25 KB
25 KB 27ms
25ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4147878/492x328/53x53x1209x806/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0LzE0NjA2MWZlNTI0OTAxZTU1ODZjZGNkYzI2ZTg3OTQ2LmpwZw.webp?v=1611208785-4TTVCIwLojKVM_PvbDJe8Yi4GG6_0_Va4m36HtQ7mlo
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eee2de6c5e8b24ebf478eef350b786bd7dbcb6e1bd97117743ae0160c9612b39

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:45 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 02:31:31 GMT
x-mg-request-uuid: d6bf7de7-e0bb-403b-b4f9-cdddfb4ad42b
age: 6234326
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 614ecf9bcccffa6c-AMS
content-length: 25368
cf-request-id: 07c520155c0000fa6cdf811000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2FmNzNmOTExYzA0OWI2Y2NmZTRmN2M3YjFlOGQ5OWQzLmpwZz90PTE0OTc5ODQ5NjIzMjM.webp
s-img.mgid.com/g/3805589/492x328/0x158x799x532/ 13 KB
13 KB 33ms
31ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805589/492x328/0x158x799x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2FmNzNmOTExYzA0OWI2Y2NmZTRmN2M3YjFlOGQ5OWQzLmpwZz90PTE0OTc5ODQ5NjIzMjM.webp?v=1611208785-FYrgovsd00nrotdTTjRa694UXEIvkfTdauJEvYr0MKA
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2eba15eb8245896d2083fcffa94c68d1b1a0a292c2235f8ec4f75e867121255

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:45 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:12:57 GMT
x-mg-request-uuid: e6018c61-2521-4698-979c-011d450fe328
age: 6836303
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 614ecf9bccd1fa6c-AMS
content-length: 13220
cf-request-id: 07c520155e0000fa6cf612c000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzFiMmZkMDA2NDA5YWY3OTAyMzRjMzg5MTUyY2M0M2E3LmpwZz90PTE0OTgxNjEzMzk1MjM.webp
s-img.mgid.com/g/3805500/492x328/0x0x649x432/ 43 KB
43 KB 29ms
28ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805500/492x328/0x0x649x432/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzFiMmZkMDA2NDA5YWY3OTAyMzRjMzg5MTUyY2M0M2E3LmpwZz90PTE0OTgxNjEzMzk1MjM.webp?v=1611208785-56khvsswNoBQ86AOAU2mNB7bf_Th-lCAq5fy3rBNr_s
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99667717461573159c787cd17a57f4307b9ec9c9211d6bf82a18ac9733ee7bf2

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:45 GMT
cf-cache-status: HIT
last-modified: Wed, 07 Oct 2020 11:53:57 GMT
x-mg-request-uuid: 9ece34f7-6eae-4668-92e5-8fa638302836
age: 6570951
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 614ecf9bcccefa6c-AMS
content-length: 43610
cf-request-id: 07c520155c0000fa6cb80fc000000001
server: cloudflare

POST
H3-Q050 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
100 B 619ms
619ms XHR
text/html 180.131.147.94
DNS Filtering Pro...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 180.131.147.94 , Indonesia, ASN45719 (NAWALA-AS-ID Nawala Project - DNS Filtering Project, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:46 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.25
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H3-Q050 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 399ms
209ms Other
text/html 180.131.147.94
DNS Filtering Pro...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Server: 180.131.147.94 , Indonesia, ASN45719 (NAWALA-AS-ID Nawala Project - DNS Filtering Project, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.25
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.25
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Thu, 21 Jan 2021 05:59:45 GMT
server: LiteSpeed

OPTIONS
H3-Q050 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 210ms
210ms Other
text/html 180.131.147.94
DNS Filtering Pro...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Server: 180.131.147.94 , Indonesia, ASN45719 (NAWALA-AS-ID Nawala Project - DNS Filtering Project, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.25
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.25
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Thu, 21 Jan 2021 05:59:46 GMT
server: LiteSpeed

POST
H3-Q050 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
77 B 234ms
234ms XHR
text/html 180.131.147.94
DNS Filtering Pro...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 180.131.147.94 , Indonesia, ASN45719 (NAWALA-AS-ID Nawala Project - DNS Filtering Project, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:46 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.25
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5Mjg1Y2FiMDIyMDQ2ODE5NGIxNzU3ZTZmMzhjZDQ3LmpwZWc.webp
s-img.mgid.com/g/3944304/492x328/0x0x758x505/ 23 KB
24 KB 28ms
27ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3944304/492x328/0x0x758x505/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5Mjg1Y2FiMDIyMDQ2ODE5NGIxNzU3ZTZmMzhjZDQ3LmpwZWc.webp?v=1611208785-YVNlZthTLtMrRKxOJMzUOWyr23yNeL0dLyslIZ9ypy8
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80c617a07b4d70a5989a62e6e2c7e20b5806187205d05eb352c2042c9dd59669

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:46 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:22:53 GMT
x-mg-request-uuid: 3b73cb79-ca60-4e5c-8832-e5ef5801d594
age: 6755075
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 614ecfa2bcfcfa6c-AMS
content-length: 23892
cf-request-id: 07c52019b20000fa6cd4184000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdhNmVmOWZjNDc5MjZkMGI0NDMwYjQ2ZDQ1NjNlZWE2LmpwZWc.webp
s-img.mgid.com/g/3839411/492x328/16x0x600x400/ 10 KB
11 KB 29ms
28ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3839411/492x328/16x0x600x400/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdhNmVmOWZjNDc5MjZkMGI0NDMwYjQ2ZDQ1NjNlZWE2LmpwZWc.webp?v=1611208785-c5aIUanLuPByO9Eq1j3N53tbOq6WWrX_EtdERAu2I2c
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3c55c42001334a9c471412d88cb6c4be18ccf9bfcf7fb554c7430870e28c98e

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:46 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:13:32 GMT
x-mg-request-uuid: 5c70acc7-2e9a-4667-b11a-6591456def08
age: 6837963
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 614ecfa2bcfffa6c-AMS
content-length: 10610
cf-request-id: 07c52019b20000fa6c95111000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2ZiZjE5MDlmMTRjNzNhMWEzNGU5YTA3YWRmNGE5ZmM0LnBuZw.webp
s-img.mgid.com/g/4023144/492x328/278x0x828x552/ 16 KB
16 KB 30ms
29ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4023144/492x328/278x0x828x552/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2ZiZjE5MDlmMTRjNzNhMWEzNGU5YTA3YWRmNGE5ZmM0LnBuZw.webp?v=1611208785-01CoqSzoQ26x_aiZVpmdBg88Hcgc-gSayJm4njKrHRU
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10e74bc65c8669dcae7675a0fcbc5b14e1e0f36fda529eb0603027e04baa4b8f

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:46 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:13:33 GMT
x-mg-request-uuid: abd9b49d-0364-4a48-a556-7d236fb31459
age: 6746716
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 614ecfa2bd01fa6c-AMS
content-length: 15984
cf-request-id: 07c52019b20000fa6cec833000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzUwMGVmNGNjMDY4MWUwMDNhZjg3MDY3NGJlYzliYzFjLmpwZWc.webp
s-img.mgid.com/g/3864267/492x328/0x0x900x600/ 12 KB
12 KB 31ms
30ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3864267/492x328/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzUwMGVmNGNjMDY4MWUwMDNhZjg3MDY3NGJlYzliYzFjLmpwZWc.webp?v=1611208785-aBkmDFJ7T8Qeis22NUWnlPYMut26824qBiIYQjeRpsA
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2ab352df8e03d431fb3ea5844df665097d62ce99c67376ab3e807ac34fde249

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:46 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:14:02 GMT
x-mg-request-uuid: 8e3ff29b-b738-4041-8f17-bbae09b7c62d
age: 6485319
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 614ecfa2bd04fa6c-AMS
content-length: 12100
cf-request-id: 07c52019b30000fa6c9d280000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2MzYTgwOGFlOTJjN2YxZWU5YmY3ZDJkMWRkNTJlMjEwLmpwZw.webp
s-img.mgid.com/g/5097647/492x328/0x133x640x426/ 9 KB
9 KB 29ms
28ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097647/492x328/0x133x640x426/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2MzYTgwOGFlOTJjN2YxZWU5YmY3ZDJkMWRkNTJlMjEwLmpwZw.webp?v=1611208785-1SzHyyTFsYuNnD8u9c8V-ds3BAF7uzICIDi8Cx8k9SE
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35be878ccf31f7ce4e9f3dc86b447e07e6c52c09f80e224a065c578cf57f5b64

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:46 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:24:47 GMT
x-mg-request-uuid: 42c15b07-8b76-42c4-9b4a-63ba4c7d5354
age: 6661811
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 614ecfa2dd29fa6c-AMS
content-length: 8952
cf-request-id: 07c52019c20000fa6cf3943000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2YxMzYwMmJkNzdjYzk1ZTlkMDM0Mjg0ZGUzMGM2NGI3LmpwZWc.webp
s-img.mgid.com/g/3859212/492x328/0x0x1001x667/ 33 KB
33 KB 31ms
30ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3859212/492x328/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2YxMzYwMmJkNzdjYzk1ZTlkMDM0Mjg0ZGUzMGM2NGI3LmpwZWc.webp?v=1611208785-njFFbEgrouH1rkdFd2w-HK9D6uAqy3Kn7n2PLyUl-o4
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81c1fe535f45c0f4851a9df546d55e3d7f2186147a61983ed0fd3f7899479b95

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:46 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:15:10 GMT
x-mg-request-uuid: fd9bbf1e-aa40-49fe-b879-8488b2b188d3
age: 6489954
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 614ecfa2dd2dfa6c-AMS
content-length: 33544
cf-request-id: 07c52019c30000fa6cec834000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzkyZDEzN2RjNmVlZDZiNGMzNWNlYzI1MjcyYzg0YTY1LmpwZWc.webp
s-img.mgid.com/g/6288121/492x328/0x0x1025x683/ 11 KB
11 KB 53ms
52ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/6288121/492x328/0x0x1025x683/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzkyZDEzN2RjNmVlZDZiNGMzNWNlYzI1MjcyYzg0YTY1LmpwZWc.webp?v=1611208785-h_t834WhraypKKcHsTwZFOihlOE4Mlri0BP8o6BT-lA
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7572b67376e5f8d61fef4e362599115371f20217f0b3f0de4db24519cfdc8b42

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:46 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Oct 2020 08:05:34 GMT
x-mg-request-uuid: 5c4dee52-9be2-4489-88c8-66a9e6a4421a
age: 872109
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 614ecfa2ed45fa6c-AMS
content-length: 11096
cf-request-id: 07c52019d60000fa6c971a9000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc.webp
s-img.mgid.com/g/6288128/492x328/0x155x900x600/ 7 KB
7 KB 27ms
27ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/6288128/492x328/0x155x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc.webp?v=1611208785-y2GKhLQzOBphX8QJub4t_90aJ-yDmm9fsED6hpa_7qE
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89c715bab749f2438367b405207f80871f7df7d1d429fed4f6d103344759c8ed

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:46 GMT
cf-cache-status: HIT
last-modified: Wed, 07 Oct 2020 19:06:00 GMT
x-mg-request-uuid: 87441512-5d52-480c-8a17-7f1bcbdad488
age: 873392
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 614ecfa2ed47fa6c-AMS
content-length: 7490
cf-request-id: 07c52019d20000fa6cd8204000000001
server: cloudflare

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
65 B 43ms
12ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1427206530&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2FPQTZNTvCbL&ul=en-us&de=UTF-8&dt=UFC%20247%3A%20Jones%20vs%20Reyes%20-%20Paste.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1040831360&gjid=159798469&cid=924599896.1611208786&tid=UA-137362802-1&_gid=590909331.1611208786&_r=1&gtm=2ou1d0&z=697992132

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
26 B 13ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1427206530&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2FPQTZNTvCbL&ul=en-us&de=UTF-8&dt=UFC%20247%3A%20Jones%20vs%20Reyes%20-%20Paste.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUABAAAAAC~&jid=1053111889&gjid=1433735905&cid=924599896.1611208786&tid=UA-174907544-1&_gid=590909331.1611208786&_r=1&gtm=2ou1d0&z=1381215201

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M4MDcxMDI4MzE4M2VkYWU1NThlNTgyNjBkNTQ2M2U5LmpwZWc.webp
s-img.mgid.com/g/3887987/328x328/115x0x800x800/
Redirect Chain

https://c.mgid.com/c?pv=2&v=0|0|0|ckLWOdItVGX9AsxKcHDeNlnMFdpHPmKy-E84NG6EZkDPOBGsf6L83QhW2oMM8vTj&cid=756446&f=1&h2=eQSu2z1uT5JoYjgdTlNK7I9geXN6CnYy2f3MxA5iwbg*&rid=z3509488zb5920476bcBEcp2ph20210...
https://s-img.mgid.com/g/3887987/328x328/115x0x800x800/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M4MDcxMDI4MzE4M2VkYWU1NThlNTgyNjBkNTQ2M2U5LmpwZWc.webp?v=1611208785-1eMZnk9O8Emsjbdm0B-PZpM6...

7 KB
8 KB

30ms
29ms

Image
image/webp

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3887987/328x328/115x0x800x800/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M4MDcxMDI4MzE4M2VkYWU1NThlNTgyNjBkNTQ2M2U5LmpwZWc.webp?v=1611208785-1eMZnk9O8Emsjbdm0B-PZpM600mqxruQ46hwuZCftSU
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea8e99170d0a22c886a9446f165e3cfaff5e5d7855625668bf0af3c958ddfca4

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:46 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:43:10 GMT
x-mg-request-uuid: a2a235df-d6a5-4d96-8337-60f8aebe4033
age: 6658425
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 614ecfa41f0efa6c-AMS
content-length: 7646
cf-request-id: 07c5201a900000fa6c9d28a000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:46 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 71518398-e0f7-4c2f-987d-ab31523f6701
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.mgid.com/g/3887987/328x328/115x0x800x800/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M4MDcxMDI4MzE4M2VkYWU1NThlNTgyNjBkNTQ2M2U5LmpwZWc.webp?v=1611208785-1eMZnk9O8Emsjbdm0B-PZpM600mqxruQ46hwuZCftSU
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 614ecfa33d9cfa6c-AMS
cf-request-id: 07c5201a010000fa6ce8958000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc.webp
s-img.mgid.com/g/5097644/370x209/98x0x926x617/ 15 KB
16 KB 28ms
27ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097644/370x209/98x0x926x617/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc.webp?v=1611208785-5lTZXzTcsQ7sqPR4n1rPc8rADOmlMi7H0htUv6aXeGE
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7522233f2c537b24116b932a7685d680bfa5359064d0b8b3c7943b29860f093c

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:46 GMT
cf-cache-status: HIT
last-modified: Mon, 26 Oct 2020 13:43:59 GMT
x-mg-request-uuid: 17f35eb7-3ec9-459f-a449-7b6b97fb3b9f
age: 6743828
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 614ecfa38e29fa6c-AMS
content-length: 15846
cf-request-id: 07c5201a300000fa6cf6b5e000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2YxMzYwMmJkNzdjYzk1ZTlkMDM0Mjg0ZGUzMGM2NGI3LmpwZWc.webp
s-img.mgid.com/g/3859212/370x209/0x0x1001x667/ 14 KB
15 KB 31ms
30ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3859212/370x209/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2YxMzYwMmJkNzdjYzk1ZTlkMDM0Mjg0ZGUzMGM2NGI3LmpwZWc.webp?v=1611208785-qd1jnoTlnWwp_olIgT2O_PNG_aO6uGx25OnyhqgSrQE
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48d281bf20a852762421b3f5771785a3d2e160eeea9acde4d804bf72dd3a2b38

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:46 GMT
cf-cache-status: HIT
last-modified: Mon, 26 Oct 2020 13:42:43 GMT
x-mg-request-uuid: ae2aa1ae-6bc2-4e8b-be72-732fc08ce722
age: 6667717
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 614ecfa38e2afa6c-AMS
content-length: 14756
cf-request-id: 07c5201a310000fa6ce0b46000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzYxZmVkYzMyZGFjOGYwMjBkMjkwYmZmZjUzNGZkMmVmLmpwZWc.webp
s-img.mgid.com/g/3860767/370x209/0x23x1024x682/ 21 KB
21 KB 29ms
28ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3860767/370x209/0x23x1024x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzYxZmVkYzMyZGFjOGYwMjBkMjkwYmZmZjUzNGZkMmVmLmpwZWc.webp?v=1611208785-08uKbhbBQohoX71EYwdTWiQUU_yXSItKmGRvuFUhrD0
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72ffe266421439e187050a9c1c196a5557e3362f0237d7288128c5ee08f35c8a

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:46 GMT
cf-cache-status: HIT
last-modified: Mon, 26 Oct 2020 14:00:32 GMT
x-mg-request-uuid: 90617c20-763f-48cd-963f-7bae1a31f950
age: 76068
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 614ecfa38e2bfa6c-AMS
content-length: 21372
cf-request-id: 07c5201a310000fa6c9918b000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU.webp
s-img.mgid.com/g/3805584/370x209/0x164x2046x1364/ 4 KB
5 KB 28ms
28ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805584/370x209/0x164x2046x1364/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU.webp?v=1611208785-G3Ny7WAQjdUrTPMphD9QzCOu_tua6a3nR9JKBIu4zVU
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c3f40d07f8f57e3ccbd37043b2e31533f0a9e1cb4066c533a469302e71036bb

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:46 GMT
cf-cache-status: HIT
last-modified: Sun, 01 Nov 2020 19:43:34 GMT
x-mg-request-uuid: 7d3a5dae-24ac-40ba-afa8-badf7ef096f6
age: 872537
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 614ecfa38e2cfa6c-AMS
content-length: 4588
cf-request-id: 07c5201a310000fa6cf394a000000001
server: cloudflare

OPTIONS
H/1.1 204
No Content 9
toglooman.com/ Frame 0
0 78ms
19ms Other 139.45.196.30
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=3724583&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaste.co.id%2FPQTZNTvCbL&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=&hil=2&ist=0
Protocol: HTTP/1.1
Server: 139.45.196.30 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 21 Jan 2021 05:59:46 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 online.js Show response
static.lalaping.com/ 84 KB
33 KB 38ms
16ms Script
application/javascript 2606:4700:20::681a:97b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lalaping.com/online.js?ver=2.0.0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/aa21ffd5bd79b60231a399dbeece7720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:97b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 17:10:39 GMT
server: cloudflare
age: 1452
etag: W/"5fbbed0f-14f3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t9TYNamqvVJjN5GX4fNhPMI1IAifK5qZQk7Ik4sMmuwyi33dt3mni39MNbTMMpTD4LCNSQmvN7qbfQAsp0J1zkk46rVXFL9P3Daest5HpRvlL6psQG4K2ViqztUJABVo"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 614ecfa409f64a97-FRA
cf-request-id: 07c5201a8a00004a97f991a000000001

POST
H/1.1 204
No Content 9 Show response
toglooman.com/ 0
768 B 23ms
22ms XHR
application/javascript 139.45.196.30
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=3724583&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaste.co.id%2FPQTZNTvCbL&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=&hil=2&ist=0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/aa21ffd5bd79b60231a399dbeece7720
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.196.30 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Thu, 21 Jan 2021 05:59:46 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
85 B 18ms
17ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-137362802-1&cid=924599896.1611208786&jid=1040831360&gjid=159798469&_gid=590909331.1611208786&_u=IEBAAUAAAAAAAC~&z=224214646

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 21 Jan 2021 05:59:46 GMT
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame E832
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

79ms
25ms

Document
text/html

104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1611208785225286783878
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://paste.co.id/PQTZNTvCbL
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/PQTZNTvCbL

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Thu, 21 Jan 2021 05:59:46 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Thu, 21 Jan 2021 05:59:46 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDBrSlc4bmY3TVhs&muidn=l0kJW8nf7MXl
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDBrSlc4bmY3TVhs&muidn=l0kJW8nf7MXl&google_tc=
https://cm.mgid.com/google?muidn=l0kJW8nf7MXl&google_ula={guid},5&google_gid=CAESEN_BaYlsMMPzWvk4VHXLN2Q&google_cver=1

0
253 B

80ms
80ms

Image
text/plain

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l0kJW8nf7MXl&google_ula={guid},5&google_gid=CAESEN_BaYlsMMPzWvk4VHXLN2Q&google_cver=1
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 614ecfa5685efa6c-AMS
cf-request-id: 07c5201b650000fa6ce38b7000000001

Redirect headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l0kJW8nf7MXl&google_ula={guid},5&google_gid=CAESEN_BaYlsMMPzWvk4VHXLN2Q&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=5a6a2f84-4946-40d1-a71e-26c933ab5c95&ttl=1613800786

43 B
290 B

71ms
71ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=5a6a2f84-4946-40d1-a71e-26c933ab5c95&ttl=1613800786
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:46 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 3d1f5f70-1b9f-45c1-9a83-92a9a97300f0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 614ecfa5281efa6c-AMS
cf-request-id: 07c5201b3b0000fa6cd8212000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:46 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=5a6a2f84-4946-40d1-a71e-26c933ab5c95&ttl=1613800786
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=af0cbafa-411e-4f44-990e-d3b700d8fe4b
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=af0cbafa-411e-4f44-990e-d3b700d8fe4b
https://cm.mgid.com/m?cdsp=433145&c=af0cbafa-411e-4f44-990e-d3b700d8fe4b&gdpr=&gdpr_consent=&us_privacy=

43 B
623 B

72ms
72ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=af0cbafa-411e-4f44-990e-d3b700d8fe4b&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:47 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 90154511-afd7-4163-b8d9-5c7fcaaeb7f0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 614ecfa70a71fa6c-AMS
cf-request-id: 07c5201c660000fa6cd6079000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=af0cbafa-411e-4f44-990e-d3b700d8fe4b&gdpr=&gdpr_consent=&us_privacy=
date: Thu, 21 Jan 2021 05:59:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

RX-44c9734a-7d9e-47b8-be6a-52269f5487b9-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l0kJW8nf7MXl
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l0kJW8nf7MXl
https://sync.1rx.io/usersync/bidswitch/af0cbafa-411e-4f44-990e-d3b700d8fe4b?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/af0cbafa-411e-4f44-990e-d3b700d8fe4b?zcc=1&dspret=0&cb=1611208786798
https://sync.targeting.unrulymedia.com/csync/RX-44c9734a-7d9e-47b8-be6a-52269f5487b9-003

43 B
452 B

97ms
20ms

Image
image/gif

213.19.147.150
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-44c9734a-7d9e-47b8-be6a-52269f5487b9-003
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.150 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:59:47 GMT
Server: Tengine
Connection: keep-alive
Content-Length: 43
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma: no-cache
Date: Thu, 21 Jan 2021 05:59:46 GMT
Server: Tengine
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://sync.targeting.unrulymedia.com/csync/RX-44c9734a-7d9e-47b8-be6a-52269f5487b9-003
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
556 B 152ms
67ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l0kJW8nf7MXl
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 614ecfa4ba1d0b43-AMS
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 07c5201af000000b4380255000000001

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=S5JDvS0gvANUkCElvs1P&pi=mgid&tc=1

43 B
298 B

71ms
71ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=S5JDvS0gvANUkCElvs1P&pi=mgid&tc=1
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:46 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: cc59d416-44e9-4a9f-87be-ed4ff95f13a0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 614ecfa4ffeafa6c-AMS
cf-request-id: 07c5201b1d0000fa6cf3954000000001
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=S5JDvS0gvANUkCElvs1P&pi=mgid&tc=1
pragma: no-cache
date: Thu, 21 Jan 2021 05:59:46 GMT, Thu, 21 Jan 2021 05:59:46 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
558 B 164ms
79ms Image
image/gif 104.19.216.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l0kJW8nf7MXl
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:46 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 614ecfa4bb381ece-AMS
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 07c5201af100001ece8317d000000001

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-137362802-1&cid=924599896.1611208786&jid=1040831360&_u=IEBAAUAAAAAAAC~&z=454334783

Requested by

Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 19ms
18ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-137362802-1&cid=924599896.1611208786&jid=1040831360&_u=IEBAAUAAAAAAAC~&z=454334783

Requested by

Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK custom
seeptoag.net/ Frame 0
0 19ms
19ms Other
text/plain 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 21 Jan 2021 05:59:46 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
seeptoag.net/ 39 B
486 B 46ms
46ms Fetch
application/json 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 1564af2212be5a7b7ef0148e5d183bfa
Date: Thu, 21 Jan 2021 05:59:46 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H/1.1 200
OK gid.js Show response
my.rtmark.net/ 65 B
769 B 111ms
22ms Fetch
application/json 139.45.197.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=403bfd8160f3495ea73242aec62d8a2a&zoneId=3534037&checkDuplicate=true&ymid=&var=

Requested by

Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.8 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

366574acfbb6c45f0fa3b734fc1931c3189c41afc0160bb3be298f9156bcaf78

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 21 Jan 2021 05:59:46 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 65

GET
H3-Q050 200 googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 5 KB
5 KB 45ms
30ms Image
image/png 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5087
x-xss-protection: 0
expires: Thu, 21 Jan 2021 05:59:46 GMT

GET
H3-Q050 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 47ms
30ms Image
image/png 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5969
x-xss-protection: 0
expires: Thu, 21 Jan 2021 05:59:46 GMT

GET
H3-Q050 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 13 KB
14 KB 43ms
27ms Image
image/png 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13504
x-xss-protection: 0
expires: Thu, 21 Jan 2021 05:59:46 GMT

GET
H3-Q050 200 googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 7 KB
7 KB 44ms
28ms Image
image/png 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
expires: Thu, 21 Jan 2021 05:59:46 GMT

GET
H3-Q050 200 googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 4 KB
4 KB 44ms
29ms Image
image/png 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3934
x-xss-protection: 0
expires: Thu, 21 Jan 2021 05:59:46 GMT

GET
H/1.1 200
OK defaultSkin.min.js Show response
seeptoag.net/pfe/current/ 56 KB
19 KB 24ms
24ms Fetch
application/javascript 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/pfe/current/defaultSkin.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 21 Jan 2021 05:59:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-de6b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ Frame E9B9 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H/1.1 200
OK custom
seeptoag.net/ Frame 0
0 19ms
18ms Other
text/plain 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 21 Jan 2021 05:59:46 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
seeptoag.net/ 39 B
486 B 51ms
51ms Fetch
application/json 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 1a316d21bb4b8c5eae6f075ce90c1ffa
Date: Thu, 21 Jan 2021 05:59:46 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
seeptoag.net/ Frame 0
0 19ms
19ms Other
text/plain 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 21 Jan 2021 05:59:47 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
seeptoag.net/ 39 B
486 B 21ms
21ms Fetch
application/json 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/PQTZNTvCbL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: ac291122e9cca266f839941bf321b6fc
Date: Thu, 21 Jan 2021 05:59:47 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H2 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 624ms
238ms Other
text/html 180.131.147.94
DNS Filtering Pro...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H2
Server: 180.131.147.94 , Indonesia, ASN45719 (NAWALA-AS-ID Nawala Project - DNS Filtering Project, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.25
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.25
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Thu, 21 Jan 2021 05:59:47 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

POST
H3-Q050 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
102 B 1696ms
289ms XHR
text/html 180.131.147.94
DNS Filtering Pro...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 180.131.147.94 , Indonesia, ASN45719 (NAWALA-AS-ID Nawala Project - DNS Filtering Project, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:49 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.25
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 c
c.mgid.com/ 43 B
233 B 81ms
81ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=202|219|8|fOdZpgku58nGuA3N9b7swC2f9zhutoClbHMVDuLVXv80RtW3bMg_Jn_4a2ueooLJ&fw=1&extjs=66044&v=202|219|8|fOdZpgku58nGuA3N9b7swBQuzs1y9Qz_mz--5t8u311bHiKH_dc4eGU5eYwUE0vT&v=202|219|8|fOdZpgku58nGuA3N9b7swA4QTN-4QHXQ_WvkMtnYg9naeA6Lf6-3tRvY5m0oMIRP&v=202|219|40|fOdZpgku58nGuA3N9b7swCatUVUbW-7JA7WvWUtuV3m0uhH_cEGXjpMsKIe8N662&cid=997452&h2=eQSu2z1uT5JoYjgdTlNK7I9geXN6CnYy2f3MxA5iwbg*&rid=dc6aae75-5bad-11eb-a9d6-d094662c24f7&tt=Direct&iv=11&pageImp=1&muid=l0kJW8nf7MXl&cbuster=1611208787619245927665&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:47 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 67f3d870-10ba-45ed-adcf-cdd0d720248d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 614ecfaaaf3bfa6c-AMS
cf-request-id: 07c5201ea90000fa6cad1b7000000001
server: cloudflare

GET
H2 200 c
c.mgid.com/ 43 B
153 B 82ms
81ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?pv=3&v=90|213|24|fOdZpgku58nGuA3N9b7swFCEUwML50FBbqXSMzGfunjmBNhdxtQvifewoUMFfeeQ&fw=1&extjs=66044&v=90|213|24|fOdZpgku58nGuA3N9b7swBIBhbiA5CLe0rwPDynVRqL7x76NQi_Gm6rsYhKrMJth&cid=997452&h2=eQSu2z1uT5JoYjgdTlNK7I9geXN6CnYy2f3MxA5iwbg*&rid=dc7a137a-5bad-11eb-aca4-d09466576dad&tt=Direct&iv=11&pageImp=0&muid=l0kJW8nf7MXl&cbuster=1611208787626423139224&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:47 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 5eb4b598-1b68-437c-9cff-cb232505f8cd
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 614ecfaabf44fa6c-AMS
cf-request-id: 07c5201eb10000fa6c00bf6000000001
server: cloudflare

OPTIONS
H/1.1 200
OK add
o.wowreality.info/api/log/ Frame 0
0 67ms
19ms Other 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Protocol: HTTP/1.1
Server: 139.45.195.254 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 21 Jan 2021 05:59:47 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://paste.co.id

POST
H/1.1 200
OK add Show response
o.wowreality.info/api/log/ 0
398 B 78ms
38ms XHR
text/plain 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Requested by: Host: static.lalaping.com
URL: https://static.lalaping.com/online.js?ver=2.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

Date: Thu, 21 Jan 2021 05:59:48 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length: 0

OPTIONS
H3-Q050 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 255ms
255ms Other
text/html 180.131.147.94
DNS Filtering Pro...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Server: 180.131.147.94 , Indonesia, ASN45719 (NAWALA-AS-ID Nawala Project - DNS Filtering Project, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.25
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.25
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Thu, 21 Jan 2021 05:59:48 GMT
server: LiteSpeed

POST
H3-Q050 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
101 B 258ms
228ms XHR
text/html 180.131.147.94
DNS Filtering Pro...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 180.131.147.94 , Indonesia, ASN45719 (NAWALA-AS-ID Nawala Project - DNS Filtering Project, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:48 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.25
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK dbHOsZWFfoCqfoZwVeaSja6rxLLNBsCLFo0fxsGqAJ-jxQDsUADmZHriboesUzxOyYSmLN09pVCtUjJVC8dCpxSS8or5DsPKYjcJ5Cts5nFtX5wCCK5NE-Xdog1t1T_NqO_GxQi543R-F2SqYhS-i_IN1-NoY1zlPTFW4KRI9t0woa0CIe5AW61AFvTxv2HkCQopv...
onstunkyr.com/impression/ 43 B
482 B 86ms
21ms Image
image/gif 139.45.195.57
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onstunkyr.com/impression/dbHOsZWFfoCqfoZwVeaSja6rxLLNBsCLFo0fxsGqAJ-jxQDsUADmZHriboesUzxOyYSmLN09pVCtUjJVC8dCpxSS8or5DsPKYjcJ5Cts5nFtX5wCCK5NE-Xdog1t1T_NqO_GxQi543R-F2SqYhS-i_IN1-NoY1zlPTFW4KRI9t0woa0CIe5AW61AFvTxv2HkCQopvEeqLuGsbAsFjzno9czh6Anxli9y5pq0Y826_vQlnjJC?z=3509488&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fpaste.co.id%2FPQTZNTvCbL&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.57 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 7f41dcf48b2acdbd8c70bd19cdd6c726
Pragma: no-cache
Date: Thu, 21 Jan 2021 05:59:54 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: image/gif
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Vary: Origin
Content-Length: 43
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M4MDcxMDI4MzE4M2VkYWU1NThlNTgyNjBkNTQ2M2U5LmpwZWc.webp
s-img.mgid.com/g/3887987/328x328/115x0x800x800/ Frame DA1C
Redirect Chain

https://c.mgid.com/c?pv=2&v=0|0|0|ckLWOdItVGX9AsxKcHDeNlnMFdpHPmKy-E84NG6EZkDPOBGsf6L83QhW2oMM8vTj&cid=756446&f=1&h2=eQSu2z1uT5JoYjgdTlNK7I9geXN6CnYy2f3MxA5iwbg*&rid=z3509488zb5920476bcBEcp2ph20210...
https://s-img.mgid.com/g/3887987/328x328/115x0x800x800/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M4MDcxMDI4MzE4M2VkYWU1NThlNTgyNjBkNTQ2M2U5LmpwZWc.webp?v=1611208785-1eMZnk9O8Emsjbdm0B-PZpM6...

7 KB
8 KB

36ms
36ms

Image
image/webp

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3887987/328x328/115x0x800x800/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M4MDcxMDI4MzE4M2VkYWU1NThlNTgyNjBkNTQ2M2U5LmpwZWc.webp?v=1611208785-1eMZnk9O8Emsjbdm0B-PZpM600mqxruQ46hwuZCftSU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea8e99170d0a22c886a9446f165e3cfaff5e5d7855625668bf0af3c958ddfca4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:54 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:43:10 GMT
x-mg-request-uuid: a2a235df-d6a5-4d96-8337-60f8aebe4033
age: 6658433
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 614ecfd80e50fa6c-AMS
content-length: 7646
cf-request-id: 07c5203b0a0000fa6cbe3d7000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:54 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 03d02637-f5e5-4227-9a42-33de2ead51b7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.mgid.com/g/3887987/328x328/115x0x800x800/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M4MDcxMDI4MzE4M2VkYWU1NThlNTgyNjBkNTQ2M2U5LmpwZWc.webp?v=1611208785-1eMZnk9O8Emsjbdm0B-PZpM600mqxruQ46hwuZCftSU
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 614ecfd79dbffa6c-AMS
cf-request-id: 07c5203ac10000fa6ca6263000000001
server: cloudflare

GET
H/1.1 200
OK 3509488 Show response
inpagepush.com/500/ 1005 B
2 KB 128ms
89ms XHR
application/javascript 139.45.196.72
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3509488?excludes=5920476&oaid=baf91f9d49b543e0bbc541f230ec0793&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&pl=https%3A%2F%2Fpaste.co.id%2FPQTZNTvCbL&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.72 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

57d7bed772236c964620ed4006e8b0a23d6132268c017615f78c489c5ad495d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 21 Jan 2021 05:59:55 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 1005
X-Trace-Id: a73bdd94f72e26b54f727e3e078eb363
Pragma: no-cache
Server: nginx
Vary: Origin
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H/1.1 200
OK 3509488
inpagepush.com/500/ Frame 0
0 103ms
19ms Other 139.45.196.72
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Server

139.45.196.72 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 21 Jan 2021 05:59:55 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Max-Age: 300
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *

GET
H2 200 0276441336168.png
littlecdn.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/ 6 KB
7 KB 23ms
10ms Image
image/png 2606:4700:10::6816:1974
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/0276441336168.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b3e928c0bf59b7e48ad949290f60585d1cbe2f43fe80aa8b560af4c7ff5d159

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 05:59:55 GMT
cf-cache-status: HIT
age: 4461
content-length: 6498
cf-request-id: 07c5203c5c0000062d5997c000000001
last-modified: Fri, 07 Feb 2020 15:37:35 GMT
server: cloudflare
etag: "5e3d843f-1962"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 614ecfda28a9062d-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

POST
H2 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
85 B 262ms
262ms XHR
text/html 180.131.147.94
DNS Filtering Pro...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 180.131.147.94 , Indonesia, ASN45719 (NAWALA-AS-ID Nawala Project - DNS Filtering Project, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:55 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.25
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H2 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 207ms
207ms Other
text/html 180.131.147.94
DNS Filtering Pro...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H2
Server: 180.131.147.94 , Indonesia, ASN45719 (NAWALA-AS-ID Nawala Project - DNS Filtering Project, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.25
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.25
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Thu, 21 Jan 2021 05:59:55 GMT
server: LiteSpeed

POST
H2 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
109 B 241ms
240ms XHR
text/html 180.131.147.94
DNS Filtering Pro...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 180.131.147.94 , Indonesia, ASN45719 (NAWALA-AS-ID Nawala Project - DNS Filtering Project, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:56 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.25
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H2 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 211ms
210ms Other
text/html 180.131.147.94
DNS Filtering Pro...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H2
Server: 180.131.147.94 , Indonesia, ASN45719 (NAWALA-AS-ID Nawala Project - DNS Filtering Project, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.25
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.25
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Thu, 21 Jan 2021 05:59:56 GMT
server: LiteSpeed

POST
H2 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
110 B 239ms
239ms XHR
text/html 180.131.147.94
DNS Filtering Pro...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 180.131.147.94 , Indonesia, ASN45719 (NAWALA-AS-ID Nawala Project - DNS Filtering Project, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:57 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.25
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H2 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 254ms
253ms Other
text/html 180.131.147.94
DNS Filtering Pro...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H2
Server: 180.131.147.94 , Indonesia, ASN45719 (NAWALA-AS-ID Nawala Project - DNS Filtering Project, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.25
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.25
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Thu, 21 Jan 2021 05:59:57 GMT
server: LiteSpeed

POST
H2 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
110 B 242ms
242ms XHR
text/html 180.131.147.94
DNS Filtering Pro...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 180.131.147.94 , Indonesia, ASN45719 (NAWALA-AS-ID Nawala Project - DNS Filtering Project, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/PQTZNTvCbL
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 21 Jan 2021 05:59:58 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.25
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H2 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 231ms
231ms Other
text/html 180.131.147.94
DNS Filtering Pro...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H2
Server: 180.131.147.94 , Indonesia, ASN45719 (NAWALA-AS-ID Nawala Project - DNS Filtering Project, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.25
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.25
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Thu, 21 Jan 2021 05:59:58 GMT
server: LiteSpeed

POST nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ 0
0

OPTIONS
H2 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 204ms
203ms Other
text/html 180.131.147.94
DNS Filtering Pro...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H2
Server: 180.131.147.94 , Indonesia, ASN45719 (NAWALA-AS-ID Nawala Project - DNS Filtering Project, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.25
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.25
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Thu, 21 Jan 2021 05:59:59 GMT
server: LiteSpeed

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: arnalyze.net
URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js(Line 1) Message: [object HTMLImageElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ams.creativecdn.com
arnalyze.net
bedrapiona.com
berkas.co
bidswitch-eu.splicky.com
c.mgid.com
cdn.mgid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
iclickcdn.com
inpagepush.com
jsc.mgid.com
littlecdn.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
my.rtmark.net
o.wowreality.info
onmarshtompor.com
onstunkyr.com
paste.co.id
s-img.mgid.com
secure-assets.rubiconproject.com
seeptoag.net
servicer.mgid.com
static.lalaping.com
stats.g.doubleclick.net
sync.1rx.io
sync.targeting.unrulymedia.com
toglooman.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.qrcoder.co.uk
x.bidswitch.net
arnalyze.net
104.108.50.124
104.16.221.74
104.19.133.78
104.19.216.61
109.203.125.88
139.45.195.254
139.45.195.57
139.45.195.82
139.45.196.108
139.45.196.209
139.45.196.30
139.45.196.72
139.45.197.8
172.217.16.162
173.249.18.21
18.195.193.185
180.131.147.94
184.24.15.122
185.184.8.30
2001:4de0:ac19::1:b:2a
213.19.147.150
2606:4700:10::6816:1974
2606:4700:20::681a:97b
2606:4700:20::681a:d76
2606:4700::6810:135e
2a00:1450:4001:800::200e
2a00:1450:4001:802::2003
2a00:1450:4001:802::200a
2a00:1450:4001:803::2002
2a00:1450:4001:808::2004
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2003
2a00:1450:4001:815::200e
2a00:1450:4001:816::2008
2a00:1450:4001:818::2008
2a00:1450:4001:821::200a
2a00:1450:400c:c08::9b
5.189.137.168
54.228.21.183
94.130.12.122
008d5a9d53c757fadb7b3858ecdaa1f288bf20f9cb8baddc0a4d7babb2169369
073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669
0b3e928c0bf59b7e48ad949290f60585d1cbe2f43fe80aa8b560af4c7ff5d159
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10e74bc65c8669dcae7675a0fcbc5b14e1e0f36fda529eb0603027e04baa4b8f
140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
297b33ba930feb975c6869804a999ec114c2235b151d019e4e844902f3ce41c4
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
3395f34890f7a118cabaf593ace676cc842da39dc910a64de6a700a6a37e85f8
35be878ccf31f7ce4e9f3dc86b447e07e6c52c09f80e224a065c578cf57f5b64
36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6
366574acfbb6c45f0fa3b734fc1931c3189c41afc0160bb3be298f9156bcaf78
3e54d02bbe8b26e5a94a06e87f7b9b777b82f458db09c8ec42dc1ea016115873
3f55d8fabc2e02c2cff7ae8cba38b6a2c2fb220567de09b0450c290bf89fbb3f
40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3
48d281bf20a852762421b3f5771785a3d2e160eeea9acde4d804bf72dd3a2b38
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52f8bbea1f4d10a35bd29422b296e15d6d86ace05e21e18c798038dc3f50a677
532ebb63b21f25cd2321d533fa378e22801af099c6b8b115d66f5fb2a9b9f482
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
57d7bed772236c964620ed4006e8b0a23d6132268c017615f78c489c5ad495d7
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5eb58957336c213965803eb8f38617c70deea70a22470a4e66a0712a870e9c09
608804b0adb56d57d8cadd4e0bed1a85d71995b18b7af443e904ab862e067249
6386d56a5db7c9252120e03372cccabea712109bc60d16790ae520e40263c7c0
65aedd843259c8952425f29d342411f19c9cd8f9d4956c1a28093834e77dc0c7
6b3eaa5469d97186021c59f57f686280442d9f37c9706838f3816b13fb2b7f95
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c3f40d07f8f57e3ccbd37043b2e31533f0a9e1cb4066c533a469302e71036bb
6d85189d6bb0bbafeab584b658483689630c0393c3be7f1bae6d2673c0957160
701c2e06ddf5bd1771d0c5a3c75fe2cc0a349a2caa4aecd207ba365ab57c0cb9
72ffe266421439e187050a9c1c196a5557e3362f0237d7288128c5ee08f35c8a
7522233f2c537b24116b932a7685d680bfa5359064d0b8b3c7943b29860f093c
7572b67376e5f8d61fef4e362599115371f20217f0b3f0de4db24519cfdc8b42
775144e9227bb6dabd93619be2bd4035860f7cbc3f74de37adbd01565941db8d
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a42637f433656279254fc91082a1398b6544ac1157f3deb938b5bed604045af
80c617a07b4d70a5989a62e6e2c7e20b5806187205d05eb352c2042c9dd59669
81c1fe535f45c0f4851a9df546d55e3d7f2186147a61983ed0fd3f7899479b95
8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b
83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045
8574d591615c183331795e7a7d13f68014669366908670ea0b29cabe922c18bd
89c715bab749f2438367b405207f80871f7df7d1d429fed4f6d103344759c8ed
8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716
900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75
99667717461573159c787cd17a57f4307b9ec9c9211d6bf82a18ac9733ee7bf2
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
9eba1dfe1f84fed6ec0c7b50bdabaffd74ff329520dc329cd08d636b85d3947f
9ed94600f1118c77d5c8d509705462039cded560a4913517afbca5b6920b0bce
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a
b3c55c42001334a9c471412d88cb6c4be18ccf9bfcf7fb554c7430870e28c98e
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
c4cdb4472d6a8be04a0e81dd67b103b0fdf19134592df20be9f145b814a7397d
c9625041c8a7a1e053e36d006f0613dfb5ea0bb81fd81c011fbc34a30c3cd55f
cbb5ec97796ace8b312817a4f214cd37c8461856f9ebf5e2475a52cb00471451
cf44440b5a5d9f372b338ca5859fa02f7a8997b19bfe709fff0bd40a6d6f7f79
cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58
d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517
d801a7aee4bfe2c958fd643f0cbeec4594298233004ada814fbff90eeb0b1c0b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddb9b800b28662d6f0db9e719891851fa3cb9c877161758fb5fe3cf0195bf03e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e28cb7cb138dc164989f739ffcbb81145ae30fe4eaa305f9c749d66329d7a25a
e2ab352df8e03d431fb3ea5844df665097d62ce99c67376ab3e807ac34fde249
e2eba15eb8245896d2083fcffa94c68d1b1a0a292c2235f8ec4f75e867121255
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ea8e99170d0a22c886a9446f165e3cfaff5e5d7855625668bf0af3c958ddfca4
eee2de6c5e8b24ebf478eef350b786bd7dbcb6e1bd97117743ae0160c9612b39
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6cb2c4c9c079acc6d20bb301334911ce189df64c8db2efb2ea1b99df30f206c
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

paste.co.id Open in urlscan Pro 5.189.137.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

129 Requests

99 %HTTPS

44 %IPv6

34 Domains

42 Subdomains

35 IPs

9 Countries

2319 kBTransfer

3646 kBSize

0 Cookies

58 Outgoing links

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paste.co.id Open in urlscan Pro
5.189.137.168 Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

99 %
HTTPS

44 %
IPv6

34
Domains

42
Subdomains

35
IPs

9
Countries

2319 kB
Transfer

3646 kB
Size

0
Cookies

129 HTTP transactions
3 data transactions