paste.co.id Open in urlscan Pro
5.189.137.168 Public Scan

URL:
https://paste.co.id/OoDWFPYnpD
Submission: On July 27 via manual (July 27th 2021, 6:26:40 am UTC) from RO

Summary HTTP 137 Redirects Links 59 Behaviour Indicators

Summary

This website contacted 38 IPs in 7 countries across 39 domains to perform 137 HTTP transactions. The main IP is 5.189.137.168, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is paste.co.id.
TLS certificate: Issued by R3 on June 22nd 2021. Valid for: 3 months.

This is the only time paste.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	5.189.137.168 5.189.137.168	51167 (CONTABO) (CONTABO)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
6	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
10	139.45.196.145 139.45.196.145	9002 (RETN-AS) (RETN-AS)
19	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	109.203.125.88 109.203.125.88	31727 (NODE4-AS) (NODE4-AS)
3	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4b09	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.197.234 139.45.197.234	9002 (RETN-AS) (RETN-AS)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	139.45.196.136 139.45.196.136	9002 (RETN-AS) (RETN-AS)
6	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
2	139.45.197.243 139.45.197.243	9002 (RETN-AS) (RETN-AS)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2 5	13.224.111.48 13.224.111.48	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:97b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
9	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	109.206.188.82 109.206.188.82	50245 (SERVEREL-AS) (SERVEREL-AS)
3 9	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
5 5	35.157.197.70 35.157.197.70	16509 (AMAZON-02) (AMAZON-02)
2 3	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.19.216.61 104.19.216.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	139.45.197.156 139.45.197.156	9002 (RETN-AS) (RETN-AS)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
2	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
2	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
137	38

16 5.189.137.168 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi465240.contaboserver.net

paste.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dozubatan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.196.145 (United Kingdom)

ASN9002 (RETN-AS, GB)

seeptoag.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.19.132.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.203.125.88 (United Kingdom)

ASN31727 (NODE4-AS, GB)
PTR: server.switchtowood.co.uk

www.qrcoder.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4b09 (United States)

ASN13335 (CLOUDFLARENET, US)

iclickcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.234 (United Kingdom)

ASN9002 (RETN-AS, GB)

bedrapiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.196.136 (United Kingdom)

ASN9002 (RETN-AS, GB)

pseepsie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

toglooman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
itgiblean.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)

onmarshtompor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.111.48 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-48.mad50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:97b (United States)

ASN13335 (CLOUDFLARENET, US)

static.lalaping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.19.135.78 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.188.82 (Netherlands) 1 redirects

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.188.82.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.165 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.157.197.70 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-197-70.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.216.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.156 (United Kingdom)

ASN9002 (RETN-AS, GB)

static.cdnativepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

o.wowreality.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	mgid.com jsc.mgid.com c.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com	229 KB
16	paste.co.id paste.co.id	416 KB
13	rubiconproject.com 5 redirects secure-assets.rubiconproject.com eus.rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com pixel-eu.rubiconproject.com	17 KB
10	seeptoag.net seeptoag.net	65 KB
9	google.com adservice.google.com www.google.com	36 KB
9	doubleclick.net 2 redirects googleads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net	12 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	175 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	scorecardresearch.com 2 redirects sb.scorecardresearch.com	3 KB
5	toglooman.com toglooman.com	124 KB
5	inpagepush.com inpagepush.com	32 KB
4	cloudflare.com cdnjs.cloudflare.com	49 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	rtmark.net my.rtmark.net	2 KB
3	google.de adservice.google.de www.google.de	1 KB
3	pseepsie.com pseepsie.com	45 KB
2	wowreality.info o.wowreality.info	398 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	630 B
2	yahoo.com 1 redirects pr-bh.ybp.yahoo.com ads.yahoo.com	1 KB
2	cdnativepush.com static.cdnativepush.com	7 KB
2	betweendigital.com 2 redirects ads.betweendigital.com	1 KB
2	creativecdn.com 2 redirects creativecdn.com	687 B
2	onmarshtompor.com onmarshtompor.com	2 KB
2	googletagmanager.com www.googletagmanager.com	79 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	84 KB
1	itgiblean.com itgiblean.com	325 B
1	mathtag.com 1 redirects sync.mathtag.com	611 B
1	rlcdn.com id.rlcdn.com	66 B
1	lentainform.com cm.lentainform.com	496 B
1	idealmedia.io cm.idealmedia.io	414 B
1	e-volution.ai 1 redirects sync.e-volution.ai	463 B
1	lalaping.com static.lalaping.com	34 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	googleadservices.com partner.googleadservices.com	657 B
1	dozubatan.com dozubatan.com	30 KB
1	bedrapiona.com bedrapiona.com	2 KB
1	iclickcdn.com iclickcdn.com	22 KB
1	qrcoder.co.uk www.qrcoder.co.uk
137	39

	Domain	Requested by
16	paste.co.id	paste.co.id cdnjs.cloudflare.com
10	s-img.mgid.com	paste.co.id
10	seeptoag.net	paste.co.id seeptoag.net
8	cm.mgid.com	jsc.mgid.com paste.co.id eus.rubiconproject.com
7	www.google.com	paste.co.id tpc.googlesyndication.com
5	x.bidswitch.net	5 redirects
5	pixel.rubiconproject.com	paste.co.id eus.rubiconproject.com
5	sb.scorecardresearch.com	2 redirects jsc.mgid.com paste.co.id
5	toglooman.com	iclickcdn.com toglooman.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	inpagepush.com	paste.co.id inpagepush.com
5	pagead2.googlesyndication.com	paste.co.id pagead2.googlesyndication.com tpc.googlesyndication.com
4	token.rubiconproject.com	3 redirects eus.rubiconproject.com
4	c.mgid.com	jsc.mgid.com
4	cdnjs.cloudflare.com	paste.co.id
3	match.adsrvr.org	2 redirects eus.rubiconproject.com
3	cm.g.doubleclick.net	2 redirects eus.rubiconproject.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	my.rtmark.net	onmarshtompor.com inpagepush.com paste.co.id
3	servicer.mgid.com	jsc.mgid.com
3	pseepsie.com	iclickcdn.com pseepsie.com
2	o.wowreality.info	static.lalaping.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	sync-tm.everesttech.net	2 redirects
2	static.cdnativepush.com	paste.co.id inpagepush.com
2	ads.betweendigital.com	2 redirects
2	creativecdn.com	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	cdn.mgid.com	paste.co.id
2	onmarshtompor.com	iclickcdn.com
2	www.googletagmanager.com	paste.co.id www.googletagmanager.com
2	maxcdn.bootstrapcdn.com	paste.co.id maxcdn.bootstrapcdn.com
1	itgiblean.com
1	ads.yahoo.com	eus.rubiconproject.com
1	sync.mathtag.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	id.rlcdn.com	eus.rubiconproject.com
1	pixel-eu.rubiconproject.com	1 redirects
1	www.google.de	paste.co.id
1	stats.g.doubleclick.net	www.google-analytics.com
1	cm.lentainform.com	paste.co.id
1	cm.idealmedia.io	paste.co.id
1	sync.e-volution.ai	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	static.lalaping.com	toglooman.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	dozubatan.com	iclickcdn.com
1	bedrapiona.com	iclickcdn.com
1	iclickcdn.com	paste.co.id
1	www.qrcoder.co.uk	paste.co.id
1	jsc.mgid.com	paste.co.id
137	54

This site contains links to these domains. Also see Links.

Domain
widgets.mgid.com
www.mgid.com
collaborate.amcp.org
connect.ecdan.org

Subject Issuer	Validity	Valid
paste.co.id R3	`2021-06-22` - `2021-09-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
inpagepush.com R3	`2021-06-01` - `2021-08-30`	3 months	crt.sh
seeptoag.net R3	`2021-05-23` - `2021-08-21`	3 months	crt.sh
qrcoder.co.uk cPanel, Inc. Certification Authority	`2021-05-29` - `2021-08-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
bedrapiona.com R3	`2021-06-04` - `2021-09-02`	3 months	crt.sh
dozubatan.com R3	`2021-05-17` - `2021-08-15`	3 months	crt.sh
pseepsie.com R3	`2021-05-28` - `2021-08-26`	3 months	crt.sh
toglooman.com R3	`2021-07-09` - `2021-10-07`	3 months	crt.sh
onmarshtompor.com R3	`2021-06-05` - `2021-09-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
cdnativepush.com R3	`2021-07-14` - `2021-10-12`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-07-08` - `2021-08-25`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
wowreality.info R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
itgiblean.com R3	`2021-05-17` - `2021-08-15`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://paste.co.id/OoDWFPYnpD
Frame ID: E932BE72D5176385E37A64E9C24C4DA0
Requests: 107 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210722/r20190131/zrt_lookup.html
Frame ID: 94BF1F438DA5406573D0A6CC5EB89B87
Requests: 1 HTTP requests in this frame

Frame: https://onmarshtompor.com/fac.php?OAID=2d482b09776741bc983dbf074e2de088&oaidts=1627367181
Frame ID: 81078AB521582C0DE734F1D2799AB4DF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1627367182&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627367181697&bpp=5&bdt=558&idt=540&shv=r20210722&ptt=9&saldr=aa&abxe=1&nras=1&correlator=828915762694&frm=20&pv=2&ga_vid=191740207.1627367182&ga_sid=1627367182&ga_hid=545455367&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061847&oid=3&pvsid=498366174570128&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=557
Frame ID: 204B220D80639B2379AA0FF6FCA00FED
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1627367182455207422892
Frame ID: 32D77DE8C0785865E07BAACA45545FB5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.1227730195~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1627367182&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627367182569&bpp=2&bdt=1430&idt=-M&shv=r20210722&ptt=9&saldr=aa&abxe=1&cookie=ID%3D557ff34c68c3c34d-22c59ba678c9007f%3AT%3D1627367182%3ART%3D1627367182%3AS%3DALNI_MZ8_rXL1qqtvnD-Nh0uXH7YrRRzGg&prev_fmts=0x0&nras=2&correlator=828915762694&frm=20&pv=1&ga_vid=191740207.1627367182&ga_sid=1627367182&ga_hid=545455367&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1407&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061847&oid=3&pvsid=498366174570128&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6ZKu7dfhVy&p=https%3A//paste.co.id&dtd=17
Frame ID: 0C9D532DA3A8E76BB4B6AFB7D92CEFCE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=1213588912&adf=2179270891&pi=t.aa~a.2711115096~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1627367182&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627367182569&bpp=1&bdt=1430&idt=-M&shv=r20210722&ptt=9&saldr=aa&abxe=1&cookie=ID%3D557ff34c68c3c34d-22c59ba678c9007f%3AT%3D1627367182%3ART%3D1627367182%3AS%3DALNI_MZ8_rXL1qqtvnD-Nh0uXH7YrRRzGg&prev_fmts=0x0%2C1200x280&nras=3&correlator=828915762694&frm=20&pv=1&ga_vid=191740207.1627367182&ga_sid=1627367182&ga_hid=545455367&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061847&oid=3&pvsid=498366174570128&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zK3hfcN8BQ&p=https%3A//paste.co.id&dtd=21
Frame ID: 86E8C2182B91672E393C247AB93BE9AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=90&adk=2820297975&adf=1011119886&pi=t.aa~a.2711115096~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1627367182&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x90&url=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627367182569&bpp=1&bdt=1430&idt=2&shv=r20210722&ptt=9&saldr=aa&abxe=1&cookie=ID%3D557ff34c68c3c34d-22c59ba678c9007f%3AT%3D1627367182%3ART%3D1627367182%3AS%3DALNI_MZ8_rXL1qqtvnD-Nh0uXH7YrRRzGg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=828915762694&frm=20&pv=1&ga_vid=191740207.1627367182&ga_sid=1627367182&ga_hid=545455367&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061847&oid=3&pvsid=498366174570128&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=npRCRpbWWw&p=https%3A//paste.co.id&dtd=25
Frame ID: 8A6BE42D242908DBC859E9BF84E4EEB1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: C7627E5FCE9D1FE9E9E1F8EBCDAC844B
Requests: 12 HTTP requests in this frame

Frame: data://truncated
Frame ID: 63B19A4500DE62EE84C8AEE1554ABC7B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 40B494A796F68CD8831D5F99F32F6B00
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FDCA905D3F293AB534DBC29489363E7F
Requests: 1 HTTP requests in this frame

Frame: https://static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/0987259079146.png
Frame ID: FA491CA450332E6EF731EA6F92660390
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

137
Requests

100 %
HTTPS

35 %
IPv6

39
Domains

54
Subdomains

38
IPs

7
Countries

1512 kB
Transfer

3791 kB
Size

16
Cookies

59 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.mgid.com/?utm_source=paste.co.id&utm_medium=referral&utm_campaign=widgets&utm_content=997452
Title:

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy
Title:

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164888/i/57333099/0/pp/1/1?h=LB5zgMKgOzI0GUp9h2qzxmfxIohKgTQapH5U-J0tRKwpObhIl8z0D6uAewuBPeXQ&rid=8fb843ae-eea3-11eb-a8db-d094662c1c35&tt=Direct&att=3&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164909/i/57333099/0/pp/2/1?h=LB5zgMKgOzI0GUp9h2qzxnyVa3Js0Lr6R_JXvaX1tv1c-YSIWGwLMkmwQq73zV7s&rid=8fb843ae-eea3-11eb-a8db-d094662c1c35&tt=Direct&att=3&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164883/i/57333099/0/pp/3/1?h=LB5zgMKgOzI0GUp9h2qzxk9f3wghoXbn9g3DfseEzMqdq86vTI2x15hzt0Vm4fLR&rid=8fb843ae-eea3-11eb-a8db-d094662c1c35&tt=Direct&att=3&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193518/i/57333099/0/pp/4/1?h=LB5zgMKgOzI0GUp9h2qzxh7atdMgHrmjbNBx4PYjYgpn5wrN4KBHZwMfjcMa6MH4&rid=8fb843ae-eea3-11eb-a8db-d094662c1c35&tt=Direct&att=3&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/network/members/profile?UserKey=eeb2377a-c013-4c59-bed6-0ca40e387253
Title: https://collaborate.amcp.org/network/members/profile?UserKey=eeb2377a-c013-4c59-bed6-0ca40e387253

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/verpelis-viejos-2021-pelicula-online-gratis-1080p
Title: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/verpelis-viejos-2021-pelicula-online-gratis-1080p

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/repelis-viejos-2021-pelicula-completa-en-espanol-l
Title: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/repelis-viejos-2021-pelicula-completa-en-espanol-l

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/pelis-hd-viejos-2021-pelicula-completa-online-espa
Title: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/pelis-hd-viejos-2021-pelicula-completa-online-espa

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/ver-viejos-old-2021-pelicula-completa-online-espan
Title: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/ver-viejos-old-2021-pelicula-completa-online-espan

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/123movies-watch-jungle-cruise-2021-online-movie-fu
Title: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/123movies-watch-jungle-cruise-2021-online-movie-fu

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/watch-hd-jungle-cruise-2021-full-movie-online-free
Title: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/watch-hd-jungle-cruise-2021-full-movie-online-free

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/123movies-watch-jungle-cruise-2021-hd-online-full
Title: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/123movies-watch-jungle-cruise-2021-hd-online-full

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/watch-full-jungle-cruise-2021-hd-movie-online-free
Title: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/watch-full-jungle-cruise-2021-hd-movie-online-free

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/123movies-watch-stillwater-2021-online-movie-full
Title: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/123movies-watch-stillwater-2021-online-movie-full

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/watch-hd-stillwater-2021-full-movie-online-free
Title: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/watch-hd-stillwater-2021-full-movie-online-free

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/123movies-watch-stillwater-2021-hd-online-full-fre
Title: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/123movies-watch-stillwater-2021-hd-online-full-fre

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/123movies-watch-old-2021-hd-online-full-free-downl
Title: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/123movies-watch-old-2021-hd-online-full-free-downl

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/123movies-watch-old-2021-online-movie-full-free-su
Title: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/123movies-watch-old-2021-online-movie-full-free-su

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/watchfree-old-2021-full-movie-online-hd-1080p
Title: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/watchfree-old-2021-full-movie-online-hd-1080p

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/123movies-watch-black-widow-2021-hd-full-movie-onl
Title: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/123movies-watch-black-widow-2021-hd-full-movie-onl

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/watch-hd-black-widow-2021-full-movie-online-free
Title: https://collaborate.amcp.org/blogs/verpelis-viejos-2021-pelicula-completa/2021/07/27/watch-hd-black-widow-2021-full-movie-online-free

Search URL Search Domain Scan URL

URL: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/verpelis-viejos-2021-pelicula-online-gratis-1080p
Title: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/verpelis-viejos-2021-pelicula-online-gratis-1080p

Search URL Search Domain Scan URL

URL: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/repelis-viejos-2021-pelicula-completa-en-espanol
Title: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/repelis-viejos-2021-pelicula-completa-en-espanol

Search URL Search Domain Scan URL

URL: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/pelis-hd-viejos-2021-pelicula-completa-online-espa
Title: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/pelis-hd-viejos-2021-pelicula-completa-online-espa

Search URL Search Domain Scan URL

URL: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/ver-viejos-old-2021-pelicula-completa-online-espan
Title: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/ver-viejos-old-2021-pelicula-completa-online-espan

Search URL Search Domain Scan URL

URL: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/123movies-watch-jungle-cruise-2021-online-movie
Title: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/123movies-watch-jungle-cruise-2021-online-movie

Search URL Search Domain Scan URL

URL: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/watchhd-jungle-cruise-2021-full-movie-online-free
Title: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/watchhd-jungle-cruise-2021-full-movie-online-free

Search URL Search Domain Scan URL

URL: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/123movies-watch-jungle-cruise-2021-hd-online-full
Title: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/123movies-watch-jungle-cruise-2021-hd-online-full

Search URL Search Domain Scan URL

URL: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/watch-jungle-cruise-2021-full-movie-online-free-12
Title: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/watch-jungle-cruise-2021-full-movie-online-free-12

Search URL Search Domain Scan URL

URL: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/123movies-watch-stillwater-2021-online-movie-full
Title: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/123movies-watch-stillwater-2021-online-movie-full

Search URL Search Domain Scan URL

URL: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/watchhd-stillwater-2021-full-movie-online-free
Title: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/watchhd-stillwater-2021-full-movie-online-free

Search URL Search Domain Scan URL

URL: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/watch-stillwater-2021-full-movie-online-free-123mo
Title: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/watch-stillwater-2021-full-movie-online-free-123mo

Search URL Search Domain Scan URL

URL: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/123movies-watch-old-2021-online-movie-full-free-su
Title: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/123movies-watch-old-2021-online-movie-full-free-su

Search URL Search Domain Scan URL

URL: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/watchhd-old-2021-full-movie-online-free
Title: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/watchhd-old-2021-full-movie-online-free

Search URL Search Domain Scan URL

URL: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/download-free-watch-old-2021-full-movie-online-fre
Title: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/download-free-watch-old-2021-full-movie-online-fre

Search URL Search Domain Scan URL

URL: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/123movies-watch-black-widow-2021-hd-full-movie-onl
Title: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/123movies-watch-black-widow-2021-hd-full-movie-onl

Search URL Search Domain Scan URL

URL: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/123watch-black-widow-2021-hd-movies-online-full-fr
Title: https://connect.ecdan.org/blogs/free-watch-jungle-cruise/2021/07/27/123watch-black-widow-2021-hd-movies-online-full-fr

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/blogs/in-new-poker/2021/07/27/123watch-black-widow-2021-full-movie-online-free
Title: https://collaborate.amcp.org/blogs/in-new-poker/2021/07/27/123watch-black-widow-2021-full-movie-online-free

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/blogs/in-new-poker/2021/07/27/123movies-watch-black-widow-2021-hd-online-full
Title: https://collaborate.amcp.org/blogs/in-new-poker/2021/07/27/123movies-watch-black-widow-2021-hd-online-full

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/blogs/in-new-poker/2021/07/27/download-watch-black-widow-2021-hd-online-full-fre
Title: https://collaborate.amcp.org/blogs/in-new-poker/2021/07/27/download-watch-black-widow-2021-hd-online-full-fre

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/blogs/in-new-poker/2021/07/27/watch-black-widow-2021-full-hd-movie-online-free
Title: https://collaborate.amcp.org/blogs/in-new-poker/2021/07/27/watch-black-widow-2021-full-hd-movie-online-free

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/blogs/in-new-poker/2021/07/27/123movies-watch-jungle-cruise-2021-hd-full-movie-o
Title: https://collaborate.amcp.org/blogs/in-new-poker/2021/07/27/123movies-watch-jungle-cruise-2021-hd-full-movie-o

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/blogs/in-new-poker/2021/07/27/watch-jungle-cruise-2021-hd-full-movie-online-free
Title: https://collaborate.amcp.org/blogs/in-new-poker/2021/07/27/watch-jungle-cruise-2021-hd-full-movie-online-free

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/blogs/in-new-poker/2021/07/27/123watch-jungle-cruise-2021-full-movie-online-free
Title: https://collaborate.amcp.org/blogs/in-new-poker/2021/07/27/123watch-jungle-cruise-2021-full-movie-online-free

Search URL Search Domain Scan URL

URL: https://collaborate.amcp.org/blogs/in-new-poker/2021/07/27/online-watch-jungle-cruise-2021-movie-full-free
Title: https://collaborate.amcp.org/blogs/in-new-poker/2021/07/27/online-watch-jungle-cruise-2021-movie-full-free

Search URL Search Domain Scan URL

URL: https://connect.ecdan.org/blogs/on-stream/2021/07/27/123watch-jungle-cruise-2021-full-movie-online-stre
Title: https://connect.ecdan.org/blogs/on-stream/2021/07/27/123watch-jungle-cruise-2021-full-movie-online-stre

Search URL Search Domain Scan URL

URL: https://connect.ecdan.org/blogs/on-stream/2021/07/27/free-watch-jungle-cruise-2021-full-movie-streaming
Title: https://connect.ecdan.org/blogs/on-stream/2021/07/27/free-watch-jungle-cruise-2021-full-movie-streaming

Search URL Search Domain Scan URL

URL: https://connect.ecdan.org/blogs/on-stream/2021/07/27/hd-watch-jungle-cruise-2021-online-full-movie-free
Title: https://connect.ecdan.org/blogs/on-stream/2021/07/27/hd-watch-jungle-cruise-2021-online-full-movie-free

Search URL Search Domain Scan URL

URL: https://connect.ecdan.org/blogs/on-stream/2021/07/27/watch-onliine-jungle-cruise-2021-hd-movie-full
Title: https://connect.ecdan.org/blogs/on-stream/2021/07/27/watch-onliine-jungle-cruise-2021-hd-movie-full

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193536/i/57333099/0/pp/1/1?h=LB5zgMKgOzI0GUp9h2qzxs1YhRkAEQBsDBsGlTLquUeXq_6poO7x6o1jCJQBYn7Z&rid=8fb82fcb-eea3-11eb-a8db-d094662c1c35&tt=Direct&att=3&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164852/i/57333099/0/pp/2/1?h=LB5zgMKgOzI0GUp9h2qzxuXnmm5Q9Lv3jZG57x1OP0o2ei3cjzREYKTaznfY98jt&rid=8fb82fcb-eea3-11eb-a8db-d094662c1c35&tt=Direct&att=3&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164849/i/57333099/0/pp/3/1?h=LB5zgMKgOzI0GUp9h2qzxjIdRfsank2YI8Lh79Nzy87cEQz-InYmTIGW7RRRxfKY&rid=8fb82fcb-eea3-11eb-a8db-d094662c1c35&tt=Direct&att=3&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193501/i/57333099/0/pp/4/1?h=LB5zgMKgOzI0GUp9h2qzxsu-wr3N0OJa-ePEtiJm6E_20DaG2-tPrqQ-akFdAP2w&rid=8fb82fcb-eea3-11eb-a8db-d094662c1c35&tt=Direct&att=3&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164849/i/57333099/0/pp/1/1?h=LB5zgMKgOzI0GUp9h2qzxjIdRfsank2YI8Lh79Nzy86vurbrTYFQOGzD446GdUhA&rid=8fb88119-eea3-11eb-8dc9-d094662c24f7&tt=Direct&att=3&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164883/i/57333099/0/pp/2/1?h=LB5zgMKgOzI0GUp9h2qzxk9f3wghoXbn9g3DfseEzMr7DSEsRn4gz3qeolgUl4YX&rid=8fb88119-eea3-11eb-8dc9-d094662c24f7&tt=Direct&att=3&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164865/i/57333099/0/pp/3/1?h=LB5zgMKgOzI0GUp9h2qzxuUjhAmL1ifEPjOJdKd_YtBu9wwjtMJxgmox-ngfQXGY&rid=8fb88119-eea3-11eb-8dc9-d094662c24f7&tt=Direct&att=3&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164839/i/57333099/0/pp/4/1?h=LB5zgMKgOzI0GUp9h2qzxoP1_sK8ao_TIgwEgoGZzdUN06CsME5n2T3Rb8Ft0TGG&rid=8fb88119-eea3-11eb-8dc9-d094662c24f7&tt=Direct&att=3&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 84

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=ARwdsoiQdBA7uuyglK5D&pi=mgid&tc=1

Request Chain 85

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l6qmSJknkiqn HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=

Request Chain 86

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDZxbVNKa25raXFu&muidn=l6qmSJknkiqn HTTP 302
https://cm.mgid.com/google?muidn=l6qmSJknkiqn&google_ula={guid},5&google_gid=CAESECjT4nyzGqfgzIIqxbsnHPc&google_cver=1

Request Chain 87

https://x.bidswitch.net/sync?dsp_id=303&user_id=l6qmSJknkiqn HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l6qmSJknkiqn HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=735a74f4-a6cc-4308-865a-472ecd69b329&gdpr=&gdpr_consent=&us_privacy=

Request Chain 88

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=092b373a-c2b7-4f3d-93bb-aca2108b42d0&ttl=1629959182

Request Chain 91

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=926c63e3-0692-52d0-8571-2e8fe58e8981&ssp=mgid&expires=30&user_group=1 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=735a74f4-a6cc-4308-865a-472ecd69b329&gdpr=&gdpr_consent=&us_privacy=

Request Chain 98

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1627367182695&ns_c=UTF-8&cv=3.5&c8=box%20office%20movies%202021%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1627367182695&ns_c=UTF-8&cv=3.5&c8=box%20office%20movies%202021%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&c9=

Request Chain 99

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1627367182696&ns_c=UTF-8&cv=3.5&c8=box%20office%20movies%202021%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1627367182696&ns_c=UTF-8&cv=3.5&c8=box%20office%20movies%202021%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&c9=

Request Chain 112

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=mgid HTTP 302
https://cm.mgid.com/m?cdsp=43070&c=KRLOEIWM-20-F9S1

Request Chain 114

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMfp1uWCZHoochVCrvztvDs&google_cver=1

Request Chain 115

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/Tq0iDdGhAbt1sR5bIE-rWsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4103295404916597071

Request Chain 117

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JMT0VJV00tMjAtRjlTMQ==

Request Chain 118

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YP_nDwADQLQg-QA4 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YP_nDwADQLQg-QA4&_test=YP_nDwADQLQg-QA4

Request Chain 119

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=631d60ff-a70e-4e00-9b2c-2167ebefb48a

Request Chain 120

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KRLOEIWM-20-F9S1&sigv=1&esig=2~032c30b13064dde8a7e92ae00c3157ec034166eb

137 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request OoDWFPYnpD Show response
paste.co.id/ 85 KB
25 KB 4201ms
4073ms Document
text/html 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/OoDWFPYnpD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 0d57b802101603ae1bbb2ffc98a47acd5bb7260be32a9d76a53b629bb1993cb7

Request headers

:method: GET
:authority: paste.co.id
:scheme: https
:path: /OoDWFPYnpD
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, private
content-type: text/html; charset=UTF-8
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
set-cookie: XSRF-TOKEN=eyJpdiI6IkcyQkltMW5RQTAxT01TMmJDK0pGaEE9PSIsInZhbHVlIjoiMWd2VEdZU29JWjRnV1JNVG5zOXg2Q0F1RnpGVUp6ZFFFZ1Q3ank1VENxamdjVW85UEFXWTlFbmQ2QWpXXC9sQTgiLCJtYWMiOiJjZDNhNTQxZmU0YWNjYWVhNDIwN2EzMTJiMDQxNGQ0MDMxNzc2YmYzNDA5Mzk5YjAxMDFjYTVmOWNjODE3NDkzIn0%3D; expires=Tue, 27-Jul-2021 08:26:21 GMT; Max-Age=7200; path=/ pasteshr_session=eyJpdiI6ImpcL1dwUXVHRWhFRHVDRTIxXC9wcUcydz09IiwidmFsdWUiOiJsMFJWMU5XSHAyY1U1OXppY3FuZWpPN1lOcUs0YzJ5YlVBd1NyVHRYdExhQm5DQ0MrVzVYSHNkRzhNOFA2WDRZIiwibWFjIjoiNWUxN2NjNWI2OTU2ZmUxNzQzYzZiNDJlMDNhNDZlZDVkNDM3ZGRmMzJmZDNkODM5ZWFmYmM5MDM2NWUyOTEwNyJ9; expires=Tue, 27-Jul-2021 08:26:21 GMT; Max-Age=7200; path=/; httponly
content-encoding: gzip
vary: Accept-Encoding
content-length: 24925
date: Tue, 27 Jul 2021 06:26:21 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 31ms
15ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617
age: 10920537
cdn-cachedat: 2021-03-11 11:57:51
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 50f270cef956c80b14f61fa9ad96c573
cf-ray: 6753cbb239dd4333-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 bootstrap.min.css
paste.co.id/css/ 138 KB
18 KB 170ms
58ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/bootstrap.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

:path: /css/bootstrap.min.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IkcyQkltMW5RQTAxT01TMmJDK0pGaEE9PSIsInZhbHVlIjoiMWd2VEdZU29JWjRnV1JNVG5zOXg2Q0F1RnpGVUp6ZFFFZ1Q3ank1VENxamdjVW85UEFXWTlFbmQ2QWpXXC9sQTgiLCJtYWMiOiJjZDNhNTQxZmU0YWNjYWVhNDIwN2EzMTJiMDQxNGQ0MDMxNzc2YmYzNDA5Mzk5YjAxMDFjYTVmOWNjODE3NDkzIn0%3D; pasteshr_session=eyJpdiI6ImpcL1dwUXVHRWhFRHVDRTIxXC9wcUcydz09IiwidmFsdWUiOiJsMFJWMU5XSHAyY1U1OXppY3FuZWpPN1lOcUs0YzJ5YlVBd1NyVHRYdExhQm5DQ0MrVzVYSHNkRzhNOFA2WDRZIiwibWFjIjoiNWUxN2NjNWI2OTU2ZmUxNzQzYzZiNDJlMDNhNDZlZDVkNDM3ZGRmMzJmZDNkODM5ZWFmYmM5MDM2NWUyOTEwNyJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/OoDWFPYnpD
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/OoDWFPYnpD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:21 GMT
content-encoding: br
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
etag: "22688-5be452f6-4a15aa;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 18560
expires: Tue, 03 Aug 2021 06:26:21 GMT

GET
H3-29 200 mdb.min.css
paste.co.id/css/ 226 KB
22 KB 344ms
232ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/mdb.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045

Request headers

:path: /css/mdb.min.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IkcyQkltMW5RQTAxT01TMmJDK0pGaEE9PSIsInZhbHVlIjoiMWd2VEdZU29JWjRnV1JNVG5zOXg2Q0F1RnpGVUp6ZFFFZ1Q3ank1VENxamdjVW85UEFXWTlFbmQ2QWpXXC9sQTgiLCJtYWMiOiJjZDNhNTQxZmU0YWNjYWVhNDIwN2EzMTJiMDQxNGQ0MDMxNzc2YmYzNDA5Mzk5YjAxMDFjYTVmOWNjODE3NDkzIn0%3D; pasteshr_session=eyJpdiI6ImpcL1dwUXVHRWhFRHVDRTIxXC9wcUcydz09IiwidmFsdWUiOiJsMFJWMU5XSHAyY1U1OXppY3FuZWpPN1lOcUs0YzJ5YlVBd1NyVHRYdExhQm5DQ0MrVzVYSHNkRzhNOFA2WDRZIiwibWFjIjoiNWUxN2NjNWI2OTU2ZmUxNzQzYzZiNDJlMDNhNDZlZDVkNDM3ZGRmMzJmZDNkODM5ZWFmYmM5MDM2NWUyOTEwNyJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/OoDWFPYnpD
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/OoDWFPYnpD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:21 GMT
content-encoding: br
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
etag: "38940-5be452f6-4a15a9;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 22616
expires: Tue, 03 Aug 2021 06:26:21 GMT

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/ 15 KB
2 KB 31ms
17ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/select2.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1764519
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1624
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-3b5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2Bo72%2BcP0ESP9Wt1hk0RAyLnECm7OdMb8wPaiyWTIIvaT%2Fud3r0YErnlCr8DxEVE8rI7sLoizOcRMc%2BRGCjjC3BQHpi7AqstdqbJG%2FksyfneOCKV7F%2Ftc0gXjFT1FzIUv%2FNbYU7rhSWoghlalonZjujo"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6753cbb23a39d70d-FRA
expires: Sun, 17 Jul 2022 06:26:21 GMT

GET
H3-29 200 special.min.css
paste.co.id/css/skins/ 3 KB
845 B 343ms
231ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/skins/special.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: d801a7aee4bfe2c958fd643f0cbeec4594298233004ada814fbff90eeb0b1c0b

Request headers

:path: /css/skins/special.min.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IkcyQkltMW5RQTAxT01TMmJDK0pGaEE9PSIsInZhbHVlIjoiMWd2VEdZU29JWjRnV1JNVG5zOXg2Q0F1RnpGVUp6ZFFFZ1Q3ank1VENxamdjVW85UEFXWTlFbmQ2QWpXXC9sQTgiLCJtYWMiOiJjZDNhNTQxZmU0YWNjYWVhNDIwN2EzMTJiMDQxNGQ0MDMxNzc2YmYzNDA5Mzk5YjAxMDFjYTVmOWNjODE3NDkzIn0%3D; pasteshr_session=eyJpdiI6ImpcL1dwUXVHRWhFRHVDRTIxXC9wcUcydz09IiwidmFsdWUiOiJsMFJWMU5XSHAyY1U1OXppY3FuZWpPN1lOcUs0YzJ5YlVBd1NyVHRYdExhQm5DQ0MrVzVYSHNkRzhNOFA2WDRZIiwibWFjIjoiNWUxN2NjNWI2OTU2ZmUxNzQzYzZiNDJlMDNhNDZlZDVkNDM3ZGRmMzJmZDNkODM5ZWFmYmM5MDM2NWUyOTEwNyJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/OoDWFPYnpD
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/OoDWFPYnpD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:21 GMT
content-encoding: br
last-modified: Wed, 24 Apr 2019 12:08:22 GMT
server: LiteSpeed
etag: "bab-5cc051b6-5052d5;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 778
expires: Tue, 03 Aug 2021 06:26:21 GMT

GET
H3-29 200 app.min.css
paste.co.id/css/ 648 B
288 B 288ms
176ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/app.min.css?v=1.2
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b

Request headers

:path: /css/app.min.css?v=1.2
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IkcyQkltMW5RQTAxT01TMmJDK0pGaEE9PSIsInZhbHVlIjoiMWd2VEdZU29JWjRnV1JNVG5zOXg2Q0F1RnpGVUp6ZFFFZ1Q3ank1VENxamdjVW85UEFXWTlFbmQ2QWpXXC9sQTgiLCJtYWMiOiJjZDNhNTQxZmU0YWNjYWVhNDIwN2EzMTJiMDQxNGQ0MDMxNzc2YmYzNDA5Mzk5YjAxMDFjYTVmOWNjODE3NDkzIn0%3D; pasteshr_session=eyJpdiI6ImpcL1dwUXVHRWhFRHVDRTIxXC9wcUcydz09IiwidmFsdWUiOiJsMFJWMU5XSHAyY1U1OXppY3FuZWpPN1lOcUs0YzJ5YlVBd1NyVHRYdExhQm5DQ0MrVzVYSHNkRzhNOFA2WDRZIiwibWFjIjoiNWUxN2NjNWI2OTU2ZmUxNzQzYzZiNDJlMDNhNDZlZDVkNDM3ZGRmMzJmZDNkODM5ZWFmYmM5MDM2NWUyOTEwNyJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/OoDWFPYnpD
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/OoDWFPYnpD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:21 GMT
content-encoding: br
last-modified: Fri, 05 Jun 2020 17:06:52 GMT
server: LiteSpeed
etag: "288-5eda7bac-4a15ad;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 222
expires: Tue, 03 Aug 2021 06:26:21 GMT

GET
H3-29 200 prism-okadia.css
paste.co.id/plugins/prismjs/ 13 KB
3 KB 343ms
231ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism-okadia.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6

Request headers

:path: /plugins/prismjs/prism-okadia.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IkcyQkltMW5RQTAxT01TMmJDK0pGaEE9PSIsInZhbHVlIjoiMWd2VEdZU29JWjRnV1JNVG5zOXg2Q0F1RnpGVUp6ZFFFZ1Q3ank1VENxamdjVW85UEFXWTlFbmQ2QWpXXC9sQTgiLCJtYWMiOiJjZDNhNTQxZmU0YWNjYWVhNDIwN2EzMTJiMDQxNGQ0MDMxNzc2YmYzNDA5Mzk5YjAxMDFjYTVmOWNjODE3NDkzIn0%3D; pasteshr_session=eyJpdiI6ImpcL1dwUXVHRWhFRHVDRTIxXC9wcUcydz09IiwidmFsdWUiOiJsMFJWMU5XSHAyY1U1OXppY3FuZWpPN1lOcUs0YzJ5YlVBd1NyVHRYdExhQm5DQ0MrVzVYSHNkRzhNOFA2WDRZIiwibWFjIjoiNWUxN2NjNWI2OTU2ZmUxNzQzYzZiNDJlMDNhNDZlZDVkNDM3ZGRmMzJmZDNkODM5ZWFmYmM5MDM2NWUyOTEwNyJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/OoDWFPYnpD
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/OoDWFPYnpD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:21 GMT
content-encoding: br
last-modified: Tue, 29 Jan 2019 22:43:52 GMT
server: LiteSpeed
etag: "326d-5c50d728-4c4795;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3354
expires: Tue, 03 Aug 2021 06:26:21 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
49 KB 43ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

246160119eacd0b407d3575c76beb79d24a3c3decd756a8ea3c4516b181de05f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49286
x-xss-protection: 0
server: cafe
etag: 3374109264917544910
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 27 Jul 2021 06:26:21 GMT

GET
H2 200 3509488 Show response
inpagepush.com/400/ 83 KB
30 KB 188ms
81ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3509488

Requested by

Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2497f87f8f77979dd57ff8ff4035ae2951c56ea331ad393cc8771c270e8967dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: dbbc9f23d1af1f552bb93364585cede3
pragma: no-cache
date: Tue, 27 Jul 2021 06:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 ntfc.php Show response
seeptoag.net/ 14 KB
6 KB 169ms
50ms Script
application/javascript 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/ntfc.php?p=3534037
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b34a3eee1bdc965572daca0b5c0b6f606f64767a53f696e967fcdda1e54008a6

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:21 GMT
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 14:49:10 GMT
server: nginx
etag: W/"60f6e266-380c"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H3-29 200 default-avatar.png
paste.co.id/img/ 7 KB
7 KB 183ms
182ms Image
image/png 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paste.co.id/img/default-avatar.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517

Request headers

:path: /img/default-avatar.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IkcyQkltMW5RQTAxT01TMmJDK0pGaEE9PSIsInZhbHVlIjoiMWd2VEdZU29JWjRnV1JNVG5zOXg2Q0F1RnpGVUp6ZFFFZ1Q3ank1VENxamdjVW85UEFXWTlFbmQ2QWpXXC9sQTgiLCJtYWMiOiJjZDNhNTQxZmU0YWNjYWVhNDIwN2EzMTJiMDQxNGQ0MDMxNzc2YmYzNDA5Mzk5YjAxMDFjYTVmOWNjODE3NDkzIn0%3D; pasteshr_session=eyJpdiI6ImpcL1dwUXVHRWhFRHVDRTIxXC9wcUcydz09IiwidmFsdWUiOiJsMFJWMU5XSHAyY1U1OXppY3FuZWpPN1lOcUs0YzJ5YlVBd1NyVHRYdExhQm5DQ0MrVzVYSHNkRzhNOFA2WDRZIiwibWFjIjoiNWUxN2NjNWI2OTU2ZmUxNzQzYzZiNDJlMDNhNDZlZDVkNDM3ZGRmMzJmZDNkODM5ZWFmYmM5MDM2NWUyOTEwNyJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: paste.co.id
referer: https://paste.co.id/OoDWFPYnpD
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/OoDWFPYnpD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:21 GMT
last-modified: Wed, 28 Nov 2018 16:58:44 GMT
server: LiteSpeed
etag: "1b2d-5bfec944-90052b;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 6957
expires: Tue, 03 Aug 2021 06:26:21 GMT

GET
H2 200 paste.co.id.997452.js Show response
jsc.mgid.com/p/a/ 283 KB
75 KB 145ms
80ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ae2fd037e35d04a7e678afb4bb2b9883477809cbbf59574c847dcc468bd0428

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:21 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 58E9H9TNAPWG1156
cf-polished: origSize=289530
last-modified: Wed, 14 Jul 2021 10:55:01 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: XbY4dY+UohKYLGy3te+EU7nALdl2gHoTMfcL8vzy+l+SoE4wkzcukXlhpa9lLfqZ1a18QE5Oybw=
cf-bgj: minify
server: cloudflare
etag: W/"4f4e6ebe178e1e7f193afa7c9ba85099"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6753cbb52d28503d-WAW
expires: Tue, 27 Jul 2021 09:26:21 GMT

GET
H/1.1 403
Forbidden /
www.qrcoder.co.uk/api/v1/ 0
0 279ms
64ms Image
text/html 109.203.125.88
NODE4-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.qrcoder.co.uk/api/v1/?size=4&text=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 109.203.125.88 , United Kingdom, ASN31727 (NODE4-AS, GB),
Reverse DNS: server.switchtowood.co.uk
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
27 KB 16ms
16ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 345051
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 27433
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bLArKVdogQOYUl%2Fqfv5A8BL9vKUUOSliNLpfWXwCno48luMsobFd99%2F5PVPdcANMZ5M037VVt8nOG%2BKq7%2FZn7h9w43ClRtsvYBHIcWRKKIAINhiT8huSSoDEu2KXABsIuCAk5hoSR2SFVugTD27w2qd1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6753cbb44ef52bc6-FRA
expires: Sun, 17 Jul 2022 06:26:21 GMT

GET
H3-29 200 bootstrap.min.js Show response
paste.co.id/js/ 50 KB
13 KB 55ms
54ms Script
application/x-javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/bootstrap.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

:path: /js/bootstrap.min.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IkcyQkltMW5RQTAxT01TMmJDK0pGaEE9PSIsInZhbHVlIjoiMWd2VEdZU29JWjRnV1JNVG5zOXg2Q0F1RnpGVUp6ZFFFZ1Q3ank1VENxamdjVW85UEFXWTlFbmQ2QWpXXC9sQTgiLCJtYWMiOiJjZDNhNTQxZmU0YWNjYWVhNDIwN2EzMTJiMDQxNGQ0MDMxNzc2YmYzNDA5Mzk5YjAxMDFjYTVmOWNjODE3NDkzIn0%3D; pasteshr_session=eyJpdiI6ImpcL1dwUXVHRWhFRHVDRTIxXC9wcUcydz09IiwidmFsdWUiOiJsMFJWMU5XSHAyY1U1OXppY3FuZWpPN1lOcUs0YzJ5YlVBd1NyVHRYdExhQm5DQ0MrVzVYSHNkRzhNOFA2WDRZIiwibWFjIjoiNWUxN2NjNWI2OTU2ZmUxNzQzYzZiNDJlMDNhNDZlZDVkNDM3ZGRmMzJmZDNkODM5ZWFmYmM5MDM2NWUyOTEwNyJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/OoDWFPYnpD
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/OoDWFPYnpD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:21 GMT
content-encoding: br
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
etag: "c75f-5be452f6-4418f5;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 13341
expires: Tue, 03 Aug 2021 06:26:21 GMT

GET
H3-29 200 mdb.min.js Show response
paste.co.id/js/ 204 KB
59 KB 57ms
54ms Script
application/x-javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/mdb.min.js?v=2
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669

Request headers

:path: /js/mdb.min.js?v=2
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IkcyQkltMW5RQTAxT01TMmJDK0pGaEE9PSIsInZhbHVlIjoiMWd2VEdZU29JWjRnV1JNVG5zOXg2Q0F1RnpGVUp6ZFFFZ1Q3ank1VENxamdjVW85UEFXWTlFbmQ2QWpXXC9sQTgiLCJtYWMiOiJjZDNhNTQxZmU0YWNjYWVhNDIwN2EzMTJiMDQxNGQ0MDMxNzc2YmYzNDA5Mzk5YjAxMDFjYTVmOWNjODE3NDkzIn0%3D; pasteshr_session=eyJpdiI6ImpcL1dwUXVHRWhFRHVDRTIxXC9wcUcydz09IiwidmFsdWUiOiJsMFJWMU5XSHAyY1U1OXppY3FuZWpPN1lOcUs0YzJ5YlVBd1NyVHRYdExhQm5DQ0MrVzVYSHNkRzhNOFA2WDRZIiwibWFjIjoiNWUxN2NjNWI2OTU2ZmUxNzQzYzZiNDJlMDNhNDZlZDVkNDM3ZGRmMzJmZDNkODM5ZWFmYmM5MDM2NWUyOTEwNyJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/OoDWFPYnpD
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/OoDWFPYnpD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:21 GMT
content-encoding: br
last-modified: Tue, 29 Jan 2019 22:15:46 GMT
server: LiteSpeed
etag: "331d6-5c50d092-441907;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 60235
expires: Tue, 03 Aug 2021 06:26:21 GMT

GET
H3-29 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/ 65 KB
16 KB 13ms
11ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/select2.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4613874
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15668
cf-request-id: 0a753b83b8000005d88b10c000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-1042e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77RhmEQX%2FMztStH%2BqlJGWlaH9CTg7i4FAfQQTGZmOeSTj%2FxB6EecDTzVJOXpnVH0QIn6UApJPBZNsEAY8%2BJcLAxHUzFXPK8jf38kWdRkRnl%2B%2BATuCzm1KDI5QROACokVlQLqaZHZ9C4u5M8wffP4ThTy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6753cbb4bfbd2bc6-FRA
expires: Sun, 17 Jul 2022 06:26:21 GMT

GET
H3-29 200 ads.js Show response
paste.co.id/js/ 22 B
85 B 149ms
146ms Script
application/x-javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/ads.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140

Request headers

:path: /js/ads.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IkcyQkltMW5RQTAxT01TMmJDK0pGaEE9PSIsInZhbHVlIjoiMWd2VEdZU29JWjRnV1JNVG5zOXg2Q0F1RnpGVUp6ZFFFZ1Q3ank1VENxamdjVW85UEFXWTlFbmQ2QWpXXC9sQTgiLCJtYWMiOiJjZDNhNTQxZmU0YWNjYWVhNDIwN2EzMTJiMDQxNGQ0MDMxNzc2YmYzNDA5Mzk5YjAxMDFjYTVmOWNjODE3NDkzIn0%3D; pasteshr_session=eyJpdiI6ImpcL1dwUXVHRWhFRHVDRTIxXC9wcUcydz09IiwidmFsdWUiOiJsMFJWMU5XSHAyY1U1OXppY3FuZWpPN1lOcUs0YzJ5YlVBd1NyVHRYdExhQm5DQ0MrVzVYSHNkRzhNOFA2WDRZIiwibWFjIjoiNWUxN2NjNWI2OTU2ZmUxNzQzYzZiNDJlMDNhNDZlZDVkNDM3ZGRmMzJmZDNkODM5ZWFmYmM5MDM2NWUyOTEwNyJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/OoDWFPYnpD
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/OoDWFPYnpD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:21 GMT
last-modified: Sat, 14 Mar 2020 00:25:06 GMT
server: LiteSpeed
etag: "16-5e6c2462-441908;;;"
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 22
expires: Tue, 03 Aug 2021 06:26:21 GMT

GET
H3-29 200 app.min.js Show response
paste.co.id/js/ 1 KB
710 B 149ms
147ms Script
application/x-javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/app.min.js?v=1.5
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93

Request headers

:path: /js/app.min.js?v=1.5
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IkcyQkltMW5RQTAxT01TMmJDK0pGaEE9PSIsInZhbHVlIjoiMWd2VEdZU29JWjRnV1JNVG5zOXg2Q0F1RnpGVUp6ZFFFZ1Q3ank1VENxamdjVW85UEFXWTlFbmQ2QWpXXC9sQTgiLCJtYWMiOiJjZDNhNTQxZmU0YWNjYWVhNDIwN2EzMTJiMDQxNGQ0MDMxNzc2YmYzNDA5Mzk5YjAxMDFjYTVmOWNjODE3NDkzIn0%3D; pasteshr_session=eyJpdiI6ImpcL1dwUXVHRWhFRHVDRTIxXC9wcUcydz09IiwidmFsdWUiOiJsMFJWMU5XSHAyY1U1OXppY3FuZWpPN1lOcUs0YzJ5YlVBd1NyVHRYdExhQm5DQ0MrVzVYSHNkRzhNOFA2WDRZIiwibWFjIjoiNWUxN2NjNWI2OTU2ZmUxNzQzYzZiNDJlMDNhNDZlZDVkNDM3ZGRmMzJmZDNkODM5ZWFmYmM5MDM2NWUyOTEwNyJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/OoDWFPYnpD
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/OoDWFPYnpD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:21 GMT
content-encoding: br
last-modified: Sat, 14 Mar 2020 00:34:12 GMT
server: LiteSpeed
etag: "5b0-5e6c2684-4418f7;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 643
expires: Tue, 03 Aug 2021 06:26:21 GMT

GET
H3-29 200 prism.js Show response
paste.co.id/plugins/prismjs/ 328 KB
112 KB 149ms
147ms Script
application/x-javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a

Request headers

:path: /plugins/prismjs/prism.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IkcyQkltMW5RQTAxT01TMmJDK0pGaEE9PSIsInZhbHVlIjoiMWd2VEdZU29JWjRnV1JNVG5zOXg2Q0F1RnpGVUp6ZFFFZ1Q3ank1VENxamdjVW85UEFXWTlFbmQ2QWpXXC9sQTgiLCJtYWMiOiJjZDNhNTQxZmU0YWNjYWVhNDIwN2EzMTJiMDQxNGQ0MDMxNzc2YmYzNDA5Mzk5YjAxMDFjYTVmOWNjODE3NDkzIn0%3D; pasteshr_session=eyJpdiI6ImpcL1dwUXVHRWhFRHVDRTIxXC9wcUcydz09IiwidmFsdWUiOiJsMFJWMU5XSHAyY1U1OXppY3FuZWpPN1lOcUs0YzJ5YlVBd1NyVHRYdExhQm5DQ0MrVzVYSHNkRzhNOFA2WDRZIiwibWFjIjoiNWUxN2NjNWI2OTU2ZmUxNzQzYzZiNDJlMDNhNDZlZDVkNDM3ZGRmMzJmZDNkODM5ZWFmYmM5MDM2NWUyOTEwNyJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/OoDWFPYnpD
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/OoDWFPYnpD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:21 GMT
content-encoding: br
last-modified: Sat, 24 Nov 2018 17:17:38 GMT
server: LiteSpeed
etag: "521a1-5bf987b2-4c4790;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 114523
expires: Tue, 03 Aug 2021 06:26:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
40 KB 57ms
35ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-174907544-1

Requested by

Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

877141587e7fa710884d5778207eb9e292a99d4248852363f6c11255dbb8ad4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39979
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Jul 2021 06:26:21 GMT

GET
H2 200 tag.min.js Show response
iclickcdn.com/ 61 KB
22 KB 59ms
41ms Script
text/javascript 2606:4700:20::ac43:4b09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iclickcdn.com/tag.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c025b0c96d84f453c00cac0f8fa1deedff968fa148aed3d0e06ebbe8084f17c6

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
age: 66766
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
x-trace-id: 1189c9b45b8714294823047224d9618a
pragma: no-cache
last-modified: Mon, 26 Jul 2021 09:37:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mznQuNnJZFeUiEDWuDF50%2B2Pgvu7tgaG5vdutW%2FwlkBu55gyr20BoqsGuAa%2FjW6cJT1igJqE2DalEuTqWEG3k%2BHGEJTXyIMJmEdaZPJ1188wvJymUfv3%2B%2FVIyR0HSn7j8bv7gyois%2F4DTqg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 6753cbb4daa04ab0-FRA
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 27 Jul 2021 11:53:35 GMT

GET
H3-29 200 Roboto-Light.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 62ms
60ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Light.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75

Request headers

sec-fetch-mode: cors
origin: https://paste.co.id
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6IkcyQkltMW5RQTAxT01TMmJDK0pGaEE9PSIsInZhbHVlIjoiMWd2VEdZU29JWjRnV1JNVG5zOXg2Q0F1RnpGVUp6ZFFFZ1Q3ank1VENxamdjVW85UEFXWTlFbmQ2QWpXXC9sQTgiLCJtYWMiOiJjZDNhNTQxZmU0YWNjYWVhNDIwN2EzMTJiMDQxNGQ0MDMxNzc2YmYzNDA5Mzk5YjAxMDFjYTVmOWNjODE3NDkzIn0%3D; pasteshr_session=eyJpdiI6ImpcL1dwUXVHRWhFRHVDRTIxXC9wcUcydz09IiwidmFsdWUiOiJsMFJWMU5XSHAyY1U1OXppY3FuZWpPN1lOcUs0YzJ5YlVBd1NyVHRYdExhQm5DQ0MrVzVYSHNkRzhNOFA2WDRZIiwibWFjIjoiNWUxN2NjNWI2OTU2ZmUxNzQzYzZiNDJlMDNhNDZlZDVkNDM3ZGRmMzJmZDNkODM5ZWFmYmM5MDM2NWUyOTEwNyJ9
:path: /font/roboto/Roboto-Light.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: paste.co.id
referer: https://paste.co.id/css/mdb.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:21 GMT
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
etag: "c0e4-5be452f6-900467;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 49380
expires: Tue, 03 Aug 2021 06:26:21 GMT

GET
H3-29 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 15ms
13ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://paste.co.id
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617, 617
age: 797323
cdn-cachedat: 2021-06-08 21:27:38
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: cdafe510690689dc875ca0596a5bcb9b
accept-ranges: bytes
cf-ray: 6753cbb4b8794a9e-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 Roboto-Regular.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 85ms
83ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Regular.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0

Request headers

sec-fetch-mode: cors
origin: https://paste.co.id
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6IkcyQkltMW5RQTAxT01TMmJDK0pGaEE9PSIsInZhbHVlIjoiMWd2VEdZU29JWjRnV1JNVG5zOXg2Q0F1RnpGVUp6ZFFFZ1Q3ank1VENxamdjVW85UEFXWTlFbmQ2QWpXXC9sQTgiLCJtYWMiOiJjZDNhNTQxZmU0YWNjYWVhNDIwN2EzMTJiMDQxNGQ0MDMxNzc2YmYzNDA5Mzk5YjAxMDFjYTVmOWNjODE3NDkzIn0%3D; pasteshr_session=eyJpdiI6ImpcL1dwUXVHRWhFRHVDRTIxXC9wcUcydz09IiwidmFsdWUiOiJsMFJWMU5XSHAyY1U1OXppY3FuZWpPN1lOcUs0YzJ5YlVBd1NyVHRYdExhQm5DQ0MrVzVYSHNkRzhNOFA2WDRZIiwibWFjIjoiNWUxN2NjNWI2OTU2ZmUxNzQzYzZiNDJlMDNhNDZlZDVkNDM3ZGRmMzJmZDNkODM5ZWFmYmM5MDM2NWUyOTEwNyJ9
:path: /font/roboto/Roboto-Regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: paste.co.id
referer: https://paste.co.id/css/mdb.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:21 GMT
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
etag: "c054-5be452f6-900463;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 49236
expires: Tue, 03 Aug 2021 06:26:21 GMT

GET
H3-29 200 Roboto-Bold.woff2
paste.co.id/font/roboto/ 49 KB
49 KB 68ms
68ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Bold.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716

Request headers

sec-fetch-mode: cors
origin: https://paste.co.id
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6IkcyQkltMW5RQTAxT01TMmJDK0pGaEE9PSIsInZhbHVlIjoiMWd2VEdZU29JWjRnV1JNVG5zOXg2Q0F1RnpGVUp6ZFFFZ1Q3ank1VENxamdjVW85UEFXWTlFbmQ2QWpXXC9sQTgiLCJtYWMiOiJjZDNhNTQxZmU0YWNjYWVhNDIwN2EzMTJiMDQxNGQ0MDMxNzc2YmYzNDA5Mzk5YjAxMDFjYTVmOWNjODE3NDkzIn0%3D; pasteshr_session=eyJpdiI6ImpcL1dwUXVHRWhFRHVDRTIxXC9wcUcydz09IiwidmFsdWUiOiJsMFJWMU5XSHAyY1U1OXppY3FuZWpPN1lOcUs0YzJ5YlVBd1NyVHRYdExhQm5DQ0MrVzVYSHNkRzhNOFA2WDRZIiwibWFjIjoiNWUxN2NjNWI2OTU2ZmUxNzQzYzZiNDJlMDNhNDZlZDVkNDM3ZGRmMzJmZDNkODM5ZWFmYmM5MDM2NWUyOTEwNyJ9
:path: /font/roboto/Roboto-Bold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: paste.co.id
referer: https://paste.co.id/css/mdb.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:21 GMT
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
etag: "c338-5be452f6-900465;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 49976
expires: Tue, 03 Aug 2021 06:26:21 GMT

GET
H2 200 / Show response
bedrapiona.com/5/3724584/ 3 KB
2 KB 166ms
53ms XHR
application/json 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/3724584/?oo=1
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5cd7c348a49eaa1d24807d61a7e8274c519b4dd9816886255e25ee7e0f6a207b

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 140e88b4aa6abc7e0c77f8226fbbc45c
pragma: no-cache, no-cache
date: Tue, 27 Jul 2021 06:26:21 GMT
content-encoding: gzip
server: nginx
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://paste.co.id
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210722/r20190131/ 250 KB
93 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210722/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4712388827405335&plah=paste.co.id&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4ac644803de23d3f8e60d6eb1bfec6c182214bb78c2cba1e0efeefe0bb95234

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95207
x-xss-protection: 0
server: cafe
etag: 9667253005186430178
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 27 Jul 2021 06:26:21 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210722/r20190131/ Frame 94BF 10 KB
5 KB 28ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210722/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210722/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 27 Jul 2021 02:59:38 GMT
expires: Tue, 10 Aug 2021 02:59:38 GMT
content-type: text/html; charset=UTF-8
etag: 4389807852502320046
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 12403
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zone Show response
seeptoag.net/ 698 B
982 B 57ms
55ms Fetch
application/json 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/zone?pub=0&zone_id=3534037&is_mobile=false&domain=paste.co.id&var=&ymid=&var_3=

Requested by

Host: seeptoag.net
URL: https://seeptoag.net/ntfc.php?p=3534037

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

19a878ba4d23ea5e0c3f0cfbb843c4fde17a25335f0de62878754cd5fdebb6ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 34b7a17bcc06b3ffb258cb0c53827745
date: Tue, 27 Jul 2021 06:26:21 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 698

GET
H2 200 universal.min.js Show response
seeptoag.net/pfe/current/ 106 KB
38 KB 154ms
50ms Fetch
application/javascript 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/pfe/current/universal.min.js?v=3.1.301
Requested by: Host: seeptoag.net
URL: https://seeptoag.net/ntfc.php?p=3534037
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5362095703d6cf47a8ebe3c02e9f5b46e43d322f7152da10bfaaceaed202a0f5

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:21 GMT
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 14:49:10 GMT
server: nginx
etag: W/"60f6e266-1a633"
content-type: application/javascript
access-control-allow-origin: https://paste.co.id
cache-control: no-cache
access-control-allow-credentials: true

GET
H3-29 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/ 10 KB
4 KB 14ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/plugins/prismjs/prism.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3124441
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2905
cf-request-id: 0ace027812000096e69880a000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e29-29a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afI%2F7XQKS%2BuNs0QqSNIdkOk10qpL61rwLhcY32MZxjTY2BHh%2Fcf%2B8yLaiHOQPocXKwyrwmSUDYK1q%2FBAc79%2BYUpBsxgBs8n6Bx3KfDpSJT%2BnaeU0mkZ4Lg5Pcvb%2BywWZKe9DvTAEqEM90x5tyJLVPqh9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6753cbb7bd382bc6-FRA
expires: Sun, 17 Jul 2022 06:26:22 GMT

GET
H2 200 3724582 Show response
dozubatan.com/400/ 83 KB
30 KB 176ms
73ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dozubatan.com/400/3724582

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2e2e3b1721d42b94fab9b9c017c27045e7c25fbc6a7e0fb943e0ef101a7cb8ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 7975e044630c4e0670ed2edea0d6c584
pragma: no-cache
date: Tue, 27 Jul 2021 06:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 tag.min.js Show response
pseepsie.com/pfe/current/ 14 KB
6 KB 159ms
51ms Script
application/javascript 139.45.196.136
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pseepsie.com/pfe/current/tag.min.js?z=4022315
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.136 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: a505a0ff6bdf721f980d4924565d1f1ac66d3a383fc8728cf91a8206a5bcec48

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:22 GMT
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 14:49:10 GMT
server: nginx
etag: W/"60f6e266-380b"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 1 Show response
toglooman.com/ 7 KB
4 KB 163ms
51ms Script
text/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/1?z=3724583
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c25048cebbb01555c35281d80dfd6d8adb21ccd16d26ce1546e1364eef444f64

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:19 GMT
content-encoding: gzip
x-sc: h46902brcQ5TOhKxjoedllf9EjLdkTwoodp1U5cqKDwSThxrfk_b6x52ri9vp5eYawbmrBEUaj810nLUBI5fz1YdZyM=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fac.php Show response
onmarshtompor.com/ Frame 8107 203 B
833 B 153ms
50ms Document
text/html 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/fac.php?OAID=2d482b09776741bc983dbf074e2de088&oaidts=1627367181

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

6483200efaa4fc140b0b531e6ed55546a1f6d6af6b4142cd30643493049868f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onmarshtompor.com
:scheme: https
:path: /fac.php?OAID=2d482b09776741bc983dbf074e2de088&oaidts=1627367181
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

server: nginx
date: Tue, 27 Jul 2021 06:26:22 GMT
content-type: text/html; charset=utf8
content-length: 203
x-trace-id: a05aeb84b62b33f5c80dbc8fb96199c1
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
set-cookie: OAID=2d482b09776741bc983dbf074e2de088; expires=Wed, 27 Jul 2022 06:26:22 GMT; path=/; secure; SameSite=None oaidts=1627367181; expires=Wed, 27 Jul 2022 06:26:22 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff

POST
H3-29 200 get-paste Show response
paste.co.id/ 8 KB
9 KB 2748ms
2748ms XHR
application/json 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/get-paste
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8e3a2e9e361fe012b08a036f27f382d92bea9fa293bf52198580ddfe0c8c5c99

Request headers

sec-fetch-mode: cors
origin: https://paste.co.id
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: XSRF-TOKEN=eyJpdiI6IkcyQkltMW5RQTAxT01TMmJDK0pGaEE9PSIsInZhbHVlIjoiMWd2VEdZU29JWjRnV1JNVG5zOXg2Q0F1RnpGVUp6ZFFFZ1Q3ank1VENxamdjVW85UEFXWTlFbmQ2QWpXXC9sQTgiLCJtYWMiOiJjZDNhNTQxZmU0YWNjYWVhNDIwN2EzMTJiMDQxNGQ0MDMxNzc2YmYzNDA5Mzk5YjAxMDFjYTVmOWNjODE3NDkzIn0%3D; pasteshr_session=eyJpdiI6ImpcL1dwUXVHRWhFRHVDRTIxXC9wcUcydz09IiwidmFsdWUiOiJsMFJWMU5XSHAyY1U1OXppY3FuZWpPN1lOcUs0YzJ5YlVBd1NyVHRYdExhQm5DQ0MrVzVYSHNkRzhNOFA2WDRZIiwibWFjIjoiNWUxN2NjNWI2OTU2ZmUxNzQzYzZiNDJlMDNhNDZlZDVkNDM3ZGRmMzJmZDNkODM5ZWFmYmM5MDM2NWUyOTEwNyJ9; __PPU_BACKCLCK_3724584=true
content-length: 63
:path: /get-paste
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: paste.co.id
referer: https://paste.co.id/OoDWFPYnpD
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://paste.co.id/OoDWFPYnpD
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 27 Jul 2021 06:26:24 GMT
server: LiteSpeed
x-ratelimit-remaining: 58
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
set-cookie: XSRF-TOKEN=eyJpdiI6InBMK21abE10SW9BeWs3WDVjN2prVnc9PSIsInZhbHVlIjoiUmlDYndEU29mQkZURmNaVU9YYUJIcVdmcjJDZ3F4Q3BCak93VGl1SmFTMnc0QTFGYUh5U2doUHlDdWpOaEV3RiIsIm1hYyI6ImE2NDU1NjYyODE5ZjE5YWNhNjU0MjM5ZTU4MmY5MmY5NDIwZjliOWY3ZDQwYmY1OTg5M2IxOWI5NzhkNzI4NzUifQ%3D%3D; expires=Tue, 27-Jul-2021 08:26:24 GMT; Max-Age=7200; path=/ pasteshr_session=eyJpdiI6IlVBTUpMcDRzelF2RERCSGM5Q1VBK3c9PSIsInZhbHVlIjoiVTdnekdsWmF4N3VwYVJGaU42TXZKakJcL0pBSEVkWTgrY3p0Z0ozMjd3Q3ZQNlBvUTUzV0NvaGt0V1I4TDZEcXciLCJtYWMiOiI4ODA1YmJlODQwMzEwYzNmOTVjNGEyOTlhNTA5ZWMyZWYwYmZkOGNjMDhmMjVkNjgzZWVhNGVlNWEwZGRmMjEwIn0%3D; expires=Tue, 27-Jul-2021 08:26:24 GMT; Max-Age=7200; path=/; httponly
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 / Show response
c.mgid.com/pv/ 0
281 B 143ms
141ms Script
text/plain 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=162736718216131285252&uniqId=1591c&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&lu=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&pageView=1&pvid=17ae6a48f51833970fd&site=414527&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6753cbb899f5503d-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 38ms
37ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 4734
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: B9201827F81D32DC
x-amz-id-2: oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6753cbb8a9fe503d-WAW
expires: Wed, 28 Jul 2021 06:26:22 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
905 B 38ms
37ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 4754
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 1D76EA8A206ECCA7
x-amz-id-2: lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 6753cbb8a9fd503d-WAW
expires: Wed, 28 Jul 2021 06:26:22 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137362802-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-174907544-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b96dd4948a653a14d12bdbe662db0ea7e0cb5fe759faa34adc9ca88bbf34988b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39967
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Jul 2021 06:26:22 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
657 B 149ms
52ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=paste.co.id&callback=_gfp_s_&client=ca-pub-4712388827405335

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210722/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4712388827405335&plah=paste.co.id&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

72f4f2e969c8e5abc9f281cff28bddf2496dc4e324a506ce87a7193951887550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 41ms
20ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=paste.co.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Jul 2021 06:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 35ms
14ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paste.co.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Jul 2021 06:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 204B 12 KB
5 KB 162ms
161ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1627367182&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627367181697&bpp=5&bdt=558&idt=540&shv=r20210722&ptt=9&saldr=aa&abxe=1&nras=1&correlator=828915762694&frm=20&pv=2&ga_vid=191740207.1627367182&ga_sid=1627367182&ga_hid=545455367&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061847&oid=3&pvsid=498366174570128&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=557

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

775f660b2af8a84c59413b476b7f1ba44727f78ef31ea71bc123c2a6901106e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1627367182&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627367181697&bpp=5&bdt=558&idt=540&shv=r20210722&ptt=9&saldr=aa&abxe=1&nras=1&correlator=828915762694&frm=20&pv=2&ga_vid=191740207.1627367182&ga_sid=1627367182&ga_hid=545455367&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061847&oid=3&pvsid=498366174570128&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=557
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 27 Jul 2021 06:26:22 GMT
server: cafe
content-length: 4612
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 27-Jul-2021 06:41:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Jul 2021 06:26:22 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

727d06f38b813004baa0b6a9c96c24e2bce04b7be4c05f9486499f4250f9a772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627298829912756"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Tue, 27 Jul 2021 06:26:22 GMT

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 81ms
80ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?pv=5&cbuster=162736718228277519398&uniqId=1591c&niet=4g&nisd=false&w=840&h=249&p3_w=201&p3_h=203&maxw_3=201&maxh_3=203&cols=4&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&lu=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&pageView=1&pvid=17ae6a48f51833970fd&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7f3ab4800b7426f12036618e23de1025757ef36a3683ca3c76258b182a1f66e

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6753cbb95ad3503d-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
2 KB 68ms
68ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?w=840&h=249&p3_w=201&p3_h=203&maxw_3=201&maxh_3=203&cols=4&pv=5&cbuster=162736718229328061580&uniqId=12e73&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&lu=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&pageView=0&pvid=17ae6a48f51833970fd&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abdc900d43b95f09df54d547a03fc9f1f7bc9510e1e53108ac4cc6462c4c0f4e

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6753cbb96aed503d-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 71ms
71ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?w=255&h=441&p3_w=90&p3_h=177&maxw_3=90&maxh_3=177&cols=2&pv=5&cbuster=1627367182296748736488&uniqId=0cb1a&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&lu=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&pageView=0&pvid=17ae6a48f51833970fd&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9c11c224bfec6f529527299f7d3a0495399c30b2fb642d6d2ffd46ec6504710

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6753cbb96af2503d-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 zone Show response
pseepsie.com/ 667 B
951 B 52ms
51ms Fetch
application/json 139.45.196.136
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pseepsie.com/zone?pub=0&zone_id=4022315&is_mobile=false&domain=paste.co.id&var=&ymid=&var_3=

Requested by

Host: pseepsie.com
URL: https://pseepsie.com/pfe/current/tag.min.js?z=4022315

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.136 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

9796c28c9c165b89f7f52bbea0eaeeff39e0108f905e56409e89c4452a0e2bb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: bb5e6930dcdaa83360f4098bd1e5650b
date: Tue, 27 Jul 2021 06:26:22 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 667

GET
H2 200 universal.min.js Show response
pseepsie.com/pfe/current/ 106 KB
38 KB 198ms
98ms Fetch
application/javascript 139.45.196.136
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pseepsie.com/pfe/current/universal.min.js?v=3.1.301
Requested by: Host: pseepsie.com
URL: https://pseepsie.com/pfe/current/tag.min.js?z=4022315
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.136 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5362095703d6cf47a8ebe3c02e9f5b46e43d322f7152da10bfaaceaed202a0f5

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:22 GMT
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 14:49:10 GMT
server: nginx
etag: W/"60f6e266-1a633"
content-type: application/javascript
access-control-allow-origin: https://paste.co.id
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 d7765da6785186413e49cdf1a950aa95 Show response
toglooman.com/27/ 362 KB
119 KB 75ms
74ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://toglooman.com/27/d7765da6785186413e49cdf1a950aa95

Requested by

Host: toglooman.com
URL: https://toglooman.com/1?z=3724583

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

fd7cbcfcdce4e767127a44fdabc54fe1703cad708422c0054796cb902c9d0780

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Jul 2021 09:30:41 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age:290304000, public
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Wed, 20 Aug 2081 09:30:41 GMT

GET
H2 200 38 Show response
toglooman.com/42/ 0
494 B 132ms
132ms Script
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/42/38?z=3724583
Requested by: Host: toglooman.com
URL: https://toglooman.com/1?z=3724583
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:19 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 img.gif
my.rtmark.net/ Frame 8107 43 B
491 B 153ms
50ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=2d482b09776741bc983dbf074e2de088

Requested by

Host: onmarshtompor.com
URL: https://onmarshtompor.com/fac.php?OAID=2d482b09776741bc983dbf074e2de088&oaidts=1627367181

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://onmarshtompor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137362802-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 1074
date: Tue, 27 Jul 2021 06:08:28 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Tue, 27 Jul 2021 08:08:28 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 55ms
55ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

dbe0619c2e857302b7ead07287208fba0580b071684e64f7e4fe31afd99733da

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
772 B 71ms
69ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1627367182450866595823
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74463bf4caecd06c992223a01003aca0cdacdc2a3d43416e6aedf68eb6a98187

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: c849ed01-c0c7-4c52-816c-5822e2cc2b4e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6753cbba6c2e503d-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 32D7 19 B
327 B 80ms
80ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1627367182455207422892
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 15183a21-6562-4c4c-a081-5ddee523a22b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6753cbba6c35503d-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 223ms
73ms Script
application/javascript 13.224.111.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.111.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-111-48.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:07:46 GMT
via: 1.1 adaa7e69b304066aa4eaf0d2190ecfd7.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1117
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: 6RPPjisTYPtzTvf4HreDcgc3x8FAJcUb4fbTHOp0yLiMGspijb-eyA==

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzFjMDgwZWRhYWYxOGQwYWFhZmI4NDNjMWJjZTZkZDhkLnBuZw.webp
s-img.mgid.com/g/8193536/492x328/24x0x530x353/ 15 KB
15 KB 45ms
43ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193536/492x328/24x0x530x353/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzFjMDgwZWRhYWYxOGQwYWFhZmI4NDNjMWJjZTZkZDhkLnBuZw.webp?v=1627367182-jQLo-FCoZQUQ-1W1VWSNDwswW2bzu_33pRucmLsDRvY
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 116e11b0e60d3fbee191c04447957deeaac6bc02604b29abefa1bf0b3a7ab3bb

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Feb 2021 07:15:18 GMT
x-mg-request-uuid: eff379d2-8738-47e0-89fd-0204f31bd9d2
age: 6988532
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6753cbba6c3c503d-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15088
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC81MTkxYzA2OTg5NGRjNmYzN...
s-img.mgid.com/g/8164852/492x328/-/ 22 KB
22 KB 39ms
37ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164852/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC81MTkxYzA2OTg5NGRjNmYzNTQ3ZDA4ODNmMWMyYmJkOC5qcGc.webp?v=1627367182-j4zg-lsrJMIHLPyuVDYxQm_0f1NzdiqzSCTY3CWUbcw
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ac05781d1a4eec5d40e9b668ee97489a3c6adc8104e4f7610ce2f07b02cb2e7

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Feb 2021 10:20:26 GMT
x-mg-request-uuid: 4742e271-2e7c-4213-9841-54780cfc151f
age: 6988844
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6753cbba6c3b503d-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 22712
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTAxOTI0L2ZkNzY2MWU0NDcxOTUxMTUxODVlZGNlZjI0MWVjZWRkLnBuZw.webp
s-img.mgid.com/g/8164849/492x328/0x131x607x404/ 18 KB
18 KB 48ms
47ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164849/492x328/0x131x607x404/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTAxOTI0L2ZkNzY2MWU0NDcxOTUxMTUxODVlZGNlZjI0MWVjZWRkLnBuZw.webp?v=1627367182-wyUFtEtRhnS18tP1tviVzYXeWaSbgH_NlGnjW-5HPGg
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16d2eac72467e8931e76a59088381521c469cd08de7884eb65442a9a7744256b

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Feb 2021 10:20:30 GMT
x-mg-request-uuid: fb60b605-6942-43a3-bd1c-38af5dfbcf28
age: 7851990
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6753cbba6c3d503d-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18512
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp
s-img.mgid.com/g/8193501/492x328/16x0x492x328/ 10 KB
10 KB 36ms
34ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193501/492x328/16x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1627367182---lHOKTXd8VFffZGkP1HI0amqxlUsHfcKsnwC4bcyWE
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca24e2680f2545b64cfd196089e9e5ac5a3b6c9eec852492210239bb07402904

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Feb 2021 07:15:18 GMT
x-mg-request-uuid: 6d522aa8-e8b7-4fe7-b953-d49cb2744454
age: 6988843
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6753cbba6c3a503d-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10278
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2E4NDA5NTEwMTIzMTAwNWVmMTM2YjAzM2UyMDFlNTU5LnBuZw.webp
s-img.mgid.com/g/8164888/492x328/0x82x614x409/ 13 KB
13 KB 65ms
64ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164888/492x328/0x82x614x409/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2E4NDA5NTEwMTIzMTAwNWVmMTM2YjAzM2UyMDFlNTU5LnBuZw.webp?v=1627367182-dOcuhf-3QOBoK3k3jmg7ZZItjDfcYr2mnsEdVpkhXFs
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecea4b30252d5bc011c7f9cafcac4239a9eb11f2dd8cd9dbc073073f875e8af8

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Feb 2021 10:20:35 GMT
x-mg-request-uuid: 433dceab-8015-4cd3-80d2-0128ad587810
age: 6988811
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6753cbba9c57503d-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13280
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp
s-img.mgid.com/g/8164909/492x328/16x0x492x328/ 10 KB
10 KB 70ms
69ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164909/492x328/16x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1627367182-DgMamaEbT3FTvt3COYDlxYGOsORX57ODkVxtiLwxLF0
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca24e2680f2545b64cfd196089e9e5ac5a3b6c9eec852492210239bb07402904

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Feb 2021 10:20:19 GMT
x-mg-request-uuid: 2dde2ca5-e04a-461f-a9e9-24c1a09bbacb
age: 6988830
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6753cbba9c59503d-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10278
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp
s-img.mgid.com/g/8164883/492x328/0x0x492x328/ 12 KB
12 KB 50ms
49ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164883/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp?v=1627367182-1vemWebT2vu9wSnUkNV34ag3et86mLU99ug303MtfHs
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8c3f71afbeeed7e2dd4c4f436a8f1b75b8cc09a9849ef2f842016500d0f4788

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Feb 2021 10:20:18 GMT
x-mg-request-uuid: 09ac519a-808f-4ed1-83c2-0a51d3f52b68
age: 6988844
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6753cbba9c5a503d-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12392
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDQvMTAxOTI0L2FlN2U2N2JjOGZkZjhjYTYzYjUxZjAyMmE5MjM1ZWE2LmpwZWc.webp
s-img.mgid.com/g/8193518/492x328/51x14x674x449/ 10 KB
11 KB 66ms
66ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193518/492x328/51x14x674x449/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDQvMTAxOTI0L2FlN2U2N2JjOGZkZjhjYTYzYjUxZjAyMmE5MjM1ZWE2LmpwZWc.webp?v=1627367182-bGmy5C-OjVkZ4A3hGnIfyVRZzLiysazJwrnWKztejXM
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 653c87ed6c7eb7fe23dfc3bbe5ab1799cba3bd1bbda3ad2748439fc61c70ce9b

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Feb 2021 07:15:15 GMT
x-mg-request-uuid: aef799e0-575e-40c8-8304-69969d8b2ec4
age: 6988849
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6753cbba9c5c503d-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10596
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp
s-img.mgid.com/g/8164865/492x328/0x0x900x600/ 21 KB
22 KB 50ms
49ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164865/492x328/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp?v=1627367182-VGu7VcuDEaf_JEsk5x8fXO2UFCFIcjNrZEzg9oIsx78
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab2ce846645a378c14a61fb0d42a9ef4078e67db914d2d85ecd47c855fecfcc0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:33:59 GMT
x-mg-request-uuid: a5ecf98a-c2c1-4179-a904-73026a1d56d4
age: 6384855
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6753cbba9c5e503d-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 21960
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTEtMDYvMTAxOTI0LzgyNzNlNDE2YjU0YThjNTEyYTc1YTEzODQ0NTk0MWUwLmpwZWc_dD0xNTQxNTIyODc3NDIz.webp
s-img.mgid.com/g/8164839/492x328/21x11x492x328/ 8 KB
8 KB 58ms
57ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164839/492x328/21x11x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTEtMDYvMTAxOTI0LzgyNzNlNDE2YjU0YThjNTEyYTc1YTEzODQ0NTk0MWUwLmpwZWc_dD0xNTQxNTIyODc3NDIz.webp?v=1627367182-QcLY2CjJif8uaqeUbpjB0f_JEiGoh0AK8WhMNHG3GO0
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 982ad5595ec22477308c719730592c9b3be1863cb955a85ccfc3e73583b438e9

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
cf-cache-status: HIT
last-modified: Mon, 08 Feb 2021 10:20:23 GMT
x-mg-request-uuid: fc39632c-e0ca-4d15-9a6a-0ed533b498cf
age: 6988858
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6753cbba9c5f503d-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8384
server: cloudflare

OPTIONS
H2 204 9
toglooman.com/ Frame 0
0 152ms
50ms Preflight 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=3724583&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&sah=1200&drf=&hil=2&ist=0
Protocol: H2
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 27 Jul 2021 06:26:22 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://paste.co.id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 online.js Show response
static.lalaping.com/ 84 KB
34 KB 52ms
29ms Script
application/javascript 2606:4700:20::681a:97b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lalaping.com/online.js?ver=2.0.0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/d7765da6785186413e49cdf1a950aa95
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:97b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 17:10:39 GMT
server: cloudflare
age: 5796
etag: W/"5fbbed0f-14f3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BBZ%2BG4CibUzZVkO3TZXx9kLipo7YlzXYOvP2Wk6eSrNyHefL5%2BpP469nJyQOEywAMH04BpOQhD0WU3Upz2AcvveWKw%2BmT2EGyCiod0mHfY0GGqhC8NyHaqh%2Bu2eNipLPBJA7F3Do%2FLK3WmQEt3DOA4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6753cbbb0ed22c3a-FRA

POST
H2 204 9 Show response
toglooman.com/ 0
505 B 52ms
51ms XHR
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=3724583&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&sah=1200&drf=&hil=2&ist=0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/d7765da6785186413e49cdf1a950aa95
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:20 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
onmarshtompor.com/ 1 KB
2 KB 54ms
54ms Fetch
application/json 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/?rb=5qUkW1MpbjCqira8mJvlFrERo4Lh8yKArpTOW8MjZx-5ceMiq-fLsy3WbLsLr1EzWIUYGsTl44zio6MKD_AwqkwYYOEzUpU6ZCdfuGA2eirVm_IsMFuRVwaKd3xdv1xMbd2MZTp8-_fUm_X2MFGmhe9ptFi59y-qk86mDukJIh7jNzJemK0oiEWIG28FOBCA8GtP-Uby497281SGiTcA-RJybgkqZt4ANKvTtXmvFskUor2cU3k9uu_wPgYr6qp5po1c1rXDHRpBnc1n6PwYh4UfmWQ%3D&zoneid=3724584&request_ab2=24103&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&pl=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=1&m=link

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

33a196c6910d721f6ac26ea2e8d1edaf0d6723f0b23464ea6b18d3c90b93bd4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://paste.co.id
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 29ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=paste.co.id

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Jul 2021 06:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paste.co.id

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Jul 2021 06:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0C9D 436 B
238 B 137ms
137ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.1227730195~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1627367182&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627367182569&bpp=2&bdt=1430&idt=-M&shv=r20210722&ptt=9&saldr=aa&abxe=1&cookie=ID%3D557ff34c68c3c34d-22c59ba678c9007f%3AT%3D1627367182%3ART%3D1627367182%3AS%3DALNI_MZ8_rXL1qqtvnD-Nh0uXH7YrRRzGg&prev_fmts=0x0&nras=2&correlator=828915762694&frm=20&pv=1&ga_vid=191740207.1627367182&ga_sid=1627367182&ga_hid=545455367&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1407&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061847&oid=3&pvsid=498366174570128&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6ZKu7dfhVy&p=https%3A//paste.co.id&dtd=17

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7b390dbf936b5c94f0880aaba33257df65c879b6088b40f358f514e774d1d0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=3809598800&adf=1056458448&pi=t.aa~a.1227730195~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1627367182&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627367182569&bpp=2&bdt=1430&idt=-M&shv=r20210722&ptt=9&saldr=aa&abxe=1&cookie=ID%3D557ff34c68c3c34d-22c59ba678c9007f%3AT%3D1627367182%3ART%3D1627367182%3AS%3DALNI_MZ8_rXL1qqtvnD-Nh0uXH7YrRRzGg&prev_fmts=0x0&nras=2&correlator=828915762694&frm=20&pv=1&ga_vid=191740207.1627367182&ga_sid=1627367182&ga_hid=545455367&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1407&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061847&oid=3&pvsid=498366174570128&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6ZKu7dfhVy&p=https%3A//paste.co.id&dtd=17
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 27 Jul 2021 06:26:22 GMT
server: cafe
content-length: 214
x-xss-protection: 0
set-cookie: IDE=AHWqTUnAyDWfJh804NPsI9R8jnEMve2JZpYrlVFn9H5d_Nfn5GcCrYlMZQXmKpq3dbI; expires=Sun, 21-Aug-2022 06:26:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Jul 2021 06:26:22 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 86E8 436 B
234 B 134ms
134ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=1213588912&adf=2179270891&pi=t.aa~a.2711115096~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1627367182&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627367182569&bpp=1&bdt=1430&idt=-M&shv=r20210722&ptt=9&saldr=aa&abxe=1&cookie=ID%3D557ff34c68c3c34d-22c59ba678c9007f%3AT%3D1627367182%3ART%3D1627367182%3AS%3DALNI_MZ8_rXL1qqtvnD-Nh0uXH7YrRRzGg&prev_fmts=0x0%2C1200x280&nras=3&correlator=828915762694&frm=20&pv=1&ga_vid=191740207.1627367182&ga_sid=1627367182&ga_hid=545455367&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061847&oid=3&pvsid=498366174570128&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zK3hfcN8BQ&p=https%3A//paste.co.id&dtd=21

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2ebc73c4f4a34ef3e31ace85c57c0897252615aa7aeab54e05f41d777f302dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=1213588912&adf=2179270891&pi=t.aa~a.2711115096~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1627367182&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627367182569&bpp=1&bdt=1430&idt=-M&shv=r20210722&ptt=9&saldr=aa&abxe=1&cookie=ID%3D557ff34c68c3c34d-22c59ba678c9007f%3AT%3D1627367182%3ART%3D1627367182%3AS%3DALNI_MZ8_rXL1qqtvnD-Nh0uXH7YrRRzGg&prev_fmts=0x0%2C1200x280&nras=3&correlator=828915762694&frm=20&pv=1&ga_vid=191740207.1627367182&ga_sid=1627367182&ga_hid=545455367&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1731&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061847&oid=3&pvsid=498366174570128&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=zK3hfcN8BQ&p=https%3A//paste.co.id&dtd=21
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 27 Jul 2021 06:26:22 GMT
server: cafe
content-length: 210
x-xss-protection: 0
set-cookie: IDE=AHWqTUkBpeE-tN9zTu-PAoUO-9phc2lFYK2KyA_2od_z3ksB44u2RU3EDTMTx2V8nDo; expires=Sun, 21-Aug-2022 06:26:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Jul 2021 06:26:22 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8A6B 436 B
235 B 135ms
135ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=90&adk=2820297975&adf=1011119886&pi=t.aa~a.2711115096~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1627367182&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x90&url=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627367182569&bpp=1&bdt=1430&idt=2&shv=r20210722&ptt=9&saldr=aa&abxe=1&cookie=ID%3D557ff34c68c3c34d-22c59ba678c9007f%3AT%3D1627367182%3ART%3D1627367182%3AS%3DALNI_MZ8_rXL1qqtvnD-Nh0uXH7YrRRzGg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=828915762694&frm=20&pv=1&ga_vid=191740207.1627367182&ga_sid=1627367182&ga_hid=545455367&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061847&oid=3&pvsid=498366174570128&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=npRCRpbWWw&p=https%3A//paste.co.id&dtd=25

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c66c096f2349da27f6d8e9c868057e795cef3ba47c5978ed9135f1d11ba17a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&h=90&adk=2820297975&adf=1011119886&pi=t.aa~a.2711115096~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1627367182&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x90&url=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627367182569&bpp=1&bdt=1430&idt=2&shv=r20210722&ptt=9&saldr=aa&abxe=1&cookie=ID%3D557ff34c68c3c34d-22c59ba678c9007f%3AT%3D1627367182%3ART%3D1627367182%3AS%3DALNI_MZ8_rXL1qqtvnD-Nh0uXH7YrRRzGg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=828915762694&frm=20&pv=1&ga_vid=191740207.1627367182&ga_sid=1627367182&ga_hid=545455367&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31061847&oid=3&pvsid=498366174570128&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=npRCRpbWWw&p=https%3A//paste.co.id&dtd=25
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 27 Jul 2021 06:26:22 GMT
server: cafe
content-length: 211
x-xss-protection: 0
set-cookie: IDE=AHWqTUkYsgqggbOXhRqq60_fnCO_lf_UfH6pBfykWQaig2AsxD676IAj3Z69AsMjS80; expires=Sun, 21-Aug-2022 06:26:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Jul 2021 06:26:22 GMT
cache-control: private

GET
H2 200 3509488 Show response
inpagepush.com/500/ 4 KB
2 KB 54ms
54ms XHR
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3509488?excludes=&oaid=cc89975551c94947bd37dcc837958c5a&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=9&pl=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

72ea2a1ea3bfcfcf509c1f07a70015b4a4e7b08197643661eae97d56a940d4b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 758b94e0f12f247daf62811557be81fa
pragma: no-cache
date: Tue, 27 Jul 2021 06:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H2 200 3509488
inpagepush.com/500/ Frame 0
0 152ms
50ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 27 Jul 2021 06:26:22 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://paste.co.id
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=545455367&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&ul=en-us&de=UTF-8&dt=box%20office%20movies%202021%20-%20Paste.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=47788611&gjid=1395610041&cid=191740207.1627367182&tid=UA-137362802-1&_gid=165078949.1627367183&_r=1&gtm=2ou7l1&z=492727599

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=545455367&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&ul=en-us&de=UTF-8&dt=box%20office%20movies%202021%20-%20Paste.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAUABAAAAAC~&jid=869037743&gjid=1830096143&cid=191740207.1627367182&tid=UA-174907544-1&_gid=165078949.1627367183&_r=1&gtm=2ou7l1&z=776461935

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame C762
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

281 B
554 B

141ms
47ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1627367182450866595823
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://paste.co.id/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 27 Jul 2021 06:26:22 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Tue, 27 Jul 2021 06:26:22 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=ARwdsoiQdBA7uuyglK5D&pi=mgid&tc=1

43 B
542 B

90ms
70ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=ARwdsoiQdBA7uuyglK5D&pi=mgid&tc=1
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:22 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: a68ecf27-71ae-461f-a8e6-77e255995ba4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6753cbbd1a16f2a4-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=ARwdsoiQdBA7uuyglK5D&pi=mgid&tc=1
pragma: no-cache
date: Tue, 27 Jul 2021 06:26:22 GMT, Tue, 27 Jul 2021 06:26:22 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l6qmSJknkiqn
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=

42 B
775 B

187ms
48ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 27 Jul 2021 06:26:22 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H3-29

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDZxbVNKa25raXFu&muidn=l6qmSJknkiqn
https://cm.mgid.com/google?muidn=l6qmSJknkiqn&google_ula={guid},5&google_gid=CAESECjT4nyzGqfgzIIqxbsnHPc&google_cver=1

0
369 B

101ms
70ms

Image
text/plain

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l6qmSJknkiqn&google_ula={guid},5&google_gid=CAESECjT4nyzGqfgzIIqxbsnHPc&google_cver=1
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6753cbbd1a17f2a4-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l6qmSJknkiqn&google_ula={guid},5&google_gid=CAESECjT4nyzGqfgzIIqxbsnHPc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l6qmSJknkiqn
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l6qmSJknkiqn
https://cm.mgid.com/m?cdsp=433145&c=735a74f4-a6cc-4308-865a-472ecd69b329&gdpr=&gdpr_consent=&us_privacy=

43 B
506 B

99ms
72ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=735a74f4-a6cc-4308-865a-472ecd69b329&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:22 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 552318f4-4125-497e-97eb-18b1cbe49cba
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6753cbbd1a18f2a4-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=735a74f4-a6cc-4308-865a-472ecd69b329&gdpr=&gdpr_consent=&us_privacy=
date: Tue, 27 Jul 2021 06:26:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=092b373a-c2b7-4f3d-93bb-aca2108b42d0&ttl=1629959182

43 B
522 B

71ms
71ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=092b373a-c2b7-4f3d-93bb-aca2108b42d0&ttl=1629959182
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:23 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: d0e5175e-bd17-4e1e-8db5-37dfdd951a2f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6753cbbe0b28f2a4-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:22 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=092b373a-c2b7-4f3d-93bb-aca2108b42d0&ttl=1629959182
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
414 B 134ms
71ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l6qmSJknkiqn
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6753cbbc0cfc1636-WAW
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
496 B 139ms
67ms Image
image/gif 104.19.216.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l6qmSJknkiqn
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6753cbbc1d930009-WAW
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BU...
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BU...
https://x.bidswitch.net/sync?dsp_id=429&user_id=926c63e3-0692-52d0-8571-2e8fe58e8981&ssp=mgid&expires=30&user_group=1
https://cm.mgid.com/m?cdsp=433145&c=735a74f4-a6cc-4308-865a-472ecd69b329&gdpr=&gdpr_consent=&us_privacy=

43 B
522 B

100ms
99ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=735a74f4-a6cc-4308-865a-472ecd69b329&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:23 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: b8cf690f-a929-4ed4-a93b-c5b07fee8b08
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6753cbbeabb5f2a4-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=735a74f4-a6cc-4308-865a-472ecd69b329&gdpr=&gdpr_consent=&us_privacy=
date: Tue, 27 Jul 2021 06:26:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
431 B 45ms
15ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-137362802-1&cid=191740207.1627367182&jid=47788611&gjid=1395610041&_gid=165078949.1627367183&_u=YAhAAUAAAAAAAC~&z=843154887

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 27 Jul 2021 06:26:22 GMT
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 5 KB
5 KB 34ms
15ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5087
x-xss-protection: 0
expires: Tue, 27 Jul 2021 06:26:22 GMT

GET
H2 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 33ms
14ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5969
x-xss-protection: 0
expires: Tue, 27 Jul 2021 06:26:22 GMT

GET
H3-29 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 13 KB
13 KB 24ms
21ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13504
x-xss-protection: 0
expires: Tue, 27 Jul 2021 06:26:22 GMT

GET
H3-29 200 googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 7 KB
7 KB 27ms
24ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
expires: Tue, 27 Jul 2021 06:26:22 GMT

GET
H3-29 200 googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 4 KB
4 KB 26ms
24ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3934
x-xss-protection: 0
expires: Tue, 27 Jul 2021 06:26:22 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1627367182695&ns_c=UTF-8&cv=3.5&c8=box%20office%20movies%202021%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1627367182695&ns_c=UTF-8&cv=3.5&c8=box%20office%20movies%202021%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&c9=

64 B
329 B

99ms
99ms

Image
image/gif

13.224.111.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1627367182695&ns_c=UTF-8&cv=3.5&c8=box%20office%20movies%202021%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&c9=
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.111.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-111-48.mad50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
via: 1.1 adaa7e69b304066aa4eaf0d2190ecfd7.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: VIJlTOYdSL80rhhWSZY39-t4Y2rqAzbfJH-Qhn8wwnn2rgaj7WxB1A==

Redirect headers

date: Tue, 27 Jul 2021 06:26:22 GMT
via: 1.1 adaa7e69b304066aa4eaf0d2190ecfd7.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1627367182695&ns_c=UTF-8&cv=3.5&c8=box%20office%20movies%202021%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&c9=
content-length: 215
x-amz-cf-id: QSfSw9d3CB8mrOeQyI35Bt2be1JUzLCO9DWvXumonIpejydFh-nhyg==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1627367182696&ns_c=UTF-8&cv=3.5&c8=box%20office%20movies%202021%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1627367182696&ns_c=UTF-8&cv=3.5&c8=box%20office%20movies%202021%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&c9=

64 B
330 B

98ms
98ms

Image
image/gif

13.224.111.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1627367182696&ns_c=UTF-8&cv=3.5&c8=box%20office%20movies%202021%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&c9=
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.111.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-111-48.mad50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
via: 1.1 adaa7e69b304066aa4eaf0d2190ecfd7.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: QLJd15_lqOX_TUL96dIQ4WAGUfYMkIGx9JB57Bl2Zpq-3-L-a4VIww==

Redirect headers

date: Tue, 27 Jul 2021 06:26:22 GMT
via: 1.1 adaa7e69b304066aa4eaf0d2190ecfd7.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1627367182696&ns_c=UTF-8&cv=3.5&c8=box%20office%20movies%202021%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&c9=
content-length: 215
x-amz-cf-id: 5IKiZ9_l9aYoyR_SGdfPSe6F68xfFHdx_beOWpcN1tUqjHBv4d996w==

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 27ms
24ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-137362802-1&cid=191740207.1627367182&jid=47788611&_u=YAhAAUAAAAAAAC~&z=1458935407

Requested by

Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 40ms
16ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-137362802-1&cid=191740207.1627367182&jid=47788611&_u=YAhAAUAAAAAAAC~&z=1458935407

Requested by

Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 custom
seeptoag.net/ Frame 0
0 53ms
53ms Preflight
text/plain 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: H2
Server: 139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 27 Jul 2021 06:26:22 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

POST
H2 200 custom Show response
seeptoag.net/ 39 B
322 B 71ms
70ms Fetch
application/json 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 9d34df3fc6d369ef10ce7ba1665f60d7
date: Tue, 27 Jul 2021 06:26:22 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 51ms
50ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=c0a4b0efc8eb49af943e86d663fac4e9&zoneId=3534037&checkDuplicate=true&ymid=&var=

Requested by

Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

dbe0619c2e857302b7ead07287208fba0580b071684e64f7e4fe31afd99733da

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:22 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 defaultSkin.min.js Show response
seeptoag.net/pfe/current/ 56 KB
19 KB 57ms
57ms Fetch
application/javascript 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/pfe/current/defaultSkin.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:22 GMT
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 14:49:10 GMT
server: nginx
etag: W/"60f6e266-df63"
content-type: application/javascript
access-control-allow-origin: https://paste.co.id
cache-control: no-cache
access-control-allow-credentials: true

GET
H/1.1 200
OK 0987259079146.png
static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/ 3 KB
4 KB 203ms
50ms Image
image/png 139.45.197.156
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/0987259079146.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c82db013fed13514116da0fca58e0a4ee83721d82a892d7ddab12cf2461aa2b0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 06:26:22 GMT
Last-Modified: Thu, 15 Oct 2020 16:08:39 GMT
Server: nginx
ETag: "5f887407-c2f"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 3119

GET
DATA 200
OK truncated
/ Frame 63B1 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H2 200 custom
seeptoag.net/ Frame 0
0 50ms
49ms Preflight
text/plain 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: H2
Server: 139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 27 Jul 2021 06:26:22 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

POST
H2 200 custom Show response
seeptoag.net/ 39 B
322 B 51ms
51ms Fetch
application/json 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 4546620dd6930e40c66a033cde279481
date: Tue, 27 Jul 2021 06:26:22 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C762 31 KB
10 KB 48ms
48ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c073ed097b0ca3d129f4372bfaa435a22beda0eaea4718196903f62f934f5eb2

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 06:26:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=15825
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9359
Expires: Tue, 27 Jul 2021 10:50:07 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame C762 284 B
934 B 186ms
46ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/jpg

GET
H3-29

200

m
cm.mgid.com/ Frame C762
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=mgid
https://cm.mgid.com/m?cdsp=43070&c=KRLOEIWM-20-F9S1

43 B
537 B

67ms
67ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=43070&c=KRLOEIWM-20-F9S1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:23 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 9ec4b179-3d07-4b82-af6e-011005ba293a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6753cbc02cfcf2a4-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.mgid.com/m?cdsp=43070&c=KRLOEIWM-20-F9S1
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H2 451 709414.gif
id.rlcdn.com/ Frame C762 0
66 B 111ms
50ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:23 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame C762
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMfp1uWCZHoochVCrvztvDs&google_cver=1

42 B
691 B

46ms
46ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMfp1uWCZHoochVCrvztvDs&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMfp1uWCZHoochVCrvztvDs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame C762
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/Tq0iDdGhAbt1sR5bIE-rWsn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4103295404916597071

42 B
691 B

46ms
46ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4103295404916597071
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

date: Tue, 27 Jul 2021 06:26:23 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4103295404916597071
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame C762 70 B
264 B 99ms
97ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C762
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JMT0VJV00tMjAtRjlTMQ==

170 B
188 B

71ms
70ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JMT0VJV00tMjAtRjlTMQ==

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JMT0VJV00tMjAtRjlTMQ==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame C762
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YP_nDwADQLQg-QA4
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YP_nDwADQLQg-QA4&_test=YP_nDwADQLQg-QA4

42 B
691 B

48ms
48ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YP_nDwADQLQg-QA4&_test=YP_nDwADQLQg-QA4
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:23 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1627367184.546933,VS0,VE0
x-served-by: cache-fra19179-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YP_nDwADQLQg-QA4&_test=YP_nDwADQLQg-QA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame C762
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=631d60ff-a70e-4e00-9b2c-2167ebefb48a

42 B
691 B

85ms
47ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=631d60ff-a70e-4e00-9b2c-2167ebefb48a
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

Date: Tue, 27 Jul 2021 06:26:13 GMT
Server: MT3 3810 5cb7d7e master zrh-pixel-x28
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=631d60ff-a70e-4e00-9b2c-2167ebefb48a
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 27 Jul 2021 06:26:12 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame C762
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KRLOEIWM-20-F9S1&sigv=1&esig=2~032c30b13064dde8a7e92ae00c3157ec034166eb

0
445 B

21ms
7ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KRLOEIWM-20-F9S1&sigv=1&esig=2~032c30b13064dde8a7e92ae00c3157ec034166eb

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:23 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KRLOEIWM-20-F9S1&sigv=1&esig=2~032c30b13064dde8a7e92ae00c3157ec034166eb
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

OPTIONS
H2 200 custom
seeptoag.net/ Frame 0
0 50ms
50ms Preflight
text/plain 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: H2
Server: 139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 27 Jul 2021 06:26:23 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 28ms
27ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210722&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d41c03bf6cb3a53b154e1c74ba1b301e413a8f7c8c76f3edea493617ef4b2b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Jul 2021 06:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8448
x-xss-protection: 0

POST
H2 200 custom Show response
seeptoag.net/ 39 B
322 B 69ms
69ms Fetch
application/json 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/OoDWFPYnpD

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 76f63e71920a960fec04cb45f9533fd5
date: Tue, 27 Jul 2021 06:26:23 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 32ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 06:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 27 Jul 2021 06:26:23 GMT

GET
H3-29 200 c
c.mgid.com/ 43 B
433 B 67ms
67ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=202|213|8|LB5zgMKgOzI0GUp9h2qzxk9f3wghoXbn9g3DfseEzMqdq86vTI2x15hzt0Vm4fLR&fw=1&extjs=66044&v=202|213|40|LB5zgMKgOzI0GUp9h2qzxmfxIohKgTQapH5U-J0tRKwpObhIl8z0D6uAewuBPeXQ&v=202|213|8|LB5zgMKgOzI0GUp9h2qzxnyVa3Js0Lr6R_JXvaX1tv1c-YSIWGwLMkmwQq73zV7s&v=202|213|8|LB5zgMKgOzI0GUp9h2qzxh7atdMgHrmjbNBx4PYjYgpn5wrN4KBHZwMfjcMa6MH4&cid=997452&h2=s6DTIq8_dmTag7EPnAov6d6lhdFi7APh64QfYtBqI0o*&rid=8fb843ae-eea3-11eb-a8db-d094662c1c35&tt=Direct&iv=11&pageImp=1&pvid=17ae6a48f51833970fd&cbuster=1627367183665586173605&tpl=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:23 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: ebedc0e0-1d31-41c1-a785-37f11292fd53
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6753cbc1ffd1f2a4-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H3-29 200 c
c.mgid.com/ 43 B
434 B 66ms
65ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?pv=3&v=202|213|8|LB5zgMKgOzI0GUp9h2qzxsu-wr3N0OJa-ePEtiJm6E_20DaG2-tPrqQ-akFdAP2w&fw=1&extjs=66044&v=202|213|8|LB5zgMKgOzI0GUp9h2qzxuXnmm5Q9Lv3jZG57x1OP0o2ei3cjzREYKTaznfY98jt&v=202|213|40|LB5zgMKgOzI0GUp9h2qzxs1YhRkAEQBsDBsGlTLquUeXq_6poO7x6o1jCJQBYn7Z&v=202|213|8|LB5zgMKgOzI0GUp9h2qzxjIdRfsank2YI8Lh79Nzy87cEQz-InYmTIGW7RRRxfKY&cid=997452&h2=s6DTIq8_dmTag7EPnAov6d6lhdFi7APh64QfYtBqI0o*&rid=8fb82fcb-eea3-11eb-a8db-d094662c1c35&tt=Direct&iv=11&pageImp=0&pvid=17ae6a48f51833970fd&cbuster=1627367183666537866923&tpl=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:23 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 764cf56b-7688-4ab1-b151-21641a63127f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6753cbc1ffd3f2a4-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H3-29 200 c
c.mgid.com/ 43 B
434 B 67ms
67ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?pv=3&v=90|203|24|LB5zgMKgOzI0GUp9h2qzxjIdRfsank2YI8Lh79Nzy86vurbrTYFQOGzD446GdUhA&fw=1&extjs=66044&v=90|203|24|LB5zgMKgOzI0GUp9h2qzxk9f3wghoXbn9g3DfseEzMr7DSEsRn4gz3qeolgUl4YX&cid=997452&h2=s6DTIq8_dmTag7EPnAov6d6lhdFi7APh64QfYtBqI0o*&rid=8fb88119-eea3-11eb-8dc9-d094662c24f7&tt=Direct&iv=11&pageImp=0&pvid=17ae6a48f51833970fd&cbuster=1627367183666166220929&tpl=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:23 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 86f3c5cb-1f47-43a8-96c2-d75f22dbc3de
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6753cbc1ffd7f2a4-WAW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 40B4 12 KB
5 KB 14ms
14ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 26 Jul 2021 19:05:01 GMT
expires: Tue, 26 Jul 2022 19:05:01 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 40882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FDCA 783 B
532 B 15ms
14ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8d13baa0a3bd066b9b225df3d5eb30cabfa9450f3d41e6c6ce646ae5fdb49d65

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-F7BApXmNfMjafaPSAUJsPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

expires: Tue, 27 Jul 2021 06:26:23 GMT
date: Tue, 27 Jul 2021 06:26:23 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-F7BApXmNfMjafaPSAUJsPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 1F0G3I6YlTVvecGNMd7Bu9yqy2V0Wx21RWer6UJxq00.js Show response
pagead2.googlesyndication.com/bg/ Frame 40B4 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1F0G3I6YlTVvecGNMd7Bu9yqy2V0Wx21RWer6UJxq00.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d45d06dc8e9895356f79c18d31dec1bbdcaacb65745b1db54567abe94271ab4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Jul 2021 10:53:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13212
x-xss-protection: 0
last-modified: Mon, 19 Jul 2021 15:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Jul 2022 10:53:00 GMT

OPTIONS
H/1.1 200
OK add
o.wowreality.info/api/log/ Frame 0
0 152ms
50ms Preflight 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Protocol: HTTP/1.1
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 27 Jul 2021 06:26:24 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://paste.co.id

POST
H/1.1 200
OK add Show response
o.wowreality.info/api/log/ 0
398 B 190ms
87ms XHR
text/plain 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Requested by: Host: static.lalaping.com
URL: https://static.lalaping.com/online.js?ver=2.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

Date: Tue, 27 Jul 2021 06:26:24 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 27ms
27ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210722&jk=498366174570128&bg=!5uWl5aHNAAb7_-tu-_87ACkAdvg8WqQ3Q0Y3V9hFXh_GMOYzshf66JE3vUkjAEEc26dC7-k17MorWAIAAACDUgAAAA1oAQeZAnBOn1mtQIJs-_PIiWZ2gOtCG5_3oSSX1Rowx7Yypyz1fBxWNvk4fILHzV4883Wlx8Vhjm603NfBvDFsnCrNOsFvCrbpcAyiSPYylCWNo0HMXoG6RVBleTbwsyqJybDvVqpvzv1TmwSFCa99K2LR9TvW9kux4vVJk5s4v5w2kjaCsqBVACOrX6oAfBSUWkKO4fiBwo_RS72BUxnZcPc2L0fSH6aKsUdGj9n_Z9TI71TGGuLwNE-FvbwvAjWNmBnziHVtFKvx1me_gNpmB11U2TBu36KThnu71qPjvvecAhkOVuuDeP00gdvEi2NAibiY_a_xkcJaq_wpNRY0lYJvi__TCScjYY1yHqKZAD86CqSP4qAlearprJn8h66hKIITBwP_1Mq0tPNyBpwjgRuxsaG5xIaf_mnZIzBp3kjFn3LKaO-F7gmhvG309z_QzbdYb9Mt9RGyjnDzYF1UG7KSRz2hb2h4sfetFlEpTAe6CkB6CWeR20oTGWqosoArf4ElrPh0Rv6m0_edSEe-m7mThb7PwMHUxITSGvEVPWBG1DBg51KDYDQkD2WWPivxyO-AWKGGrKSf-aKzyWAtDuevwW95KXOECjNyP99Hh4O4DLeTGVEgfhqmP9TZtTkUijnxZb1ZArjCbpSOlLLlsZXFfYOJgfgOSZvazzHsBrnu-UlDzYidG6yE78qBwSDFeO8B9A1ATzlYXUHDPw3magpXIGzrxb8_POnpQk5dRHMVF6v4yCOEDBQdBm56f5WPnEQbkt-A0ztuR8d5gfIMIiraArnL9_ghQRiajouLsHsduI5zEWEEiPkvBn5vQN78rT6bknk

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 06:26:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iq9mO5MAAiS79aPhaBv_dJSu8R7f9S_FYjo--Pz_FOwwDaEve8nEnGG2BnYIEBE_H6qjnzkb83y9sb3Ceb7YiXLuSpWZQbKOiBAlahuvenuO77vBgDV7QF_k1jntg82NabVJcIQNesxQ9JCtLkkWyzwJogzsBgpesV5jVdUX1hNfdEvmqLsCE42jlycTqP-uPLMKD...
itgiblean.com/impression/ 43 B
325 B 156ms
51ms Image
image/gif 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itgiblean.com/impression/iq9mO5MAAiS79aPhaBv_dJSu8R7f9S_FYjo--Pz_FOwwDaEve8nEnGG2BnYIEBE_H6qjnzkb83y9sb3Ceb7YiXLuSpWZQbKOiBAlahuvenuO77vBgDV7QF_k1jntg82NabVJcIQNesxQ9JCtLkkWyzwJogzsBgpesV5jVdUX1hNfdEvmqLsCE42jlycTqP-uPLMKDI9HZlJvt3V9JEFcaoQWNSwB_yJLejTMY35EZyYuADTJm0yV_BxV1AA0gGiErrUEUYiPbtY1_pzQQm7T9RuRFmZNJtvgHz3Iz0tfHBrKO33jPHoSdlNwGathpfcFj3kvng_yZmw7prAg8HBOO5FGCRMXZe0uF_Mf8ipuF-TMyEqAXczo0VC44hNz4e_IBRdIPYoQPVOIwo1f09XQNg==?_z=3509488&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=12&pl=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: fc171efe35277a86161abc2c32c9b62a
pragma: no-cache
date: Tue, 27 Jul 2021 06:26:32 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
content-length: 43
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 0987259079146.png
static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/ Frame FA49 3 KB
4 KB 52ms
52ms Image
image/png 139.45.197.156
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/e0/1e/8b/095d92770932e3a54460ad4ffd/0987259079146.png
Requested by: Host: inpagepush.com
URL: https://inpagepush.com/400/3509488
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c82db013fed13514116da0fca58e0a4ee83721d82a892d7ddab12cf2461aa2b0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 06:26:32 GMT
Last-Modified: Thu, 15 Oct 2020 16:08:39 GMT
Server: nginx
ETag: "5f887407-c2f"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 3119

GET
H2 204 3509488 Show response
inpagepush.com/500/ 0
441 B 54ms
54ms XHR
text/plain 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3509488?excludes=8093040&oaid=cc89975551c94947bd37dcc837958c5a&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=13&pl=https%3A%2F%2Fpaste.co.id%2FOoDWFPYnpD&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 4f69a4b389b7fd01761b04d176325cf6
pragma: no-cache
date: Tue, 27 Jul 2021 06:26:32 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H2 200 3509488
inpagepush.com/500/ Frame 0
0 53ms
52ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 27 Jul 2021 06:26:32 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://paste.co.id
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rubiconproject.com/	1970-01-20 04:48:23	Name: khaos Value: KRLOEIWM-20-F9S1
onmarshtompor.com/	1970-01-20 04:48:23	Name: OAID Value: 2d482b09776741bc983dbf074e2de088
.paste.co.id/	1970-01-19 20:02:47	Name: _gat_gtag_UA_174907544_1 Value: 1
.doubleclick.net/	1970-01-20 05:24:23	Name: IDE Value: AHWqTUmIWstyXD2K8Cxsg9iN-03kmfIfCNK3DNk07B5EUOdh3pYqOUN1CWbzOeAJYgE
.paste.co.id/	1970-01-19 20:02:50	Name: __PPU_BACKCLCK_3724584 Value: true
.paste.co.id/	1970-01-19 20:02:47	Name: _gat_gtag_UA_137362802_1 Value: 1
onmarshtompor.com/	1970-01-20 04:48:23	Name: oaidts Value: 1627367181
paste.co.id/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%2231PA6Zx9%2B%22%7D%2C%22C997452%22%3A%7B%22page%22%3A1%2C%22time%22%3A1627367182468%7D%7D
.paste.co.id/	1970-01-19 20:04:13	Name: _gid Value: GA1.3.165078949.1627367183
.rubiconproject.com/	1970-01-20 04:48:23	Name: audit Value: 1\|EEzwSnuoOg9tTB4WZL6ystHfAC00t7/dB+85TnR7VZo03R04lxyvW6PbzSsFECpwyYA8Ud9VvBrqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.paste.co.id/	1970-01-20 13:33:59	Name: _ga Value: GA1.3.191740207.1627367182
.paste.co.id/	1970-01-20 05:24:23	Name: __gads Value: ID=557ff34c68c3c34d-22c59ba678c9007f:T=1627367182:RT=1627367182:S=ALNI_MZ8_rXL1qqtvnD-Nh0uXH7YrRRzGg
paste.co.id/	1970-01-19 20:02:47	Name: prefetchAd Value: true
eus.rubiconproject.com/	1970-01-19 22:12:23	Name: pux Value: 1512%3D101407%262249%3D101407%262307%3D101407%262974%3D101407%263778%3D101407%26idl%3D101407%26goog%3D101407%26brx%3D101407%26
paste.co.id/	1970-01-19 20:02:54	Name: pasteshr_session Value: eyJpdiI6ImpcL1dwUXVHRWhFRHVDRTIxXC9wcUcydz09IiwidmFsdWUiOiJsMFJWMU5XSHAyY1U1OXppY3FuZWpPN1lOcUs0YzJ5YlVBd1NyVHRYdExhQm5DQ0MrVzVYSHNkRzhNOFA2WDRZIiwibWFjIjoiNWUxN2NjNWI2OTU2ZmUxNzQzYzZiNDJlMDNhNDZlZDVkNDM3ZGRmMzJmZDNkODM5ZWFmYmM5MDM2NWUyOTEwNyJ9
paste.co.id/	1970-01-19 20:02:54	Name: XSRF-TOKEN Value: eyJpdiI6IkcyQkltMW5RQTAxT01TMmJDK0pGaEE9PSIsInZhbHVlIjoiMWd2VEdZU29JWjRnV1JNVG5zOXg2Q0F1RnpGVUp6ZFFFZ1Q3ank1VENxamdjVW85UEFXWTlFbmQ2QWpXXC9sQTgiLCJtYWMiOiJjZDNhNTQxZmU0YWNjYWVhNDIwN2EzMTJiMDQxNGQ0MDMxNzc2YmYzNDA5Mzk5YjAxMDFjYTVmOWNjODE3NDkzIn0%3D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js(Line 1) Message: [object HTMLImageElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.betweendigital.com
ads.yahoo.com
adservice.google.com
adservice.google.de
bedrapiona.com
c.mgid.com
cdn.mgid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
dozubatan.com
eus.rubiconproject.com
googleads.g.doubleclick.net
iclickcdn.com
id.rlcdn.com
inpagepush.com
itgiblean.com
jsc.mgid.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
my.rtmark.net
o.wowreality.info
onmarshtompor.com
pagead2.googlesyndication.com
partner.googleadservices.com
paste.co.id
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pseepsie.com
s-img.mgid.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
seeptoag.net
servicer.mgid.com
static.cdnativepush.com
static.lalaping.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.e-volution.ai
sync.mathtag.com
toglooman.com
token.rubiconproject.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.qrcoder.co.uk
x.bidswitch.net
104.109.78.125
104.16.199.73
104.19.132.78
104.19.135.78
104.19.216.61
109.203.125.88
109.206.188.82
13.224.111.48
13.248.242.197
139.45.195.254
139.45.195.8
139.45.196.136
139.45.196.145
139.45.197.156
139.45.197.234
139.45.197.237
139.45.197.239
139.45.197.243
142.250.184.226
142.250.185.162
151.101.14.49
185.184.8.65
185.29.132.245
188.42.191.196
2.19.35.65
2606:4700:20::681a:97b
2606:4700:20::ac43:4b09
2606:4700::6810:125e
2606:4700::6810:135e
2606:4700::6812:bcf
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:801::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2008
2a00:1450:400c:c04::9b
35.157.197.70
35.244.174.68
5.189.137.168
69.173.144.139
69.173.144.165
073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d57b802101603ae1bbb2ffc98a47acd5bb7260be32a9d76a53b629bb1993cb7
116e11b0e60d3fbee191c04447957deeaac6bc02604b29abefa1bf0b3a7ab3bb
140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16d2eac72467e8931e76a59088381521c469cd08de7884eb65442a9a7744256b
19a878ba4d23ea5e0c3f0cfbb843c4fde17a25335f0de62878754cd5fdebb6ec
246160119eacd0b407d3575c76beb79d24a3c3decd756a8ea3c4516b181de05f
2497f87f8f77979dd57ff8ff4035ae2951c56ea331ad393cc8771c270e8967dc
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
2ac05781d1a4eec5d40e9b668ee97489a3c6adc8104e4f7610ce2f07b02cb2e7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ae2fd037e35d04a7e678afb4bb2b9883477809cbbf59574c847dcc468bd0428
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
2e2e3b1721d42b94fab9b9c017c27045e7c25fbc6a7e0fb943e0ef101a7cb8ec
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
33a196c6910d721f6ac26ea2e8d1edaf0d6723f0b23464ea6b18d3c90b93bd4f
36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5362095703d6cf47a8ebe3c02e9f5b46e43d322f7152da10bfaaceaed202a0f5
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
5cd7c348a49eaa1d24807d61a7e8274c519b4dd9816886255e25ee7e0f6a207b
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
6483200efaa4fc140b0b531e6ed55546a1f6d6af6b4142cd30643493049868f3
653c87ed6c7eb7fe23dfc3bbe5ab1799cba3bd1bbda3ad2748439fc61c70ce9b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
727d06f38b813004baa0b6a9c96c24e2bce04b7be4c05f9486499f4250f9a772
72ea2a1ea3bfcfcf509c1f07a70015b4a4e7b08197643661eae97d56a940d4b0
72f4f2e969c8e5abc9f281cff28bddf2496dc4e324a506ce87a7193951887550
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
74463bf4caecd06c992223a01003aca0cdacdc2a3d43416e6aedf68eb6a98187
775f660b2af8a84c59413b476b7f1ba44727f78ef31ea71bc123c2a6901106e4
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5
8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045
877141587e7fa710884d5778207eb9e292a99d4248852363f6c11255dbb8ad4c
8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716
8d13baa0a3bd066b9b225df3d5eb30cabfa9450f3d41e6c6ce646ae5fdb49d65
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e3a2e9e361fe012b08a036f27f382d92bea9fa293bf52198580ddfe0c8c5c99
900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93
94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75
9796c28c9c165b89f7f52bbea0eaeeff39e0108f905e56409e89c4452a0e2bb8
982ad5595ec22477308c719730592c9b3be1863cb955a85ccfc3e73583b438e9
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a505a0ff6bdf721f980d4924565d1f1ac66d3a383fc8728cf91a8206a5bcec48
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a7b390dbf936b5c94f0880aaba33257df65c879b6088b40f358f514e774d1d0c
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab2ce846645a378c14a61fb0d42a9ef4078e67db914d2d85ecd47c855fecfcc0
abdc900d43b95f09df54d547a03fc9f1f7bc9510e1e53108ac4cc6462c4c0f4e
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a
b2ebc73c4f4a34ef3e31ace85c57c0897252615aa7aeab54e05f41d777f302dc
b34a3eee1bdc965572daca0b5c0b6f606f64767a53f696e967fcdda1e54008a6
b4ac644803de23d3f8e60d6eb1bfec6c182214bb78c2cba1e0efeefe0bb95234
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
b7f3ab4800b7426f12036618e23de1025757ef36a3683ca3c76258b182a1f66e
b8c3f71afbeeed7e2dd4c4f436a8f1b75b8cc09a9849ef2f842016500d0f4788
b96dd4948a653a14d12bdbe662db0ea7e0cb5fe759faa34adc9ca88bbf34988b
c025b0c96d84f453c00cac0f8fa1deedff968fa148aed3d0e06ebbe8084f17c6
c073ed097b0ca3d129f4372bfaa435a22beda0eaea4718196903f62f934f5eb2
c25048cebbb01555c35281d80dfd6d8adb21ccd16d26ce1546e1364eef444f64
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
c66c096f2349da27f6d8e9c868057e795cef3ba47c5978ed9135f1d11ba17a0c
c82db013fed13514116da0fca58e0a4ee83721d82a892d7ddab12cf2461aa2b0
c9c11c224bfec6f529527299f7d3a0495399c30b2fb642d6d2ffd46ec6504710
ca24e2680f2545b64cfd196089e9e5ac5a3b6c9eec852492210239bb07402904
d41c03bf6cb3a53b154e1c74ba1b301e413a8f7c8c76f3edea493617ef4b2b90
d45d06dc8e9895356f79c18d31dec1bbdcaacb65745b1db54567abe94271ab4d
d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517
d801a7aee4bfe2c958fd643f0cbeec4594298233004ada814fbff90eeb0b1c0b
dbe0619c2e857302b7ead07287208fba0580b071684e64f7e4fe31afd99733da
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecea4b30252d5bc011c7f9cafcac4239a9eb11f2dd8cd9dbc073073f875e8af8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd7cbcfcdce4e767127a44fdabc54fe1703cad708422c0054796cb902c9d0780
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

paste.co.id Open in urlscan Pro 5.189.137.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

137 Requests

100 %HTTPS

35 %IPv6

39 Domains

54 Subdomains

38 IPs

7 Countries

1512 kBTransfer

3791 kBSize

16 Cookies

59 Outgoing links

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paste.co.id Open in urlscan Pro
5.189.137.168 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

100 %
HTTPS

35 %
IPv6

39
Domains

54
Subdomains

38
IPs

7
Countries

1512 kB
Transfer

3791 kB
Size

16
Cookies

137 HTTP transactions
2 data transactions