urlscan.io logo urlscan.io
SecurityTrails logo

paste.co.id Open in urlscan Pro
5.189.137.168  Public Scan

Go To Rescan Add Verdict Report
URL: https://paste.co.id/RtqoVy3Ejo
Submission Tags: falconsandbox
Submission: On October 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 38 IPs in 7 countries across 39 domains to perform 151 HTTP transactions. The main IP is 5.189.137.168, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is paste.co.id.
TLS certificate: Issued by R3 on September 23rd 2021. Valid for: 3 months.
This is the only time paste.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 5.189.137.168 51167 (CONTABO)
2 104.18.11.207 13335 (CLOUDFLAR...)
4 104.16.18.94 13335 (CLOUDFLAR...)
7 142.250.186.98 15169 (GOOGLE)
4 139.45.197.237 9002 (RETN-AS)
13 139.45.197.250 9002 (RETN-AS)
20 104.19.136.78 13335 (CLOUDFLAR...)
1 109.203.125.88 31727 (NODE4-AS)
2 142.250.185.168 15169 (GOOGLE)
1 104.26.13.118 13335 (CLOUDFLAR...)
2 142.250.185.98 15169 (GOOGLE)
1 139.45.197.234 9002 (RETN-AS)
1 142.250.186.162 15169 (GOOGLE)
1 142.250.185.66 15169 (GOOGLE)
6 139.45.197.239 9002 (RETN-AS)
1 139.45.197.243 9002 (RETN-AS)
3 142.250.185.110 15169 (GOOGLE)
4 139.45.195.8 9002 (RETN-AS)
1 104.26.8.123 13335 (CLOUDFLAR...)
1 74.125.140.157 15169 (GOOGLE)
7 142.250.186.36 15169 (GOOGLE)
1 139.45.197.188 9002 (RETN-AS)
5 139.45.197.162 9002 (RETN-AS)
3 139.45.197.240 9002 (RETN-AS)
4 172.67.10.98 13335 (CLOUDFLAR...)
2 142.250.184.225 15169 (GOOGLE)
24 104.19.133.78 13335 (CLOUDFLAR...)
1 178.162.156.35 60781 (LEASEWEB-...)
2 5 143.204.98.87 16509 (AMAZON-02)
1 62.149.0.36 15497 (COLOCALL ...)
1 3 23.37.42.132 16625 (AKAMAI-AS)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
1 104.16.221.74 13335 (CLOUDFLAR...)
2 2 35.212.212.222 15169 (GOOGLE)
1 1 172.217.18.98 15169 (GOOGLE)
5 5 52.29.120.182 16509 (AMAZON-02)
1 1 87.98.128.108 16276 (OVH)
1 1 109.206.161.21 50245 (SERVEREL-AS)
1 69.173.144.139 26667 (RUBICONPR...)
1 5.135.96.59 16276 (OVH)
2 2 76.223.111.131 16509 (AMAZON-02)
1 104.19.217.61 13335 (CLOUDFLAR...)
1 69.173.144.138 26667 (RUBICONPR...)
2 139.45.195.254 9002 (RETN-AS)
1 1 62.149.0.72 15497 (COLOCALL ...)
151 38
16    5.189.137.168 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi465240.contaboserver.net
paste.co.id
2    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
4    104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
pagead2.googlesyndication.com
4    139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)
inpagepush.com
dozubatan.com
13    139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)
seeptoag.net
pseepsie.com
20    104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
1    109.203.125.88 (United Kingdom)

ASN31727 (NODE4-AS, GB)
PTR: server.switchtowood.co.uk
www.qrcoder.co.uk
2    142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net
www.googletagmanager.com
1    104.26.13.118 (United States)

ASN13335 (CLOUDFLARENET, US)
iclickcdn.com
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads.g.doubleclick.net
1    139.45.197.234 (United Kingdom)

ASN9002 (RETN-AS, GB)
bedrapiona.com
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
partner.googleadservices.com
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
adservice.google.com
6    139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)
toglooman.com
1    139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)
onmarshtompor.com
3    142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net
www.google-analytics.com
4    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    104.26.8.123 (United States)

ASN13335 (CLOUDFLARENET, US)
static.lalaping.com
1    74.125.140.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f157.1e100.net
stats.g.doubleclick.net
7    142.250.186.36 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net
www.google.com
1    139.45.197.188 (United Kingdom)

ASN9002 (RETN-AS, GB)
static.cdnativepush.com
5    139.45.197.162 (United Kingdom)

ASN9002 (RETN-AS, GB)
interst12.com
3    139.45.197.240 (United Kingdom)

ASN9002 (RETN-AS, GB)
propeller-tracking.com
4    172.67.10.98 (United States)

ASN13335 (CLOUDFLARENET, US)
littlecdn.com
2    142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net
tpc.googlesyndication.com
24    104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
1    178.162.156.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com
perf.cdnads.com
5    143.204.98.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net
sb.scorecardresearch.com
1    62.149.0.36 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: cc86365-05.cc.colocall.com
s.adtelligent.com
3    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
1    104.16.221.74 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
2    35.212.212.222 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com
rtb-usw.mfadsrvr.com
1    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
cm.g.doubleclick.net
5    52.29.120.182 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-120-182.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    87.98.128.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-87-98-128.eu
green.erne.co
1    109.206.161.21 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net
sync.e-volution.ai
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    5.135.96.59 (France)

ASN16276 (OVH, FR)
dispatcher.adxcore.com
2    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    104.19.217.61 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)
o.wowreality.info
1    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.adtelligent.com
Apex Domain
Subdomains		 Transfer
44 mgid.com
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
cm.mgid.com
461 KB
16 paste.co.id
paste.co.id
410 KB
10 seeptoag.net
seeptoag.net
64 KB
9 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
229 KB
8 google.com
adservice.google.com
www.google.com
36 KB
6 toglooman.com
toglooman.com
130 KB
5 bidswitch.net
x.bidswitch.net
2 KB
5 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
11 KB
5 scorecardresearch.com
sb.scorecardresearch.com
3 KB
5 interst12.com
interst12.com
159 KB
4 littlecdn.com
littlecdn.com
35 KB
4 rtmark.net
my.rtmark.net
2 KB
4 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
11 KB
4 cloudflare.com
cdnjs.cloudflare.com
49 KB
3 propeller-tracking.com
propeller-tracking.com
4 KB
3 google-analytics.com
www.google-analytics.com
20 KB
3 pseepsie.com
pseepsie.com
44 KB
3 inpagepush.com
inpagepush.com
32 KB
2 wowreality.info
o.wowreality.info
398 B
2 adsrvr.org
match.adsrvr.org
904 B
2 mfadsrvr.com
rtb-usw.mfadsrvr.com
758 B
2 creativecdn.com
creativecdn.com
687 B
2 adtelligent.com
s.adtelligent.com
sync.adtelligent.com
1 KB
2 googletagmanager.com
www.googletagmanager.com
77 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com
84 KB
1 lentainform.com
cm.lentainform.com
495 B
1 adxcore.com
dispatcher.adxcore.com
260 B
1 e-volution.ai
sync.e-volution.ai
463 B
1 erne.co
green.erne.co
298 B
1 idealmedia.io
cm.idealmedia.io
412 B
1 cdnads.com
perf.cdnads.com
323 B
1 cdnativepush.com
static.cdnativepush.com
1 KB
1 lalaping.com
static.lalaping.com
34 KB
1 onmarshtompor.com
onmarshtompor.com
833 B
1 dozubatan.com
dozubatan.com
30 KB
1 googleadservices.com
partner.googleadservices.com
655 B
1 bedrapiona.com
bedrapiona.com
2 KB
1 iclickcdn.com
iclickcdn.com
22 KB
1 qrcoder.co.uk
www.qrcoder.co.uk
151 39
Domain Requested by
24 s-img.mgid.com jsc.mgid.com
16 paste.co.id paste.co.id
cdnjs.cloudflare.com
10 seeptoag.net paste.co.id
seeptoag.net
8 cm.mgid.com jsc.mgid.com
s.adtelligent.com
7 www.google.com paste.co.id
tpc.googlesyndication.com
7 pagead2.googlesyndication.com paste.co.id
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 toglooman.com iclickcdn.com
toglooman.com
5 x.bidswitch.net 5 redirects
5 sb.scorecardresearch.com 2 redirects jsc.mgid.com
5 interst12.com toglooman.com
interst12.com
4 cdn.mgid.com paste.co.id
jsc.mgid.com
4 littlecdn.com interst12.com
4 my.rtmark.net paste.co.id
inpagepush.com
onmarshtompor.com
4 cdnjs.cloudflare.com paste.co.id
3 servicer.mgid.com jsc.mgid.com
3 propeller-tracking.com interst12.com
propeller-tracking.com
3 c.mgid.com jsc.mgid.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 pseepsie.com iclickcdn.com
pseepsie.com
3 inpagepush.com paste.co.id
inpagepush.com
2 o.wowreality.info static.lalaping.com
2 match.adsrvr.org 2 redirects
2 rtb-usw.mfadsrvr.com 2 redirects
2 creativecdn.com 2 redirects
2 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.googletagmanager.com paste.co.id
www.googletagmanager.com
2 jsc.mgid.com paste.co.id
jsc.mgid.com
2 maxcdn.bootstrapcdn.com paste.co.id
maxcdn.bootstrapcdn.com
1 sync.adtelligent.com 1 redirects
1 token.rubiconproject.com eus.rubiconproject.com
1 cm.lentainform.com
1 dispatcher.adxcore.com
1 pixel.rubiconproject.com
1 sync.e-volution.ai 1 redirects
1 green.erne.co 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 cm.idealmedia.io
1 secure-assets.rubiconproject.com 1 redirects
1 s.adtelligent.com cm.mgid.com
1 perf.cdnads.com
1 static.cdnativepush.com paste.co.id
1 stats.g.doubleclick.net www.google-analytics.com
1 static.lalaping.com toglooman.com
1 onmarshtompor.com iclickcdn.com
1 dozubatan.com iclickcdn.com
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 bedrapiona.com iclickcdn.com
1 iclickcdn.com paste.co.id
1 www.qrcoder.co.uk paste.co.id
151 52

This site contains links to these domains. Also see Links.

Domain
widgets.mgid.com
www.mgid.com
indico.slac.stanford.edu
portfolium.com
newyorkirisharts.com
Subject Issuer Validity Valid
paste.co.id
R3		 2021-09-23 -
2021-12-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
inpagepush.com
R3		 2021-09-27 -
2021-12-26		 3 months crt.sh
seeptoag.net
R3		 2021-08-11 -
2021-11-09		 3 months crt.sh
qrcoder.co.uk
cPanel, Inc. Certification Authority		 2021-08-14 -
2021-11-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
bedrapiona.com
R3		 2021-10-02 -
2021-12-31		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
dozubatan.com
R3		 2021-08-10 -
2021-11-08		 3 months crt.sh
pseepsie.com
R3		 2021-08-16 -
2021-11-14		 3 months crt.sh
toglooman.com
R3		 2021-09-07 -
2021-12-06		 3 months crt.sh
onmarshtompor.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-03 -
2022-11-03		 a year crt.sh
*.rtmark.net
Sectigo RSA Domain Validation Secure Server CA		 2020-10-27 -
2021-11-26		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
cdnativepush.com
R3		 2021-10-02 -
2021-12-31		 3 months crt.sh
interst12.com
R3		 2021-07-26 -
2021-10-24		 3 months crt.sh
propeller-tracking.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-05 -
2021-11-05		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.cdnads.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-07 -
2021-11-23		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-08-05 -
2021-11-03		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.adxcore.com
Gandi Standard SSL CA 2		 2021-01-23 -
2022-01-23		 a year crt.sh
wowreality.info
R3		 2021-07-30 -
2021-10-28		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://paste.co.id/RtqoVy3Ejo
Frame ID: A87DCBB9C617232853EDBC086DD5DC71
Requests: 119 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/zrt_lookup.html
Frame ID: E45786DEAAEC9FB681943B84B418262B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1633346144&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633346143956&bpp=4&bdt=709&idt=164&shv=r20210928&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3352552872611&frm=20&pv=2&ga_vid=1396786116.1633346144&ga_sid=1633346144&ga_hid=545764995&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750345%2C31062987&oid=2&pvsid=3333470347671981&pem=440&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=182
Frame ID: C09B03DA0298E1B76F8025B69E074661
Requests: 1 HTTP requests in this frame

Frame: https://onmarshtompor.com/fac.php?OAID=412528682df644ae98cbd2b03e73620c&oaidts=1633346144
Frame ID: BBBC78E532E4F9E82DA06CCD909C473C
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: C216F749B8DC5EFDB11BF3053F1B4E03
Requests: 1 HTTP requests in this frame

Frame: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D3730550036%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DpGE_UVNVvdK3-xRxdmNxN4qvTGT9oCbQCZNuFWTX9KLNrjuqUvuCtwPxeqfmb5vhL8sfLlSlvx7ElygISktFL6e8XnUsjnkJ0vn6dvi1JbfMkeDWU1xIIBxratanJZnUxmnqF6VnOzp-LQbzR6wYXtwjW9u9gWTASTU2kwlKDjA6nHR72T8CBJuGdI0fKMvHbyqGpOp8fV68-2EgzulOaaygSygC0GQGxsDqu1iUWtwCT9pA3wITtYtIApgCZhM6bTVaRNXN1Y43V2atE-tcjjZeS8XVZpVMr9fX2w%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dfb642dc1-0fc6-45cf-9501-d2cc3e58ca27%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FRtqoVy3Ejo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Frame ID: B52EAF305ABA545EEE4BCA0824396232
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: EF1A2FBB1CF79EDA258ADDC65660613E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 605C5EA8EFBD29F8AB9153F855790FAD
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1633346145194804290480
Frame ID: E77B2A073EF5C2CFA739088DF3BF1C2A
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: C86E7A50CF2D96D352C3CEFD125B6906
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: AC794706BEA41539AB49637DC3AF9947
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Untitled - Paste.co.id

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:ad\.advertstream\.com|adxcore\.com)
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • prism\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

151
Requests

100 %
HTTPS

0 %
IPv6

39
Domains

52
Subdomains

38
IPs

7
Countries

1952 kB
Transfer

4275 kB
Size

44
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 132
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 133
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=vILCnOO8FkDyByRDnGZj&pi=mgid&tc=1
Request Chain 135
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=43907ff8-2ccd-489b-b0ff-5bf657ff135c
Request Chain 136
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDk0SUpzV2g3bGY0&muidn=l94IJsWh7lf4 HTTP 302
  • https://cm.mgid.com/google?muidn=l94IJsWh7lf4&google_ula={guid},5&google_gid=CAESEOnZhFu5zs61xjQdtXsz8PI&google_cver=1
Request Chain 137
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=682H0CUJBRjCXTMwoTAMXlxj&ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=a4b8569b-e946-41bc-aa84-667f96ed1ccc&gdpr=&gdpr_consent=&us_privacy=
Request Chain 138
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l94IJsWh7lf4 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Request Chain 139
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l94IJsWh7lf4 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l94IJsWh7lf4 HTTP 302
  • https://dispatcher.adxcore.com/a/sync.gif?dsp=11&uid=a4b8569b-e946-41bc-aa84-667f96ed1ccc
Request Chain 140
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=efffffe0-07b1-4074-bdbc-e42b161a659f&ttl=1635938145
Request Chain 142
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1633346145252&ns_c=UTF-8&cv=3.5&c8=Untitled%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1633346145252&ns_c=UTF-8&cv=3.5&c8=Untitled%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&c9=
Request Chain 143
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1633346145253&ns_c=UTF-8&cv=3.5&c8=Untitled%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1633346145253&ns_c=UTF-8&cv=3.5&c8=Untitled%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&c9=
Request Chain 148
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=617666&c=92355d3b9c26d420

151 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request RtqoVy3Ejo
paste.co.id/ 		85 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paste.co.id/RtqoVy3Ejo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi465240.contaboserver.net
Software
LiteSpeed /
Resource Hash
16e65f665cc49772865d5e46455f2ef7a11a15cbc0962f43f98837f6c5e46ae5

Request headers

:method
GET
:authority
paste.co.id
:scheme
https
:path
/RtqoVy3Ejo
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
x-ratelimit-limit
60
x-ratelimit-remaining
59
set-cookie
XSRF-TOKEN=eyJpdiI6IlJKbVhENU9SRTBGaGt2MlZWaUlTMmc9PSIsInZhbHVlIjoiVld3djcrcGQ3am50SXhRVFhRRXNCc25QZlhBUmUwRnRodDg1UzdzZjR6ZktqTVRrZXkzM0lZWThVUTREWFNCUCIsIm1hYyI6ImZiMTk3YzI2YTgxYjI5YWI1ZGM0MWMxMDk1NGRjNzFkZWQ1YzZkYjlhYTAxZTExZTJiOGNmYjBlOTBlYzI5ODAifQ%3D%3D; expires=Mon, 04-Oct-2021 13:15:43 GMT; Max-Age=7200; path=/ pasteshr_session=eyJpdiI6IlJ4U0g5U3NnVjdqZ2t2YW1FWWxFblE9PSIsInZhbHVlIjoiaURmYkFIYmlJQnFVR0RSRklwdlhYWDRscTgzODN4QWtvNXE2ZTJKaFdtT3N0Ym9kckFIQjRcL2h1elwvc25xMUlDIiwibWFjIjoiMTg3NDE3YWQ4MWJkMjkyNzhiZmNiMDJmNjQ4ZGVhN2YwNGIzNzNkMWI0YjZjYWFhZjA1OGQxYTUxMjc3M2U5NiJ9; expires=Mon, 04-Oct-2021 13:15:43 GMT; Max-Age=7200; path=/; httponly
content-encoding
gzip
vary
Accept-Encoding
content-length
24939
date
Mon, 04 Oct 2021 11:15:43 GMT
server
LiteSpeed
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723, 617
age
5238777
cdn-cachedat
2021-07-24 08:09:23
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
40b2c5e257c44c41b18e54bb6d5c182e
cf-ray
698dfe73afdb5c38-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
bootstrap.min.css
paste.co.id/css/ 		138 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paste.co.id/css/bootstrap.min.css
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi465240.contaboserver.net
Software
LiteSpeed /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

:path
/css/bootstrap.min.css
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlJKbVhENU9SRTBGaGt2MlZWaUlTMmc9PSIsInZhbHVlIjoiVld3djcrcGQ3am50SXhRVFhRRXNCc25QZlhBUmUwRnRodDg1UzdzZjR6ZktqTVRrZXkzM0lZWThVUTREWFNCUCIsIm1hYyI6ImZiMTk3YzI2YTgxYjI5YWI1ZGM0MWMxMDk1NGRjNzFkZWQ1YzZkYjlhYTAxZTExZTJiOGNmYjBlOTBlYzI5ODAifQ%3D%3D; pasteshr_session=eyJpdiI6IlJ4U0g5U3NnVjdqZ2t2YW1FWWxFblE9PSIsInZhbHVlIjoiaURmYkFIYmlJQnFVR0RSRklwdlhYWDRscTgzODN4QWtvNXE2ZTJKaFdtT3N0Ym9kckFIQjRcL2h1elwvc25xMUlDIiwibWFjIjoiMTg3NDE3YWQ4MWJkMjkyNzhiZmNiMDJmNjQ4ZGVhN2YwNGIzNzNkMWI0YjZjYWFhZjA1OGQxYTUxMjc3M2U5NiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
paste.co.id
referer
https://paste.co.id/RtqoVy3Ejo
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/RtqoVy3Ejo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
content-encoding
br
last-modified
Thu, 08 Nov 2018 15:15:02 GMT
server
LiteSpeed
etag
"22688-5be452f6-4a15aa;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
18560
expires
Mon, 11 Oct 2021 11:15:43 GMT
mdb.min.css
paste.co.id/css/ 		226 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paste.co.id/css/mdb.min.css
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi465240.contaboserver.net
Software
LiteSpeed /
Resource Hash
8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045

Request headers

:path
/css/mdb.min.css
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlJKbVhENU9SRTBGaGt2MlZWaUlTMmc9PSIsInZhbHVlIjoiVld3djcrcGQ3am50SXhRVFhRRXNCc25QZlhBUmUwRnRodDg1UzdzZjR6ZktqTVRrZXkzM0lZWThVUTREWFNCUCIsIm1hYyI6ImZiMTk3YzI2YTgxYjI5YWI1ZGM0MWMxMDk1NGRjNzFkZWQ1YzZkYjlhYTAxZTExZTJiOGNmYjBlOTBlYzI5ODAifQ%3D%3D; pasteshr_session=eyJpdiI6IlJ4U0g5U3NnVjdqZ2t2YW1FWWxFblE9PSIsInZhbHVlIjoiaURmYkFIYmlJQnFVR0RSRklwdlhYWDRscTgzODN4QWtvNXE2ZTJKaFdtT3N0Ym9kckFIQjRcL2h1elwvc25xMUlDIiwibWFjIjoiMTg3NDE3YWQ4MWJkMjkyNzhiZmNiMDJmNjQ4ZGVhN2YwNGIzNzNkMWI0YjZjYWFhZjA1OGQxYTUxMjc3M2U5NiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
paste.co.id
referer
https://paste.co.id/RtqoVy3Ejo
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/RtqoVy3Ejo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
content-encoding
br
last-modified
Thu, 08 Nov 2018 15:15:02 GMT
server
LiteSpeed
etag
"38940-5be452f6-4a15a9;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
22616
expires
Mon, 11 Oct 2021 11:15:43 GMT
select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/select2.min.css
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
925868
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1624
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fcb-3b5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uj5Ni8NswGZvkB4PviJxWEBLAuHZFaevuAdsL%2BceAXpyVXMaRk68rr9xMq%2FXaBvcUgeHPEGWEx7JaQjmC8mUPnmq81kKkRJiO6yAvrCAf15bg2FinSwXZwVVF9y85VSLG3qt6CwD"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
698dfe738bc86910-FRA
expires
Sat, 24 Sep 2022 11:15:43 GMT
special.min.css
paste.co.id/css/skins/ 		3 KB
866 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paste.co.id/css/skins/special.min.css
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi465240.contaboserver.net
Software
LiteSpeed /
Resource Hash
d801a7aee4bfe2c958fd643f0cbeec4594298233004ada814fbff90eeb0b1c0b

Request headers

:path
/css/skins/special.min.css
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlJKbVhENU9SRTBGaGt2MlZWaUlTMmc9PSIsInZhbHVlIjoiVld3djcrcGQ3am50SXhRVFhRRXNCc25QZlhBUmUwRnRodDg1UzdzZjR6ZktqTVRrZXkzM0lZWThVUTREWFNCUCIsIm1hYyI6ImZiMTk3YzI2YTgxYjI5YWI1ZGM0MWMxMDk1NGRjNzFkZWQ1YzZkYjlhYTAxZTExZTJiOGNmYjBlOTBlYzI5ODAifQ%3D%3D; pasteshr_session=eyJpdiI6IlJ4U0g5U3NnVjdqZ2t2YW1FWWxFblE9PSIsInZhbHVlIjoiaURmYkFIYmlJQnFVR0RSRklwdlhYWDRscTgzODN4QWtvNXE2ZTJKaFdtT3N0Ym9kckFIQjRcL2h1elwvc25xMUlDIiwibWFjIjoiMTg3NDE3YWQ4MWJkMjkyNzhiZmNiMDJmNjQ4ZGVhN2YwNGIzNzNkMWI0YjZjYWFhZjA1OGQxYTUxMjc3M2U5NiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
paste.co.id
referer
https://paste.co.id/RtqoVy3Ejo
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/RtqoVy3Ejo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
content-encoding
br
last-modified
Wed, 24 Apr 2019 12:08:22 GMT
server
LiteSpeed
etag
"bab-5cc051b6-5052d5;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
778
expires
Mon, 11 Oct 2021 11:15:43 GMT
app.min.css
paste.co.id/css/ 		648 B
311 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paste.co.id/css/app.min.css?v=1.2
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi465240.contaboserver.net
Software
LiteSpeed /
Resource Hash
8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b

Request headers

:path
/css/app.min.css?v=1.2
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlJKbVhENU9SRTBGaGt2MlZWaUlTMmc9PSIsInZhbHVlIjoiVld3djcrcGQ3am50SXhRVFhRRXNCc25QZlhBUmUwRnRodDg1UzdzZjR6ZktqTVRrZXkzM0lZWThVUTREWFNCUCIsIm1hYyI6ImZiMTk3YzI2YTgxYjI5YWI1ZGM0MWMxMDk1NGRjNzFkZWQ1YzZkYjlhYTAxZTExZTJiOGNmYjBlOTBlYzI5ODAifQ%3D%3D; pasteshr_session=eyJpdiI6IlJ4U0g5U3NnVjdqZ2t2YW1FWWxFblE9PSIsInZhbHVlIjoiaURmYkFIYmlJQnFVR0RSRklwdlhYWDRscTgzODN4QWtvNXE2ZTJKaFdtT3N0Ym9kckFIQjRcL2h1elwvc25xMUlDIiwibWFjIjoiMTg3NDE3YWQ4MWJkMjkyNzhiZmNiMDJmNjQ4ZGVhN2YwNGIzNzNkMWI0YjZjYWFhZjA1OGQxYTUxMjc3M2U5NiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
paste.co.id
referer
https://paste.co.id/RtqoVy3Ejo
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/RtqoVy3Ejo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
content-encoding
br
last-modified
Fri, 05 Jun 2020 17:06:52 GMT
server
LiteSpeed
etag
"288-5eda7bac-4a15ad;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
222
expires
Mon, 11 Oct 2021 11:15:43 GMT
prism-okadia.css
paste.co.id/plugins/prismjs/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paste.co.id/plugins/prismjs/prism-okadia.css
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi465240.contaboserver.net
Software
LiteSpeed /
Resource Hash
36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6

Request headers

:path
/plugins/prismjs/prism-okadia.css
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlJKbVhENU9SRTBGaGt2MlZWaUlTMmc9PSIsInZhbHVlIjoiVld3djcrcGQ3am50SXhRVFhRRXNCc25QZlhBUmUwRnRodDg1UzdzZjR6ZktqTVRrZXkzM0lZWThVUTREWFNCUCIsIm1hYyI6ImZiMTk3YzI2YTgxYjI5YWI1ZGM0MWMxMDk1NGRjNzFkZWQ1YzZkYjlhYTAxZTExZTJiOGNmYjBlOTBlYzI5ODAifQ%3D%3D; pasteshr_session=eyJpdiI6IlJ4U0g5U3NnVjdqZ2t2YW1FWWxFblE9PSIsInZhbHVlIjoiaURmYkFIYmlJQnFVR0RSRklwdlhYWDRscTgzODN4QWtvNXE2ZTJKaFdtT3N0Ym9kckFIQjRcL2h1elwvc25xMUlDIiwibWFjIjoiMTg3NDE3YWQ4MWJkMjkyNzhiZmNiMDJmNjQ4ZGVhN2YwNGIzNzNkMWI0YjZjYWFhZjA1OGQxYTUxMjc3M2U5NiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
paste.co.id
referer
https://paste.co.id/RtqoVy3Ejo
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/RtqoVy3Ejo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
content-encoding
br
last-modified
Tue, 29 Jan 2019 22:43:52 GMT
server
LiteSpeed
etag
"326d-5c50d728-4c4795;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
3354
expires
Mon, 11 Oct 2021 11:15:43 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
27b4d85d3016db92789e051bb3ea9ff8f76a8e7edc555f279138e2903205384c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51131
x-xss-protection
0
server
cafe
etag
15443021075126367024
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 11:15:43 GMT
3509488
inpagepush.com/400/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inpagepush.com/400/3509488
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
dca2e5087612e2bf4420ce4fcd117fa4b2f20ae6ac67f9469c9e6fe45169907a
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-trace-id
2aa458e062d101046635f860213cce39
pragma
no-cache
date
Mon, 04 Oct 2021 11:15:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security
max-age=1
timing-allow-origin
*
expires
Wed, 31 Dec 1969 19:00:00 EST
ntfc.php
seeptoag.net/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://seeptoag.net/ntfc.php?p=3534037
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e9cd157aaf539ecdef6120adb67acd9230c5ef7223133493e2339be589a71ff7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:39 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 13:22:43 GMT
server
nginx
etag
W/"6155ba23-3b23"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
default-avatar.png
paste.co.id/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paste.co.id/img/default-avatar.png
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi465240.contaboserver.net
Software
LiteSpeed /
Resource Hash
d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517

Request headers

:path
/img/default-avatar.png
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlJKbVhENU9SRTBGaGt2MlZWaUlTMmc9PSIsInZhbHVlIjoiVld3djcrcGQ3am50SXhRVFhRRXNCc25QZlhBUmUwRnRodDg1UzdzZjR6ZktqTVRrZXkzM0lZWThVUTREWFNCUCIsIm1hYyI6ImZiMTk3YzI2YTgxYjI5YWI1ZGM0MWMxMDk1NGRjNzFkZWQ1YzZkYjlhYTAxZTExZTJiOGNmYjBlOTBlYzI5ODAifQ%3D%3D; pasteshr_session=eyJpdiI6IlJ4U0g5U3NnVjdqZ2t2YW1FWWxFblE9PSIsInZhbHVlIjoiaURmYkFIYmlJQnFVR0RSRklwdlhYWDRscTgzODN4QWtvNXE2ZTJKaFdtT3N0Ym9kckFIQjRcL2h1elwvc25xMUlDIiwibWFjIjoiMTg3NDE3YWQ4MWJkMjkyNzhiZmNiMDJmNjQ4ZGVhN2YwNGIzNzNkMWI0YjZjYWFhZjA1OGQxYTUxMjc3M2U5NiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
paste.co.id
referer
https://paste.co.id/RtqoVy3Ejo
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/RtqoVy3Ejo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
last-modified
Wed, 28 Nov 2018 16:58:44 GMT
server
LiteSpeed
etag
"1b2d-5bfec944-90052b;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
6957
expires
Mon, 11 Oct 2021 11:15:43 GMT
paste.co.id.997452.js
jsc.mgid.com/p/a/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/p/a/paste.co.id.997452.js
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79608ed044b1bf4569cf31dcd176a26f53c471a03970ed70464412da09e82ecc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
content-encoding
br
cf-cache-status
HIT
age
6397
last-modified
Wed, 08 Sep 2021 08:19:02 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
NVEV87EKW60AHYZ9
x-amz-id-2
x0u/lUat5DtMvU8qO5SPR52R0aKLrmsHclPyWE8rtV9Kyl20SiYsmuUqBOEtWW6jcrIcp0uM9CM=
cf-bgj
minify
server
cloudflare
etag
W/"dea68416d34cb5dd06911963861adb91"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
698dfe749b39697f-FRA
expires
Mon, 04 Oct 2021 14:15:43 GMT
/
www.qrcoder.co.uk/api/v1/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.qrcoder.co.uk/api/v1/?size=4&text=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
109.203.125.88 , United Kingdom, ASN31727 (NODE4-AS, GB),
Reverse DNS
server.switchtowood.co.uk
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
921281
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
27433
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFRwjBny3w%2BTvkaR6DLjSCmQmK6shezq7xhWLEgKVPKBrgse%2BD8f4ip0%2FyvIpLTg4TeLXZwuNac4LA31llDBUJyyZTnLuEdU5g%2BtJVblvJ2e1JYBXF%2BZnFCsix00qQmzXPdkQ5ed"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
698dfe73bc236910-FRA
expires
Sat, 24 Sep 2022 11:15:43 GMT
bootstrap.min.js
paste.co.id/js/ 		50 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paste.co.id/js/bootstrap.min.js
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi465240.contaboserver.net
Software
LiteSpeed /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

:path
/js/bootstrap.min.js
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlJKbVhENU9SRTBGaGt2MlZWaUlTMmc9PSIsInZhbHVlIjoiVld3djcrcGQ3am50SXhRVFhRRXNCc25QZlhBUmUwRnRodDg1UzdzZjR6ZktqTVRrZXkzM0lZWThVUTREWFNCUCIsIm1hYyI6ImZiMTk3YzI2YTgxYjI5YWI1ZGM0MWMxMDk1NGRjNzFkZWQ1YzZkYjlhYTAxZTExZTJiOGNmYjBlOTBlYzI5ODAifQ%3D%3D; pasteshr_session=eyJpdiI6IlJ4U0g5U3NnVjdqZ2t2YW1FWWxFblE9PSIsInZhbHVlIjoiaURmYkFIYmlJQnFVR0RSRklwdlhYWDRscTgzODN4QWtvNXE2ZTJKaFdtT3N0Ym9kckFIQjRcL2h1elwvc25xMUlDIiwibWFjIjoiMTg3NDE3YWQ4MWJkMjkyNzhiZmNiMDJmNjQ4ZGVhN2YwNGIzNzNkMWI0YjZjYWFhZjA1OGQxYTUxMjc3M2U5NiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
paste.co.id
referer
https://paste.co.id/RtqoVy3Ejo
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/RtqoVy3Ejo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
content-encoding
br
last-modified
Thu, 08 Nov 2018 15:15:02 GMT
server
LiteSpeed
etag
"c75f-5be452f6-4418f5;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
13341
expires
Mon, 11 Oct 2021 11:15:43 GMT
mdb.min.js
paste.co.id/js/ 		204 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paste.co.id/js/mdb.min.js?v=2
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi465240.contaboserver.net
Software
LiteSpeed /
Resource Hash
073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669

Request headers

:path
/js/mdb.min.js?v=2
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlJKbVhENU9SRTBGaGt2MlZWaUlTMmc9PSIsInZhbHVlIjoiVld3djcrcGQ3am50SXhRVFhRRXNCc25QZlhBUmUwRnRodDg1UzdzZjR6ZktqTVRrZXkzM0lZWThVUTREWFNCUCIsIm1hYyI6ImZiMTk3YzI2YTgxYjI5YWI1ZGM0MWMxMDk1NGRjNzFkZWQ1YzZkYjlhYTAxZTExZTJiOGNmYjBlOTBlYzI5ODAifQ%3D%3D; pasteshr_session=eyJpdiI6IlJ4U0g5U3NnVjdqZ2t2YW1FWWxFblE9PSIsInZhbHVlIjoiaURmYkFIYmlJQnFVR0RSRklwdlhYWDRscTgzODN4QWtvNXE2ZTJKaFdtT3N0Ym9kckFIQjRcL2h1elwvc25xMUlDIiwibWFjIjoiMTg3NDE3YWQ4MWJkMjkyNzhiZmNiMDJmNjQ4ZGVhN2YwNGIzNzNkMWI0YjZjYWFhZjA1OGQxYTUxMjc3M2U5NiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
paste.co.id
referer
https://paste.co.id/RtqoVy3Ejo
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/RtqoVy3Ejo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
content-encoding
br
last-modified
Tue, 29 Jan 2019 22:15:46 GMT
server
LiteSpeed
etag
"331d6-5c50d092-441907;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
60235
expires
Mon, 11 Oct 2021 11:15:43 GMT
select2.min.js
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/ 		65 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/select2.min.js
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2304695
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15668
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fcb-1042e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dm2c8lWMTQbVsOYAvGIEG6YHx8W1I1xOkr%2FEBGxGxycFpX6u4wuDypejCXZEkWU6Ih3TVlyzHmiuU6G9WM5sxEVgc%2BIEGVvnkT7zaTZGqIXqeAhQHJhNrlU1h3iTAaLBayG4pg6Q"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
698dfe743df842d5-FRA
expires
Sat, 24 Sep 2022 11:15:43 GMT
ads.js
paste.co.id/js/ 		22 B
85 B 		Script
General
Check archive.org
Download Go to
Full URL
https://paste.co.id/js/ads.js
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi465240.contaboserver.net
Software
LiteSpeed /
Resource Hash
83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140

Request headers

:path
/js/ads.js
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlJKbVhENU9SRTBGaGt2MlZWaUlTMmc9PSIsInZhbHVlIjoiVld3djcrcGQ3am50SXhRVFhRRXNCc25QZlhBUmUwRnRodDg1UzdzZjR6ZktqTVRrZXkzM0lZWThVUTREWFNCUCIsIm1hYyI6ImZiMTk3YzI2YTgxYjI5YWI1ZGM0MWMxMDk1NGRjNzFkZWQ1YzZkYjlhYTAxZTExZTJiOGNmYjBlOTBlYzI5ODAifQ%3D%3D; pasteshr_session=eyJpdiI6IlJ4U0g5U3NnVjdqZ2t2YW1FWWxFblE9PSIsInZhbHVlIjoiaURmYkFIYmlJQnFVR0RSRklwdlhYWDRscTgzODN4QWtvNXE2ZTJKaFdtT3N0Ym9kckFIQjRcL2h1elwvc25xMUlDIiwibWFjIjoiMTg3NDE3YWQ4MWJkMjkyNzhiZmNiMDJmNjQ4ZGVhN2YwNGIzNzNkMWI0YjZjYWFhZjA1OGQxYTUxMjc3M2U5NiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
paste.co.id
referer
https://paste.co.id/RtqoVy3Ejo
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/RtqoVy3Ejo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
last-modified
Sat, 14 Mar 2020 00:25:06 GMT
server
LiteSpeed
etag
"16-5e6c2462-441908;;;"
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
22
expires
Mon, 11 Oct 2021 11:15:43 GMT
app.min.js
paste.co.id/js/ 		1 KB
710 B 		Script
General
Check archive.org
Download Go to
Full URL
https://paste.co.id/js/app.min.js?v=1.5
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi465240.contaboserver.net
Software
LiteSpeed /
Resource Hash
900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93

Request headers

:path
/js/app.min.js?v=1.5
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlJKbVhENU9SRTBGaGt2MlZWaUlTMmc9PSIsInZhbHVlIjoiVld3djcrcGQ3am50SXhRVFhRRXNCc25QZlhBUmUwRnRodDg1UzdzZjR6ZktqTVRrZXkzM0lZWThVUTREWFNCUCIsIm1hYyI6ImZiMTk3YzI2YTgxYjI5YWI1ZGM0MWMxMDk1NGRjNzFkZWQ1YzZkYjlhYTAxZTExZTJiOGNmYjBlOTBlYzI5ODAifQ%3D%3D; pasteshr_session=eyJpdiI6IlJ4U0g5U3NnVjdqZ2t2YW1FWWxFblE9PSIsInZhbHVlIjoiaURmYkFIYmlJQnFVR0RSRklwdlhYWDRscTgzODN4QWtvNXE2ZTJKaFdtT3N0Ym9kckFIQjRcL2h1elwvc25xMUlDIiwibWFjIjoiMTg3NDE3YWQ4MWJkMjkyNzhiZmNiMDJmNjQ4ZGVhN2YwNGIzNzNkMWI0YjZjYWFhZjA1OGQxYTUxMjc3M2U5NiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
paste.co.id
referer
https://paste.co.id/RtqoVy3Ejo
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/RtqoVy3Ejo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
content-encoding
br
last-modified
Sat, 14 Mar 2020 00:34:12 GMT
server
LiteSpeed
etag
"5b0-5e6c2684-4418f7;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
643
expires
Mon, 11 Oct 2021 11:15:43 GMT
prism.js
paste.co.id/plugins/prismjs/ 		328 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paste.co.id/plugins/prismjs/prism.js
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi465240.contaboserver.net
Software
LiteSpeed /
Resource Hash
af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a

Request headers

:path
/plugins/prismjs/prism.js
pragma
no-cache
cookie
XSRF-TOKEN=eyJpdiI6IlJKbVhENU9SRTBGaGt2MlZWaUlTMmc9PSIsInZhbHVlIjoiVld3djcrcGQ3am50SXhRVFhRRXNCc25QZlhBUmUwRnRodDg1UzdzZjR6ZktqTVRrZXkzM0lZWThVUTREWFNCUCIsIm1hYyI6ImZiMTk3YzI2YTgxYjI5YWI1ZGM0MWMxMDk1NGRjNzFkZWQ1YzZkYjlhYTAxZTExZTJiOGNmYjBlOTBlYzI5ODAifQ%3D%3D; pasteshr_session=eyJpdiI6IlJ4U0g5U3NnVjdqZ2t2YW1FWWxFblE9PSIsInZhbHVlIjoiaURmYkFIYmlJQnFVR0RSRklwdlhYWDRscTgzODN4QWtvNXE2ZTJKaFdtT3N0Ym9kckFIQjRcL2h1elwvc25xMUlDIiwibWFjIjoiMTg3NDE3YWQ4MWJkMjkyNzhiZmNiMDJmNjQ4ZGVhN2YwNGIzNzNkMWI0YjZjYWFhZjA1OGQxYTUxMjc3M2U5NiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
paste.co.id
referer
https://paste.co.id/RtqoVy3Ejo
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/RtqoVy3Ejo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
content-encoding
br
last-modified
Sat, 24 Nov 2018 17:17:38 GMT
server
LiteSpeed
etag
"521a1-5bf987b2-4c4790;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
114523
expires
Mon, 11 Oct 2021 11:15:43 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-174907544-1
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
3ccd7b6c64ba4b71f0db9d2002d589e0a15cd567536891dc87fe90063264d365
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38984
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 04 Oct 2021 11:15:43 GMT
tag.min.js
iclickcdn.com/ 		62 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iclickcdn.com/tag.min.js
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0491492f45a37ae8dd753622b824da1849ced9dd28f2043557c8d6dc84ff689e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*
age
83827
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
x-trace-id
ee73ff9a2a2d698703ce362cc1312cab
pragma
no-cache
last-modified
Sat, 02 Oct 2021 15:05:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWFn8RIMW6krw8%2BbQ1Ij28HzE7A5h%2BxoUCz%2BjT1MbY9L2dZhFjLt9ZlSwmqpcP5uul4G1sQW0SPb64vjgaQJVXtuHtf6g6aLJdg%2Fj6bjQKpU4UxlysQak5%2F7gVu57A0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
698dfe749cdc4125-PRG
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Mon, 04 Oct 2021 11:58:36 GMT
Roboto-Light.woff2
paste.co.id/font/roboto/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://paste.co.id/font/roboto/Roboto-Light.woff2
Requested by
Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi465240.contaboserver.net
Software
LiteSpeed /
Resource Hash
94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75

Request headers

sec-fetch-mode
cors
origin
https://paste.co.id
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
XSRF-TOKEN=eyJpdiI6IlJKbVhENU9SRTBGaGt2MlZWaUlTMmc9PSIsInZhbHVlIjoiVld3djcrcGQ3am50SXhRVFhRRXNCc25QZlhBUmUwRnRodDg1UzdzZjR6ZktqTVRrZXkzM0lZWThVUTREWFNCUCIsIm1hYyI6ImZiMTk3YzI2YTgxYjI5YWI1ZGM0MWMxMDk1NGRjNzFkZWQ1YzZkYjlhYTAxZTExZTJiOGNmYjBlOTBlYzI5ODAifQ%3D%3D; pasteshr_session=eyJpdiI6IlJ4U0g5U3NnVjdqZ2t2YW1FWWxFblE9PSIsInZhbHVlIjoiaURmYkFIYmlJQnFVR0RSRklwdlhYWDRscTgzODN4QWtvNXE2ZTJKaFdtT3N0Ym9kckFIQjRcL2h1elwvc25xMUlDIiwibWFjIjoiMTg3NDE3YWQ4MWJkMjkyNzhiZmNiMDJmNjQ4ZGVhN2YwNGIzNzNkMWI0YjZjYWFhZjA1OGQxYTUxMjc3M2U5NiJ9
:path
/font/roboto/Roboto-Light.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
paste.co.id
referer
https://paste.co.id/css/mdb.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://paste.co.id/css/mdb.min.css
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
last-modified
Thu, 08 Nov 2018 15:15:02 GMT
server
LiteSpeed
etag
"c0e4-5be452f6-900467;;;"
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
49380
expires
Mon, 11 Oct 2021 11:15:43 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617, 617
age
6776285
cdn-cachedat
2021-06-08 21:27:38
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
77160
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
cdafe510690689dc875ca0596a5bcb9b
accept-ranges
bytes
cf-ray
698dfe7458626921-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
Roboto-Regular.woff2
paste.co.id/font/roboto/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://paste.co.id/font/roboto/Roboto-Regular.woff2
Requested by
Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi465240.contaboserver.net
Software
LiteSpeed /
Resource Hash
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0

Request headers

sec-fetch-mode
cors
origin
https://paste.co.id
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
XSRF-TOKEN=eyJpdiI6IlJKbVhENU9SRTBGaGt2MlZWaUlTMmc9PSIsInZhbHVlIjoiVld3djcrcGQ3am50SXhRVFhRRXNCc25QZlhBUmUwRnRodDg1UzdzZjR6ZktqTVRrZXkzM0lZWThVUTREWFNCUCIsIm1hYyI6ImZiMTk3YzI2YTgxYjI5YWI1ZGM0MWMxMDk1NGRjNzFkZWQ1YzZkYjlhYTAxZTExZTJiOGNmYjBlOTBlYzI5ODAifQ%3D%3D; pasteshr_session=eyJpdiI6IlJ4U0g5U3NnVjdqZ2t2YW1FWWxFblE9PSIsInZhbHVlIjoiaURmYkFIYmlJQnFVR0RSRklwdlhYWDRscTgzODN4QWtvNXE2ZTJKaFdtT3N0Ym9kckFIQjRcL2h1elwvc25xMUlDIiwibWFjIjoiMTg3NDE3YWQ4MWJkMjkyNzhiZmNiMDJmNjQ4ZGVhN2YwNGIzNzNkMWI0YjZjYWFhZjA1OGQxYTUxMjc3M2U5NiJ9
:path
/font/roboto/Roboto-Regular.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
paste.co.id
referer
https://paste.co.id/css/mdb.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://paste.co.id/css/mdb.min.css
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
last-modified
Thu, 08 Nov 2018 15:15:02 GMT
server
LiteSpeed
etag
"c054-5be452f6-900463;;;"
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
49236
expires
Mon, 11 Oct 2021 11:15:43 GMT
Roboto-Bold.woff2
paste.co.id/font/roboto/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://paste.co.id/font/roboto/Roboto-Bold.woff2
Requested by
Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi465240.contaboserver.net
Software
LiteSpeed /
Resource Hash
8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716

Request headers

sec-fetch-mode
cors
origin
https://paste.co.id
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
XSRF-TOKEN=eyJpdiI6IlJKbVhENU9SRTBGaGt2MlZWaUlTMmc9PSIsInZhbHVlIjoiVld3djcrcGQ3am50SXhRVFhRRXNCc25QZlhBUmUwRnRodDg1UzdzZjR6ZktqTVRrZXkzM0lZWThVUTREWFNCUCIsIm1hYyI6ImZiMTk3YzI2YTgxYjI5YWI1ZGM0MWMxMDk1NGRjNzFkZWQ1YzZkYjlhYTAxZTExZTJiOGNmYjBlOTBlYzI5ODAifQ%3D%3D; pasteshr_session=eyJpdiI6IlJ4U0g5U3NnVjdqZ2t2YW1FWWxFblE9PSIsInZhbHVlIjoiaURmYkFIYmlJQnFVR0RSRklwdlhYWDRscTgzODN4QWtvNXE2ZTJKaFdtT3N0Ym9kckFIQjRcL2h1elwvc25xMUlDIiwibWFjIjoiMTg3NDE3YWQ4MWJkMjkyNzhiZmNiMDJmNjQ4ZGVhN2YwNGIzNzNkMWI0YjZjYWFhZjA1OGQxYTUxMjc3M2U5NiJ9
:path
/font/roboto/Roboto-Bold.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
paste.co.id
referer
https://paste.co.id/css/mdb.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://paste.co.id/css/mdb.min.css
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
last-modified
Thu, 08 Nov 2018 15:15:02 GMT
server
LiteSpeed
etag
"c338-5be452f6-900465;;;"
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
49976
expires
Mon, 11 Oct 2021 11:15:43 GMT
clipboard.min.js
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js
Requested by
Host: paste.co.id
URL: https://paste.co.id/plugins/prismjs/prism.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4021229
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2905
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:13 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e29-29a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntb9LKzfQdDI%2Fk5Jkq3jyeshkSf8rb4HjeHABYaJX5YZmd%2BA7SGmjNPZgwhSDQjSmjyuMjZg1vRI31dIMil4wl0GH%2BrrpkarVrZeNtlhOAX7I05NdLFqy3kBlrCbaSHhLKAblM%2FL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
698dfe776d0342d5-FRA
expires
Sat, 24 Sep 2022 11:15:43 GMT
zone
seeptoag.net/ 		698 B
982 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://seeptoag.net/zone?pub=0&zone_id=3534037&is_mobile=false&domain=paste.co.id&var=&ymid=&var_3=
Requested by
Host: seeptoag.net
URL: https://seeptoag.net/ntfc.php?p=3534037
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b0edd8524eb10deb5eff33156f13c08bef26fdb2042fbbdabab02a7351d7c354
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-trace-id
992031a4b19a0b210b5ac83f7b624384
date
Mon, 04 Oct 2021 11:15:40 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paste.co.id
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
698
universal.min.js
seeptoag.net/pfe/current/ 		101 KB
37 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://seeptoag.net/pfe/current/universal.min.js?v=3.1.325
Requested by
Host: seeptoag.net
URL: https://seeptoag.net/ntfc.php?p=3534037
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
3b71cafee3aa748879b39914c46091d269605071c131adc9ef37309749e8f1fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:43 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 13:22:48 GMT
server
nginx
etag
W/"6155ba28-195b8"
content-type
application/javascript
access-control-allow-origin
https://paste.co.id
cache-control
no-cache
access-control-allow-credentials
true
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/ 		257 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js?bust=31062987
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
cc7b69dce7a199a83f41f4f0f14c3955c09788a452a9abc2aa5924ad984ee513
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97174
x-xss-protection
0
server
cafe
etag
16831716765010033174
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 11:15:43 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/ Frame E457 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210928/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://paste.co.id/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 03 Oct 2021 23:06:38 GMT
expires
Sun, 17 Oct 2021 23:06:38 GMT
content-type
text/html; charset=UTF-8
etag
297313706323796346
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4617
x-xss-protection
0
age
43746
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
get-paste
paste.co.id/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://paste.co.id/get-paste
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi465240.contaboserver.net
Software
LiteSpeed /
Resource Hash
87cd87744aa5873314feb68c3124765070bb2a4e7dfeef23b23ab4c67e7e6312

Request headers

sec-fetch-mode
cors
origin
https://paste.co.id
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
XSRF-TOKEN=eyJpdiI6IlJKbVhENU9SRTBGaGt2MlZWaUlTMmc9PSIsInZhbHVlIjoiVld3djcrcGQ3am50SXhRVFhRRXNCc25QZlhBUmUwRnRodDg1UzdzZjR6ZktqTVRrZXkzM0lZWThVUTREWFNCUCIsIm1hYyI6ImZiMTk3YzI2YTgxYjI5YWI1ZGM0MWMxMDk1NGRjNzFkZWQ1YzZkYjlhYTAxZTExZTJiOGNmYjBlOTBlYzI5ODAifQ%3D%3D; pasteshr_session=eyJpdiI6IlJ4U0g5U3NnVjdqZ2t2YW1FWWxFblE9PSIsInZhbHVlIjoiaURmYkFIYmlJQnFVR0RSRklwdlhYWDRscTgzODN4QWtvNXE2ZTJKaFdtT3N0Ym9kckFIQjRcL2h1elwvc25xMUlDIiwibWFjIjoiMTg3NDE3YWQ4MWJkMjkyNzhiZmNiMDJmNjQ4ZGVhN2YwNGIzNzNkMWI0YjZjYWFhZjA1OGQxYTUxMjc3M2U5NiJ9
content-length
63
:path
/get-paste
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
paste.co.id
referer
https://paste.co.id/RtqoVy3Ejo
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
Referer
https://paste.co.id/RtqoVy3Ejo
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
server
LiteSpeed
x-ratelimit-remaining
58
content-type
application/json
cache-control
no-cache, private
x-ratelimit-limit
60
set-cookie
XSRF-TOKEN=eyJpdiI6Inozbm1FdWRHZ1hmbW1abHZLaWtFQXc9PSIsInZhbHVlIjoiVjNTOGpPXC82Mm93emdYXC9FcGZOWkpBTmZGcHFJZGdQU09jV2J4TVJjM2Z2S0hxSzlPNWdiQWEzVnRNcEFiRHZCIiwibWFjIjoiY2Y1YjFhYjQzYTZlOWQ0ZDYyODYwYWM4NTNjNmRjNjllZDc4ZWU0NjQ2NDQ2NmIyNzE0MDFjNzFkZmZmN2Q4MCJ9; expires=Mon, 04-Oct-2021 13:15:45 GMT; Max-Age=7200; path=/ pasteshr_session=eyJpdiI6InRCU0JOaTV2WGFhODROV1RoZG1Vd0E9PSIsInZhbHVlIjoiQlh3OEhpY2liT3l2dU5JdnpZZGM0dFwvdlhkNVRoKzd5Qk1xXC94SUFva1RDZlI0bzN5bzVCUXBqb2ZYeGo3ZWNzIiwibWFjIjoiNDA0OTAzMzJmOTgyMTI3YWI3NTQxOTExZDA5MWEzNGEyZGIzOWRmMGU5ZWZkZjQ5MjU0MzI4NDZjNDhmOTUzOSJ9; expires=Mon, 04-Oct-2021 13:15:45 GMT; Max-Age=7200; path=/; httponly
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
2221
paste.co.id.997452.es6.js
jsc.mgid.com/p/a/ 		232 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86d346d04ac4304fa681a2a2ab854cf156cbae19ff35a188cc600cc5d0d03164

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:44 GMT
content-encoding
br
cf-cache-status
HIT
age
6397
last-modified
Wed, 08 Sep 2021 08:19:02 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
VDCYMPX6QNSQHBRE
x-amz-id-2
VvWyKt7bSDDgvBTYVK3LFfQybkicYGdosGntY3YnBkRx29kfpr85PT69Vf15GQZWrvzXBovf8c4=
cf-bgj
minify
server
cloudflare
etag
W/"6d86f368fa811fddbfeb7b9ec37f0497"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
698dfe77fe3e42d5-FRA
expires
Mon, 04 Oct 2021 14:15:44 GMT
/
bedrapiona.com/5/3724584/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bedrapiona.com/5/3724584/?oo=1&js_build=2
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
7bbdc632c93c78f5dc94e8a3ddeadd1f2acb2efab6b099cbf47504eb17c4cf2b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-trace-id
8fd00af1ee1b1b9a7408b11d8a022983
pragma
no-cache, no-cache
date
Mon, 04 Oct 2021 11:15:40 GMT
content-encoding
gzip
server
nginx
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://lukomol.com>; rel="preconnect dns-prefetch"
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://paste.co.id
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-137362802-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-174907544-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e6d697c2533dd266c943b504a8f3696c87377d38171c5979df27d3bf5970500c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39002
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 04 Oct 2021 11:15:44 GMT
cookie.js
partner.googleadservices.com/gampad/ 		201 B
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=paste.co.id&callback=_gfp_s_&client=ca-pub-4712388827405335
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js?bust=31062987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
2d28abba387215286b5428cdadf459db861cece8d44c43e2403ba06e58bbe71c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
190
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paste.co.id
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js?bust=31062987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Oct 2021 11:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C09B 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1633346144&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633346143956&bpp=4&bdt=709&idt=164&shv=r20210928&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3352552872611&frm=20&pv=2&ga_vid=1396786116.1633346144&ga_sid=1633346144&ga_hid=545764995&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750345%2C31062987&oid=2&pvsid=3333470347671981&pem=440&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=182
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js?bust=31062987
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
683cb9df11c61a975d8587dc40ec50e8516bd18b9b9c500615372581d27e4712
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1633346144&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633346143956&bpp=4&bdt=709&idt=164&shv=r20210928&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3352552872611&frm=20&pv=2&ga_vid=1396786116.1633346144&ga_sid=1633346144&ga_hid=545764995&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750345%2C31062987&oid=2&pvsid=3333470347671981&pem=440&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=182
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://paste.co.id/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 04 Oct 2021 11:15:44 GMT
server
cafe
content-length
4728
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 04-Oct-2021 11:30:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 04 Oct 2021 11:15:44 GMT
cache-control
private
3724582
dozubatan.com/400/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dozubatan.com/400/3724582
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
c7f99f1f3057c6c976955105d6a54e7149d2e037fb8d1d8a2df6e6d2043271fd
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-trace-id
d9d8fdff3bad05ecb6f85b0bb01b8ba7
pragma
no-cache
date
Mon, 04 Oct 2021 11:15:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security
max-age=1
timing-allow-origin
*
expires
Wed, 31 Dec 1969 19:00:00 EST
tag.min.js
pseepsie.com/pfe/current/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pseepsie.com/pfe/current/tag.min.js?z=4022315
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ea756ee47cf288fe4ff48e8e72686f24ec239d60cacc70f8f62017a694f8c075

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:40 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 13:22:43 GMT
server
nginx
etag
W/"6155ba23-3bfd"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
1
toglooman.com/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://toglooman.com/1?z=3724583
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8b9040bec306000686e911cd81412d1b7cb4e8268c057351f55d01215ca7ff79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:43 GMT
content-encoding
gzip
x-sc
-ZJc0mYSh93RlmzUj9BmtLTlefjT58dbEI4Ulinw-pSAiP7dkUwFtIfaD6jptnAfmPbZESo-4jXIBCvoKtpWzz-yuvo=
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires
Mon, 26 Jul 1997 05:00:00 GMT
fac.php
onmarshtompor.com/ Frame BBBC 		203 B
833 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onmarshtompor.com/fac.php?OAID=412528682df644ae98cbd2b03e73620c&oaidts=1633346144
Requested by
Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
df0d0e06b89b812c5e64d53884b1092af8ad99e98b4b36eb9d5f3868b51aa978
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
onmarshtompor.com
:scheme
https
:path
/fac.php?OAID=412528682df644ae98cbd2b03e73620c&oaidts=1633346144
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://paste.co.id/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/

Response headers

server
nginx
date
Mon, 04 Oct 2021 11:15:44 GMT
content-type
text/html; charset=utf8
content-length
203
x-trace-id
55d3f1f39ced47fbef83be0b1ae8aeb2
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age
86400
pragma
no-cache
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
expires
Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin
* *
set-cookie
OAID=412528682df644ae98cbd2b03e73620c; expires=Tue, 04 Oct 2022 11:15:44 GMT; path=/; secure; SameSite=None oaidts=1633346144; expires=Tue, 04 Oct 2022 11:15:44 GMT; path=/; secure; SameSite=None
strict-transport-security
max-age=1
x-content-type-options
nosniff
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137362802-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1727
date
Mon, 04 Oct 2021 10:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 04 Oct 2021 12:46:57 GMT
custom
seeptoag.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://seeptoag.net/custom
Protocol
H2
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://paste.co.id
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 04 Oct 2021 11:15:44 GMT
content-type
text/plain; charset=utf-8
content-length
0
access-control-allow-origin
https://paste.co.id
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age
86400
custom
seeptoag.net/ 		39 B
322 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://seeptoag.net/custom
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://paste.co.id/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
8454f4589dca6f351ee1546d8091d994
date
Mon, 04 Oct 2021 11:15:40 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paste.co.id
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
gid.js
my.rtmark.net/ 		65 B
541 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=dfc5489aee9445ffbd6a108b1304d4de&zoneId=3534037&checkDuplicate=true&ymid=&var=
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
67a29b893fd282f0f336c865d0ecab90df56f18863f1e1064de65a0e62dc3a47
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:44 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paste.co.id
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
382093357de45187a02cbd59d4cfd212
toglooman.com/27/ 		374 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://toglooman.com/27/382093357de45187a02cbd59d4cfd212
Requested by
Host: toglooman.com
URL: https://toglooman.com/1?z=3724583
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
29f919dbc99c1082e74540694026f9542b9a80b78073922fa0a4111377092926
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Oct 2021 04:56:58 GMT
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
cache-control
max-age:290304000, public
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires
Mon, 03 Nov 2081 04:56:58 GMT
38
toglooman.com/42/ 		0
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://toglooman.com/42/38?z=3724583
Requested by
Host: toglooman.com
URL: https://toglooman.com/1?z=3724583
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:43 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
zone
pseepsie.com/ 		667 B
951 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pseepsie.com/zone?pub=0&zone_id=4022315&is_mobile=false&domain=paste.co.id&var=&ymid=&var_3=
Requested by
Host: pseepsie.com
URL: https://pseepsie.com/pfe/current/tag.min.js?z=4022315
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8b5df479869a066694cf878a5d0752b310571f3a6f283d8d19a03ab9e1f2b673
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-trace-id
774453a05635b670df15a4c7aa8397e9
date
Mon, 04 Oct 2021 11:15:40 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paste.co.id
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
667
universal.min.js
pseepsie.com/pfe/current/ 		101 KB
37 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pseepsie.com/pfe/current/universal.min.js?v=3.1.325
Requested by
Host: pseepsie.com
URL: https://pseepsie.com/pfe/current/tag.min.js?z=4022315
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
3b71cafee3aa748879b39914c46091d269605071c131adc9ef37309749e8f1fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:44 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 13:22:48 GMT
server
nginx
etag
W/"6155ba28-195b8"
content-type
application/javascript
access-control-allow-origin
https://paste.co.id
cache-control
no-cache
access-control-allow-credentials
true
gid.js
my.rtmark.net/ 		65 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: inpagepush.com
URL: https://inpagepush.com/400/3509488
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
67a29b893fd282f0f336c865d0ecab90df56f18863f1e1064de65a0e62dc3a47
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:44 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paste.co.id
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
img.gif
my.rtmark.net/ Frame BBBC 		43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=412528682df644ae98cbd2b03e73620c
Requested by
Host: onmarshtompor.com
URL: https://onmarshtompor.com/fac.php?OAID=412528682df644ae98cbd2b03e73620c&oaidts=1633346144
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onmarshtompor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:44 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=545764995&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&ul=en-us&de=UTF-8&dt=Untitled%20-%20Paste.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=412503747&gjid=1963416658&cid=1396786116.1633346144&tid=UA-137362802-1&_gid=1151568107.1633346144&_r=1&gtm=2ou9r0&z=1950385620
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://paste.co.id/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paste.co.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=545764995&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&ul=en-us&de=UTF-8&dt=Untitled%20-%20Paste.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAUABAAAAAC~&jid=253596054&gjid=1972880955&cid=1396786116.1633346144&tid=UA-174907544-1&_gid=1151568107.1633346144&_r=1&gtm=2ou9r0&z=1000282638
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://paste.co.id/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paste.co.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
3509488
inpagepush.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://inpagepush.com/500/3509488?excludes=&oaid=dfc5489aee9445ffbd6a108b1304d4de&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Protocol
H2
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://paste.co.id
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 04 Oct 2021 11:15:44 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET
access-control-allow-origin
https://paste.co.id
access-control-max-age
300
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security
max-age=1
x-content-type-options
nosniff
timing-allow-origin
*
3509488
inpagepush.com/500/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://inpagepush.com/500/3509488?excludes=&oaid=dfc5489aee9445ffbd6a108b1304d4de&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
Requested by
Host: inpagepush.com
URL: https://inpagepush.com/400/3509488
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
92c9e465407abc0fff0234e4bfb7c667799f020377e08be8f494b0f7e1fdba9a
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://paste.co.id/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
79acd63514008a17aae4e6643391984c
pragma
no-cache
date
Mon, 04 Oct 2021 11:15:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://paste.co.id
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*
expires
Wed, 31 Dec 1969 19:00:00 EST
9
toglooman.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://toglooman.com/9?z=3724583&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&sah=1200&drf=&hil=1&ist=0
Protocol
H2
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://paste.co.id
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 04 Oct 2021 11:15:44 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://paste.co.id
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma
no-cache
cache-control
no-store, no-cache, must-revalidate, max-age=0
expires
Mon, 26 Jul 1997 05:00:00 GMT
online.js
static.lalaping.com/ 		84 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.lalaping.com/online.js?ver=2.0.0
Requested by
Host: toglooman.com
URL: https://toglooman.com/27/382093357de45187a02cbd59d4cfd212
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Nov 2020 17:10:39 GMT
server
cloudflare
age
860
etag
W/"5fbbed0f-14f3c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GGbpyGSptq2Kqpqwkcr00R%2F2sSujwi9UsdeYiFSbLbSoiIxBSCu%2BFTrMVLOqv9NM1XJK2sKjvgSDluVGi%2B6fmyugteud4CPTJCcp8fbGXYm%2FL%2B8G3gLTby35H0PjMr826Cdo5s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
698dfe7acb5a2784-PRG
9
toglooman.com/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://toglooman.com/9?z=3724583&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&sah=1200&drf=&hil=1&ist=0
Requested by
Host: toglooman.com
URL: https://toglooman.com/27/382093357de45187a02cbd59d4cfd212
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b97da5069a00df3012c75cf8295a8290dca9ced906d67f4ba972a5b7c9355bdd

Request headers

Referer
https://paste.co.id/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:44 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
https://paste.co.id
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires
Mon, 26 Jul 1997 05:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-137362802-1&cid=1396786116.1633346144&jid=412503747&gjid=1963416658&_gid=1151568107.1633346144&_u=YAhAAUAAAAAAAC~&z=581282206
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.140.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://paste.co.id/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 04 Oct 2021 11:15:44 GMT
content-type
text/plain
access-control-allow-origin
https://paste.co.id
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
defaultSkin.min.js
seeptoag.net/pfe/current/ 		56 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://seeptoag.net/pfe/current/defaultSkin.min.js
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:44 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 13:22:48 GMT
server
nginx
etag
W/"6155ba28-df63"
content-type
application/javascript
access-control-allow-origin
https://paste.co.id
cache-control
no-cache
access-control-allow-credentials
true
truncated
/ Frame C216 		255 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
custom
seeptoag.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://seeptoag.net/custom
Protocol
H2
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://paste.co.id
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 04 Oct 2021 11:15:44 GMT
content-type
text/plain; charset=utf-8
content-length
0
access-control-allow-origin
https://paste.co.id
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age
86400
custom
seeptoag.net/ 		39 B
322 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://seeptoag.net/custom
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://paste.co.id/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
f12b3805e48e7eda027816e38b273ddf
date
Mon, 04 Oct 2021 11:15:40 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paste.co.id
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-137362802-1&cid=1396786116.1633346144&jid=412503747&_u=YAhAAUAAAAAAAC~&z=1732469601
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0738745987824.png
static.cdnativepush.com/contents/s/27/37/a4/8fd12ad9d8597ca0ddca80c749/ 		577 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cdnativepush.com/contents/s/27/37/a4/8fd12ad9d8597ca0ddca80c749/0738745987824.png
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.188 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b0e7fadc3bee4745eb7e38e7684dc1ab8ffb8639d16f1ebdc21cbca2f9dbcc0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 04 Oct 2021 11:15:44 GMT
Last-Modified
Thu, 21 Feb 2019 14:00:06 GMT
Server
nginx
ETag
"5c6eaee6-241"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
577
img.gif
my.rtmark.net/ 		43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=70a07c094841481e9fd6b455a10f1f71
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:44 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
11
toglooman.com/ 		0
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://toglooman.com/11?rnd=2914952694&z=3724583&b=5362695&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=pGE_UVNVvdK3-xRxdmNxN4qvTGT9oCbQCZNuFWTX9KLNrjuqUvuCtwPxeqfmb5vhL8sfLlSlvx7ElygISktFL6e8XnUsjnkJ0vn6dvi1JbfMkeDWU1xIIBxratanJZnUxmnqF6VnOzp-LQbzR6wYXtwjW9u9gWTASTU2kwlKDjA6nHR72T8CBJuGdI0fKMvHbyqGpOp8fV68-2EgzulOaaygSygC0GQGxsDqu1iUWtwCT9pA3wITtYtIApgCZhM6bTVaRNXN1Y43V2atE-tcjjZeS8XVZpVMr9fX2w==&ruid=fb642dc1-0fc6-45cf-9501-d2cc3e58ca27&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&sah=1200&drf=&hil=1&ist=0&ot=81
Requested by
Host: toglooman.com
URL: https://toglooman.com/27/382093357de45187a02cbd59d4cfd212
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:44 GMT
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/jpeg
access-control-allow-origin
https://paste.co.id
access-control-expose-headers
X-Sc
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
Cookie set /
interst12.com/ Frame B52E 		20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D3730550036%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DpGE_UVNVvdK3-xRxdmNxN4qvTGT9oCbQCZNuFWTX9KLNrjuqUvuCtwPxeqfmb5vhL8sfLlSlvx7ElygISktFL6e8XnUsjnkJ0vn6dvi1JbfMkeDWU1xIIBxratanJZnUxmnqF6VnOzp-LQbzR6wYXtwjW9u9gWTASTU2kwlKDjA6nHR72T8CBJuGdI0fKMvHbyqGpOp8fV68-2EgzulOaaygSygC0GQGxsDqu1iUWtwCT9pA3wITtYtIApgCZhM6bTVaRNXN1Y43V2atE-tcjjZeS8XVZpVMr9fX2w%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dfb642dc1-0fc6-45cf-9501-d2cc3e58ca27%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FRtqoVy3Ejo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Requested by
Host: toglooman.com
URL: https://toglooman.com/27/382093357de45187a02cbd59d4cfd212
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.162 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.18
Resource Hash
0255ba8a1ae341593c7a32c0e14b85ea4f1935087d8ed116a3992f0a7f8907c4

Request headers

Host
interst12.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://paste.co.id/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/

Response headers

Server
nginx
Date
Mon, 04 Oct 2021 11:15:44 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/7.4.18
Set-Cookie
reverse=8ZYYYyKeM2JGg26bZKcXSv3FvShWGNqpORMg7TXfRYM; expires=Mon, 04-Oct-2021 12:15:44 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding
gzip
googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
sffe /
Resource Hash
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5087
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 04 Oct 2021 11:15:44 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
sffe /
Resource Hash
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5969
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 04 Oct 2021 11:15:44 GMT
googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
sffe /
Resource Hash
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13504
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 04 Oct 2021 11:15:44 GMT
googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
sffe /
Resource Hash
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7048
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 04 Oct 2021 11:15:44 GMT
googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
sffe /
Resource Hash
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3934
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 04 Oct 2021 11:15:44 GMT
/
c.mgid.com/pv/ 		0
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1633346144640362508685&uniqId=0f02c&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&lu=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&sessionId=615ae261-06339&pageView=1&pvid=17c4b0449819dc33ddb&site=414527&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
698dfe7c1f06697f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
fv.js
propeller-tracking.com/ Frame B52E 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://propeller-tracking.com/fv.js?t=72747&cb=545889850
Requested by
Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D3730550036%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DpGE_UVNVvdK3-xRxdmNxN4qvTGT9oCbQCZNuFWTX9KLNrjuqUvuCtwPxeqfmb5vhL8sfLlSlvx7ElygISktFL6e8XnUsjnkJ0vn6dvi1JbfMkeDWU1xIIBxratanJZnUxmnqF6VnOzp-LQbzR6wYXtwjW9u9gWTASTU2kwlKDjA6nHR72T8CBJuGdI0fKMvHbyqGpOp8fV68-2EgzulOaaygSygC0GQGxsDqu1iUWtwCT9pA3wITtYtIApgCZhM6bTVaRNXN1Y43V2atE-tcjjZeS8XVZpVMr9fX2w%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dfb642dc1-0fc6-45cf-9501-d2cc3e58ca27%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FRtqoVy3Ejo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://interst12.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-trace-id
4f15e84d5366d4cf4bce8dd7f8c32c4d
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers
Authorization
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires
Tue, 11 Jan 1994 10:00:00 GMT
style.css
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/ Frame B52E 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/style.css?v=1518177503492
Requested by
Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D3730550036%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DpGE_UVNVvdK3-xRxdmNxN4qvTGT9oCbQCZNuFWTX9KLNrjuqUvuCtwPxeqfmb5vhL8sfLlSlvx7ElygISktFL6e8XnUsjnkJ0vn6dvi1JbfMkeDWU1xIIBxratanJZnUxmnqF6VnOzp-LQbzR6wYXtwjW9u9gWTASTU2kwlKDjA6nHR72T8CBJuGdI0fKMvHbyqGpOp8fV68-2EgzulOaaygSygC0GQGxsDqu1iUWtwCT9pA3wITtYtIApgCZhM6bTVaRNXN1Y43V2atE-tcjjZeS8XVZpVMr9fX2w%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dfb642dc1-0fc6-45cf-9501-d2cc3e58ca27%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FRtqoVy3Ejo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://interst12.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:44 GMT
content-encoding
br
cf-cache-status
HIT
age
1959
last-modified
Thu, 12 Aug 2021 11:38:21 GMT
server
cloudflare
etag
W/"6115082d-30c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=14400
cf-ray
698dfe7c3abd68eb-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
audible.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame B52E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/audible.png
Requested by
Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D3730550036%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DpGE_UVNVvdK3-xRxdmNxN4qvTGT9oCbQCZNuFWTX9KLNrjuqUvuCtwPxeqfmb5vhL8sfLlSlvx7ElygISktFL6e8XnUsjnkJ0vn6dvi1JbfMkeDWU1xIIBxratanJZnUxmnqF6VnOzp-LQbzR6wYXtwjW9u9gWTASTU2kwlKDjA6nHR72T8CBJuGdI0fKMvHbyqGpOp8fV68-2EgzulOaaygSygC0GQGxsDqu1iUWtwCT9pA3wITtYtIApgCZhM6bTVaRNXN1Y43V2atE-tcjjZeS8XVZpVMr9fX2w%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dfb642dc1-0fc6-45cf-9501-d2cc3e58ca27%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FRtqoVy3Ejo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://interst12.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:44 GMT
cf-cache-status
HIT
age
1348
content-length
3429
last-modified
Thu, 12 Aug 2021 11:38:21 GMT
server
cloudflare
etag
"6115082d-d65"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
698dfe7c5afd68eb-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
0100657458245.jpeg
interst12.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/ Frame B52E 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://interst12.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/0100657458245.jpeg
Requested by
Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D3730550036%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DpGE_UVNVvdK3-xRxdmNxN4qvTGT9oCbQCZNuFWTX9KLNrjuqUvuCtwPxeqfmb5vhL8sfLlSlvx7ElygISktFL6e8XnUsjnkJ0vn6dvi1JbfMkeDWU1xIIBxratanJZnUxmnqF6VnOzp-LQbzR6wYXtwjW9u9gWTASTU2kwlKDjA6nHR72T8CBJuGdI0fKMvHbyqGpOp8fV68-2EgzulOaaygSygC0GQGxsDqu1iUWtwCT9pA3wITtYtIApgCZhM6bTVaRNXN1Y43V2atE-tcjjZeS8XVZpVMr9fX2w%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dfb642dc1-0fc6-45cf-9501-d2cc3e58ca27%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FRtqoVy3Ejo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.162 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D3730550036%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DpGE_UVNVvdK3-xRxdmNxN4qvTGT9oCbQCZNuFWTX9KLNrjuqUvuCtwPxeqfmb5vhL8sfLlSlvx7ElygISktFL6e8XnUsjnkJ0vn6dvi1JbfMkeDWU1xIIBxratanJZnUxmnqF6VnOzp-LQbzR6wYXtwjW9u9gWTASTU2kwlKDjA6nHR72T8CBJuGdI0fKMvHbyqGpOp8fV68-2EgzulOaaygSygC0GQGxsDqu1iUWtwCT9pA3wITtYtIApgCZhM6bTVaRNXN1Y43V2atE-tcjjZeS8XVZpVMr9fX2w%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dfb642dc1-0fc6-45cf-9501-d2cc3e58ca27%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FRtqoVy3Ejo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 04 Oct 2021 11:15:44 GMT
Last-Modified
Thu, 31 Jan 2019 11:14:34 GMT
Server
nginx
ETag
"5c52d89a-d0e0"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
53472
0933414948049.jpeg
interst12.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/ Frame B52E 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://interst12.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/0933414948049.jpeg
Requested by
Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D3730550036%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DpGE_UVNVvdK3-xRxdmNxN4qvTGT9oCbQCZNuFWTX9KLNrjuqUvuCtwPxeqfmb5vhL8sfLlSlvx7ElygISktFL6e8XnUsjnkJ0vn6dvi1JbfMkeDWU1xIIBxratanJZnUxmnqF6VnOzp-LQbzR6wYXtwjW9u9gWTASTU2kwlKDjA6nHR72T8CBJuGdI0fKMvHbyqGpOp8fV68-2EgzulOaaygSygC0GQGxsDqu1iUWtwCT9pA3wITtYtIApgCZhM6bTVaRNXN1Y43V2atE-tcjjZeS8XVZpVMr9fX2w%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dfb642dc1-0fc6-45cf-9501-d2cc3e58ca27%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FRtqoVy3Ejo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.162 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D3730550036%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DpGE_UVNVvdK3-xRxdmNxN4qvTGT9oCbQCZNuFWTX9KLNrjuqUvuCtwPxeqfmb5vhL8sfLlSlvx7ElygISktFL6e8XnUsjnkJ0vn6dvi1JbfMkeDWU1xIIBxratanJZnUxmnqF6VnOzp-LQbzR6wYXtwjW9u9gWTASTU2kwlKDjA6nHR72T8CBJuGdI0fKMvHbyqGpOp8fV68-2EgzulOaaygSygC0GQGxsDqu1iUWtwCT9pA3wITtYtIApgCZhM6bTVaRNXN1Y43V2atE-tcjjZeS8XVZpVMr9fX2w%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dfb642dc1-0fc6-45cf-9501-d2cc3e58ca27%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FRtqoVy3Ejo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 04 Oct 2021 11:15:44 GMT
Last-Modified
Mon, 26 Mar 2018 13:01:51 GMT
Server
nginx
ETag
"5ab8ef3f-393b"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
14651
0350025199145.jpeg
interst12.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/ Frame B52E 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://interst12.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/0350025199145.jpeg
Requested by
Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D3730550036%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DpGE_UVNVvdK3-xRxdmNxN4qvTGT9oCbQCZNuFWTX9KLNrjuqUvuCtwPxeqfmb5vhL8sfLlSlvx7ElygISktFL6e8XnUsjnkJ0vn6dvi1JbfMkeDWU1xIIBxratanJZnUxmnqF6VnOzp-LQbzR6wYXtwjW9u9gWTASTU2kwlKDjA6nHR72T8CBJuGdI0fKMvHbyqGpOp8fV68-2EgzulOaaygSygC0GQGxsDqu1iUWtwCT9pA3wITtYtIApgCZhM6bTVaRNXN1Y43V2atE-tcjjZeS8XVZpVMr9fX2w%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dfb642dc1-0fc6-45cf-9501-d2cc3e58ca27%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FRtqoVy3Ejo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.162 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D3730550036%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DpGE_UVNVvdK3-xRxdmNxN4qvTGT9oCbQCZNuFWTX9KLNrjuqUvuCtwPxeqfmb5vhL8sfLlSlvx7ElygISktFL6e8XnUsjnkJ0vn6dvi1JbfMkeDWU1xIIBxratanJZnUxmnqF6VnOzp-LQbzR6wYXtwjW9u9gWTASTU2kwlKDjA6nHR72T8CBJuGdI0fKMvHbyqGpOp8fV68-2EgzulOaaygSygC0GQGxsDqu1iUWtwCT9pA3wITtYtIApgCZhM6bTVaRNXN1Y43V2atE-tcjjZeS8XVZpVMr9fX2w%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dfb642dc1-0fc6-45cf-9501-d2cc3e58ca27%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FRtqoVy3Ejo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 04 Oct 2021 11:15:44 GMT
Last-Modified
Tue, 17 Jul 2018 10:46:08 GMT
Server
nginx
ETag
"5b4dc8f0-8b17"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
35607
01289039865190.jpeg
interst12.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/ Frame B52E 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://interst12.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/01289039865190.jpeg
Requested by
Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D3730550036%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DpGE_UVNVvdK3-xRxdmNxN4qvTGT9oCbQCZNuFWTX9KLNrjuqUvuCtwPxeqfmb5vhL8sfLlSlvx7ElygISktFL6e8XnUsjnkJ0vn6dvi1JbfMkeDWU1xIIBxratanJZnUxmnqF6VnOzp-LQbzR6wYXtwjW9u9gWTASTU2kwlKDjA6nHR72T8CBJuGdI0fKMvHbyqGpOp8fV68-2EgzulOaaygSygC0GQGxsDqu1iUWtwCT9pA3wITtYtIApgCZhM6bTVaRNXN1Y43V2atE-tcjjZeS8XVZpVMr9fX2w%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dfb642dc1-0fc6-45cf-9501-d2cc3e58ca27%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FRtqoVy3Ejo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.197.162 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D3730550036%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DpGE_UVNVvdK3-xRxdmNxN4qvTGT9oCbQCZNuFWTX9KLNrjuqUvuCtwPxeqfmb5vhL8sfLlSlvx7ElygISktFL6e8XnUsjnkJ0vn6dvi1JbfMkeDWU1xIIBxratanJZnUxmnqF6VnOzp-LQbzR6wYXtwjW9u9gWTASTU2kwlKDjA6nHR72T8CBJuGdI0fKMvHbyqGpOp8fV68-2EgzulOaaygSygC0GQGxsDqu1iUWtwCT9pA3wITtYtIApgCZhM6bTVaRNXN1Y43V2atE-tcjjZeS8XVZpVMr9fX2w%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dfb642dc1-0fc6-45cf-9501-d2cc3e58ca27%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FRtqoVy3Ejo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 04 Oct 2021 11:15:44 GMT
Last-Modified
Thu, 31 Jan 2019 11:14:34 GMT
Server
nginx
ETag
"5c52d89a-c502"
Access-Control-Allow-Methods
GET, POST, OPTIONS, HEAD
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
50434
player.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame B52E 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/player.png
Requested by
Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D3730550036%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DpGE_UVNVvdK3-xRxdmNxN4qvTGT9oCbQCZNuFWTX9KLNrjuqUvuCtwPxeqfmb5vhL8sfLlSlvx7ElygISktFL6e8XnUsjnkJ0vn6dvi1JbfMkeDWU1xIIBxratanJZnUxmnqF6VnOzp-LQbzR6wYXtwjW9u9gWTASTU2kwlKDjA6nHR72T8CBJuGdI0fKMvHbyqGpOp8fV68-2EgzulOaaygSygC0GQGxsDqu1iUWtwCT9pA3wITtYtIApgCZhM6bTVaRNXN1Y43V2atE-tcjjZeS8XVZpVMr9fX2w%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dfb642dc1-0fc6-45cf-9501-d2cc3e58ca27%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FRtqoVy3Ejo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://interst12.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:44 GMT
cf-cache-status
HIT
age
3181
content-length
28527
last-modified
Thu, 12 Aug 2021 11:38:21 GMT
server
cloudflare
etag
"6115082d-6f6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
698dfe7c5b0868eb-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
script.js
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/ Frame B52E 		1 KB
562 B 		Script
General
Check archive.org
Download Go to
Full URL
https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/script.js?v=1518177503494
Requested by
Host: interst12.com
URL: https://interst12.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Ftoglooman.com%2F12%3Frnd%3D3730550036%26z%3D3724583%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Fdeshaici.net%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DpGE_UVNVvdK3-xRxdmNxN4qvTGT9oCbQCZNuFWTX9KLNrjuqUvuCtwPxeqfmb5vhL8sfLlSlvx7ElygISktFL6e8XnUsjnkJ0vn6dvi1JbfMkeDWU1xIIBxratanJZnUxmnqF6VnOzp-LQbzR6wYXtwjW9u9gWTASTU2kwlKDjA6nHR72T8CBJuGdI0fKMvHbyqGpOp8fV68-2EgzulOaaygSygC0GQGxsDqu1iUWtwCT9pA3wITtYtIApgCZhM6bTVaRNXN1Y43V2atE-tcjjZeS8XVZpVMr9fX2w%3D%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3Dfb642dc1-0fc6-45cf-9501-d2cc3e58ca27%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttps%253A%252F%252Fpaste.co.id%252FRtqoVy3Ejo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D4%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://interst12.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:44 GMT
content-encoding
br
cf-cache-status
HIT
age
3170
last-modified
Thu, 12 Aug 2021 11:38:21 GMT
server
cloudflare
etag
W/"6115082d-58b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=14400
cf-ray
698dfe7c5af268eb-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:44 GMT
content-encoding
br
cf-cache-status
HIT
age
3107
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
698dfe7c2f44697f-FRA
expires
Tue, 05 Oct 2021 11:15:44 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:44 GMT
content-encoding
br
cf-cache-status
HIT
age
4959
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
698dfe7c2f3f697f-FRA
expires
Tue, 05 Oct 2021 11:15:44 GMT
vctx
propeller-tracking.com/ Frame B52E 		0
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propeller-tracking.com/vctx?t=72747
Requested by
Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=72747&cb=545889850
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://interst12.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-trace-id
7423dbe3d55d50c291ac07f50672b91b
pragma
no-cache
date
Mon, 04 Oct 2021 11:15:44 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://interst12.com
access-control-expose-headers
Authorization
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires
Tue, 11 Jan 1994 10:00:00 GMT
vbl
propeller-tracking.com/ Frame B52E 		0
491 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://propeller-tracking.com/vbl?t=72747&bid=undefined&aid=undefined
Requested by
Host: propeller-tracking.com
URL: https://propeller-tracking.com/fv.js?t=72747&cb=545889850
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.240 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://interst12.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-trace-id
03df9ba682c9d55acef3497bf4538434
pragma
no-cache
date
Mon, 04 Oct 2021 11:15:44 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://interst12.com
access-control-expose-headers
Authorization
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires
Tue, 11 Jan 1994 10:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
27b4d85d3016db92789e051bb3ea9ff8f76a8e7edc555f279138e2903205384c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51131
x-xss-protection
0
server
cafe
etag
15443021075126367024
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 04 Oct 2021 11:15:44 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210928&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js?bust=31062987
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
1613bb1ade5a89b973e72288cbc3883fce3657e7257c528822956fb643ededd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Oct 2021 11:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8625
x-xss-protection
0
custom
seeptoag.net/ 		39 B
322 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://seeptoag.net/custom
Requested by
Host: paste.co.id
URL: https://paste.co.id/RtqoVy3Ejo
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://paste.co.id/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
083f11a2d449bb339716941e97196bdb
date
Mon, 04 Oct 2021 11:15:40 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=1
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paste.co.id
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
custom
seeptoag.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://seeptoag.net/custom
Protocol
H2
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://paste.co.id
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 04 Oct 2021 11:15:44 GMT
content-type
text/plain; charset=utf-8
content-length
0
access-control-allow-origin
https://paste.co.id
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age
86400
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js?bust=31062987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 04 Oct 2021 11:15:44 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame EF1A 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://paste.co.id/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Mon, 04 Oct 2021 10:57:00 GMT
expires
Tue, 04 Oct 2022 10:57:00 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1124
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 605C 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
GSE /
Resource Hash
0cd18f89b26f49f6ba4a8194ecfd367f08a9cae24d28bf2f02a004476fbaad90
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vlmTfvV+ntA3qBfzH8yHSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://paste.co.id/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 04 Oct 2021 11:15:44 GMT
date
Mon, 04 Oct 2021 11:15:44 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-vlmTfvV+ntA3qBfzH8yHSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1
servicer.mgid.com/997452/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/997452/1?pv=5&cbuster=163334614491637088342&uniqId=0f02c&niet=4g&nisd=false&jsv=es6&w=840&h=235&p3_w=201&p3_h=189&maxw_3=201&maxh_3=189&cols=4&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&lu=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&sessionId=615ae261-06339&pageView=1&pvid=17c4b0449819dc33ddb&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0ec9dbfde0bd4317e84b614fc44ef5332a27d3363b38ab3b2f02ff484a33c85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
698dfe7dcb60697f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1
servicer.mgid.com/997452/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/997452/1?w=840&h=235&p3_w=201&p3_h=189&maxw_3=201&maxh_3=189&cols=4&pv=5&cbuster=1633346144924648817316&uniqId=17e27&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&lu=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&sessionId=615ae261-06339&pageView=0&pvid=17c4b0449819dc33ddb&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfc457bbe2bd64e3c254e032d1e8252668c4166431764d9a2f3ecfe8a47f3a82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
698dfe7dcb5f697f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1
servicer.mgid.com/997452/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/997452/1?w=255&h=398&p3_w=90&p3_h=166&maxw_3=90&maxh_3=166&cols=2&pv=5&cbuster=1633346144932311426121&uniqId=0c6aa&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&lu=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&sessionId=615ae261-06339&pageView=0&pvid=17c4b0449819dc33ddb&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eb3c474761f5ee03af19f834e558d791e4909ef08fffa3e913ea26a3b1424b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
698dfe7ddb85697f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sodar
pagead2.googlesyndication.com/pagead/ Frame 605C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210928&jk=3333470347671981&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame EF1A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 06:27:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
17292
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Tue, 04 Oct 2022 06:27:32 GMT
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
content-encoding
br
cf-cache-status
HIT
age
3108
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
698dfe7eae5842d5-FRA
expires
Tue, 05 Oct 2021 11:15:45 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
content-encoding
br
cf-cache-status
HIT
age
4960
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
698dfe7eae5942d5-FRA
expires
Tue, 05 Oct 2021 11:15:45 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M4MzMzMTcxMTM3OWRlNDQzYjNjY2JmYjEyMDJkZTI3LmpwZWc.webp
s-img.mgid.com/g/3948452/492x328/45x0x960x640/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3948452/492x328/45x0x960x640/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M4MzMzMTcxMTM3OWRlNDQzYjNjY2JmYjEyMDJkZTI3LmpwZWc.webp?v=1633346144-lHDrIMiqosLH-RrwBGuYraYcHLHGpXebjOPsUBPuYtY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1077b52bcaa0221b6f9fb17bf019d9d2fbd3a2604179af74711f12b7618e14d7

Request headers

Referer
https://paste.co.id/
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Oct 2021 14:22:54 GMT
x-mg-request-uuid
5beb24c6-6068-49a7-a0ed-a4c27bb553cc
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
698dfe7ed91c05b3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8434
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzA3MDIwZGU0ZThmNmYzOGE1MDA3MjM2MjZkZjdkMDFjLmpwZWc.webp
s-img.mgid.com/g/3908681/492x328/0x0x894x596/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3908681/492x328/0x0x894x596/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzA3MDIwZGU0ZThmNmYzOGE1MDA3MjM2MjZkZjdkMDFjLmpwZWc.webp?v=1633346144-Tf1fDGDMAOpHkGvuQVyksDEEPaU8U-BC6dbRzm0s8Es
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
775838d75f44eb048309c2c27a38e021190d00652a2c3bf995082babbd24c08f

Request headers

Referer
https://paste.co.id/
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:21 GMT
x-mg-request-uuid
15e301df-649f-4663-b589-47bc926f961d
age
78131
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
698dfe7ed92205b3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15322
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA4LzEwMTkyNC9jMDkzNDk4ZjdhNTlkYWU0N...
s-img.mgid.com/g/10839620/492x328/-/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10839620/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA4LzEwMTkyNC9jMDkzNDk4ZjdhNTlkYWU0NjAxYWJmMGUzODczMDU2ZC5wbmc.webp?v=1633346144-CKO72aGBkcT4LFq7yh5X8YlJjIb2lWkrBxsO_9ifRG4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90b623d8c79ad63ceaeadf67f9e9661c04ce926319187c2f1c7beeebbc177999

Request headers

Referer
https://paste.co.id/
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Oct 2021 16:27:35 GMT
x-mg-request-uuid
23a5651c-cbb7-4f7b-a7a1-f21093bdaa6a
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
698dfe7ed91b05b3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9826
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF81NTcseV8zOTEvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDkvMTAxOTI0LzhhOWQ5Y...
s-img.mgid.com/g/10839617/492x328/-/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10839617/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF81NTcseV8zOTEvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDkvMTAxOTI0LzhhOWQ5Y2Y0MjFhNDhlN2M1YjdjMDkwYzRmZjBkZmViLmpwZWc.webp?v=1633346144-vvaRj8wFdnI3mjxX8frIkeb66wHpGNlNu8CNqICES2Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e80844ba59f2c00b3e415fdfce9f67ee902bf36c9286e4ab88f2a3d92083794

Request headers

Referer
https://paste.co.id/
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 16:28:55 GMT
x-mg-request-uuid
34042e86-c9b8-4420-837f-1dc6406246e4
age
149004
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
698dfe7ed92305b3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12678
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA3LzEwMTkyNC85YzNiMmU2NzAyMTcyNzY1M...
s-img.mgid.com/g/10839623/492x328/-/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10839623/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA3LzEwMTkyNC85YzNiMmU2NzAyMTcyNzY1MzU4OThmZjQ4MmY5OTg2MS5qcGVn.webp?v=1633346144-_Ej3OKUTSO5AbZ3zK5dInACeo5VHle-o2_uSuZY6O8I
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e0f6ff9dbdebf16fd835c4069d83b858784ad4387ef047e7a3bcf55c377febe

Request headers

Referer
https://paste.co.id/
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 16:27:42 GMT
x-mg-request-uuid
b499f2f4-8d27-4d41-a68d-521a0258dc21
age
230997
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
698dfe7ec91605b3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8882
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2E5ZmM0ODI1Y2RlZmFlOTFmMTFjZWRlZWQzY2YwMmY1LmpwZWc.webp
s-img.mgid.com/g/6946118/492x328/0x59x1024x682/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/6946118/492x328/0x59x1024x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2E5ZmM0ODI1Y2RlZmFlOTFmMTFjZWRlZWQzY2YwMmY1LmpwZWc.webp?v=1633346144-yeAe5KAaedwzUndS2zrvs7XYZ2u9odN2tp4rRUWpeDc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8803d6940ec3a25566da88341f5772793b638ae3b2e22e5b44c71e43f20e3581

Request headers

Referer
https://paste.co.id/
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:11 GMT
x-mg-request-uuid
b51b59eb-88be-4bae-90cb-b5cb02cb724c
age
21138
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
698dfe7ec91705b3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20606
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzM5ZGMzY2I3MjBmYzRlYmVkZmUxNGE5MTc0N2UzNzIyLmpwZz90PTE0OTgxMjc5OTQyMTU.webp
s-img.mgid.com/g/3805578/492x328/0x150x1060x706/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805578/492x328/0x150x1060x706/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzM5ZGMzY2I3MjBmYzRlYmVkZmUxNGE5MTc0N2UzNzIyLmpwZz90PTE0OTgxMjc5OTQyMTU.webp?v=1633346144-YVXaf-grI85GpCTCRtAQP9UMP18cr3kREjUI3SNWdXw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ac352419a63196a38f3166eb90fc965e96e2338c3b7d1570bbf54b596c307b1

Request headers

Referer
https://paste.co.id/
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:31 GMT
x-mg-request-uuid
64be88b8-3018-4f49-9531-aeee082f30c3
age
245612
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
698dfe7ec91005b3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13436
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzAzODgxNTEzNDRjZTFjZDM4MDllMDg4NDkwODA5MGRkLmpwZWc.webp
s-img.mgid.com/g/4001407/492x328/0x0x899x599/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4001407/492x328/0x0x899x599/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzAzODgxNTEzNDRjZTFjZDM4MDllMDg4NDkwODA5MGRkLmpwZWc.webp?v=1633346144-7gODQzDmXBiK6QyhDqMbGH4mauC6lU7SMp84yVMxYqw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea956872aba11ad0988da83e59d62b3a8f25e07fcaad2dc9a4a6b82753515a2e

Request headers

Referer
https://paste.co.id/
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Oct 2021 14:24:08 GMT
x-mg-request-uuid
0c92be4f-c4df-41c3-9fdb-93129910119c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
698dfe7ec90c05b3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43118
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF8zNjcseV8xNTkvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDgvMTAxOTI0L2E0MDVmM...
s-img.mgid.com/g/10839594/492x328/-/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10839594/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF8zNjcseV8xNTkvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDgvMTAxOTI0L2E0MDVmMTEzNjA5NjEyNGY0NGE3MjczZTQwN2ZkZjcxLmpwZWc.webp?v=1633346144-2-JxLyfDQJCnEU0HYrrKieNyW9LPKi6evmV9bxLOnc8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bf5b63cb6813d7469b5e3404170149408167aa96d124b935a01c42d99110d8f

Request headers

Referer
https://paste.co.id/
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Oct 2021 16:30:09 GMT
x-mg-request-uuid
a3f140cd-054a-4526-b8bf-18b32a9ba15d
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
698dfe7ec91205b3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
25876
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU.webp
s-img.mgid.com/g/3805584/492x328/0x164x2046x1364/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805584/492x328/0x164x2046x1364/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU.webp?v=1633346144-w5b65WtW83nlHUdfhAyyOHwgdaePu1oVDcaKPzYxOAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4558632b17eb8388ef7aa11f2e80fe788e9334670e4e01802d759758f0c0da65

Request headers

Referer
https://paste.co.id/
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Oct 2021 14:24:26 GMT
x-mg-request-uuid
1ae6ceb6-d349-4e2e-95ed-b071d0a5e4cc
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
698dfe7ec90d05b3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8432
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M4MDcxMDI4MzE4M2VkYWU1NThlNTgyNjBkNTQ2M2U5LmpwZWc.webp
s-img.mgid.com/g/3887987/492x328/0x0x1200x800/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3887987/492x328/0x0x1200x800/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M4MDcxMDI4MzE4M2VkYWU1NThlNTgyNjBkNTQ2M2U5LmpwZWc.webp?v=1633346144-4M957Q-upRzZaCYxMYJYH4RjvTiDwXpzyE6qDRIsQO0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e4fe58233b68ddf459893ccc5a0d938a4e60ad7f90dbff756f3b69704e8e47c

Request headers

Referer
https://paste.co.id/
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
MISS
last-modified
Wed, 29 Sep 2021 15:00:13 GMT
x-mg-request-uuid
86eb6461-7df9-40db-aa3a-00ee568b5a0a
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
698dfe7ec91405b3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10306
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA3LzEwMTkyNC84YWU1YjgzMWI2Y2MxOTE0O...
s-img.mgid.com/g/10839581/492x328/-/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10839581/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA3LzEwMTkyNC84YWU1YjgzMWI2Y2MxOTE0OTBhYjBlNDk3MWFiODU2My5qcGVn.webp?v=1633346144-6pDtEJXVxZyOlCoUwpZ28EsRc_ebtBN0ZkbVTNj1nas
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c049f42b0135ba00ec853380fa310c29b5b7bdfce210c0f80c3dfeb45365f712

Request headers

Referer
https://paste.co.id/
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 16:27:58 GMT
x-mg-request-uuid
0b41188f-e16b-427a-9f4a-2927a35374d5
age
212502
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
698dfe7ec90e05b3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12650
server
cloudflare
perf.gif
perf.cdnads.com/ 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.cdnads.com/perf.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.156.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 04 Oct 2021 11:15:45 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=86400
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Tue, 05 Oct 2021 11:15:45 GMT
i.js
cm.mgid.com/ 		2 KB
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1633346145176356924818
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35621b35e7573447ad731366b95cc1d90470ddeaeb08961dfc894f3b2facc013

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
698dfe7f6f4a697f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210928&jk=3333470347671981&bg=!9Pel97PNAAZE-GIIRPg7ACkAdvg8Wp8Ypf_dFSxGaVZs7bMRR1AqqNRp33wnKlXRaXUdsH2OE5JttwIAAACtUgAAAA1oAQeZAsqt857j78JX_XQJWr71c8eCQhh3OtCXoY9JQZUm9QwZt5JKxEJM6rPH3rx5fYZ355EIjTOExJkeq9JZiKiiTeIfuC6q8IHJE4paHY_tqbcpr-QG9-ha5Eyoe-XSneBJZYNzwyljUye9f8XDmJ5eQtexIAmQShBHulbMupyil9k9fl3sRyaQFjC2r3zXlTMPbs6TKhl3ddCe24nKULq6HLlAupKkM5Ekm5DJVKCKINogXza-msy1Yov_JCjnlYtfihmiRDAFNUgKsF9yFmggnmhRr67Eo_AUiMOzkBc6ea8LTpND4k7NV--JSoIRBRuom-UiIsa1NTFPYJEMZqbv7VzDwjVxM-nZfiLDhmZH9VQ92JbyVclODB7MQhxxXXp1RNMPCltJWsYV_t1lKg5tzfv61O3PR_CrJk0X5G6HachcFlztjyq_7QqHHPPzzasRyytY-OSDP1a2-KoGKYRg53IAgNde3ZrCiTKpIbV9D1B6WO8rGJ0lFQGB-oWmDEuXT5tyEi1w7ZCJLmvhR26PpkBWAqPrnv0ckswaNk5MCH_9noB4iDVsljxh-hEIa8M7Z6DrYF2xiiZ3kY7dONyBrN7bndYBmS33tXQUmPOQnHx9V0xIWTos2-bQVxRR7uMIgRO_zqr4i78f2Ji_78_M79RnQk7Gp_w_mLg5APS6fSRruDC353yMnwyld-A3Cd4l_HGUozf7Jy-xBBz6BPb4dWHtRau14UNZp6R1xVniV1sw-R078wCILeVP49mOZwO0gGLuYFu_vV1mgh_tSSMFQNhWLpE9QrZUWNlqKHWsSmxRETmCUjHlHaXhZK5CX45tLjMkD8JElmMmD4s_dVKP43Wi2_t9tAEEJ8b8CbZhpQIikoo0Z3LljYThBj2TD6RRY1tCbcfQSWmNTX0oXhUiVz2gImoZapIadpMs9UUfq6R4MXdsKBLsF-2cPOw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
i-noref.js
cm.mgid.com/ Frame E77B 		19 B
135 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1633346145194804290480
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
698dfe7f7f80697f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-87.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 02:05:32 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
33031
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
mXr6I81helvR0IeA8CJqXY4sbggq_AdJaefI9XiaG00jb6sh5B7BDg==
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M4MzMzMTcxMTM3OWRlNDQzYjNjY2JmYjEyMDJkZTI3LmpwZWc.webp
s-img.mgid.com/g/3948452/492x328/45x0x960x640/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3948452/492x328/45x0x960x640/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M4MzMzMTcxMTM3OWRlNDQzYjNjY2JmYjEyMDJkZTI3LmpwZWc.webp?v=1633346144-lHDrIMiqosLH-RrwBGuYraYcHLHGpXebjOPsUBPuYtY
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1077b52bcaa0221b6f9fb17bf019d9d2fbd3a2604179af74711f12b7618e14d7

Request headers

Referer
https://paste.co.id/
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:22:54 GMT
x-mg-request-uuid
5beb24c6-6068-49a7-a0ed-a4c27bb553cc
age
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
698dfe7fcea55c62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8434
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzA3MDIwZGU0ZThmNmYzOGE1MDA3MjM2MjZkZjdkMDFjLmpwZWc.webp
s-img.mgid.com/g/3908681/492x328/0x0x894x596/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3908681/492x328/0x0x894x596/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzA3MDIwZGU0ZThmNmYzOGE1MDA3MjM2MjZkZjdkMDFjLmpwZWc.webp?v=1633346144-Tf1fDGDMAOpHkGvuQVyksDEEPaU8U-BC6dbRzm0s8Es
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
775838d75f44eb048309c2c27a38e021190d00652a2c3bf995082babbd24c08f

Request headers

Referer
https://paste.co.id/
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:21 GMT
x-mg-request-uuid
15e301df-649f-4663-b589-47bc926f961d
age
78131
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
698dfe7fcea15c62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15322
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA4LzEwMTkyNC9jMDkzNDk4ZjdhNTlkYWU0N...
s-img.mgid.com/g/10839620/492x328/-/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10839620/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA4LzEwMTkyNC9jMDkzNDk4ZjdhNTlkYWU0NjAxYWJmMGUzODczMDU2ZC5wbmc.webp?v=1633346144-CKO72aGBkcT4LFq7yh5X8YlJjIb2lWkrBxsO_9ifRG4
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90b623d8c79ad63ceaeadf67f9e9661c04ce926319187c2f1c7beeebbc177999

Request headers

Referer
https://paste.co.id/
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 16:27:35 GMT
x-mg-request-uuid
23a5651c-cbb7-4f7b-a7a1-f21093bdaa6a
age
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
698dfe7fce9c5c62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9826
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF81NTcseV8zOTEvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDkvMTAxOTI0LzhhOWQ5Y...
s-img.mgid.com/g/10839617/492x328/-/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10839617/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF81NTcseV8zOTEvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDkvMTAxOTI0LzhhOWQ5Y2Y0MjFhNDhlN2M1YjdjMDkwYzRmZjBkZmViLmpwZWc.webp?v=1633346144-vvaRj8wFdnI3mjxX8frIkeb66wHpGNlNu8CNqICES2Y
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e80844ba59f2c00b3e415fdfce9f67ee902bf36c9286e4ab88f2a3d92083794

Request headers

Referer
https://paste.co.id/
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 16:28:55 GMT
x-mg-request-uuid
34042e86-c9b8-4420-837f-1dc6406246e4
age
149004
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
698dfe7fcea75c62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12678
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA3LzEwMTkyNC85YzNiMmU2NzAyMTcyNzY1M...
s-img.mgid.com/g/10839623/492x328/-/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10839623/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA3LzEwMTkyNC85YzNiMmU2NzAyMTcyNzY1MzU4OThmZjQ4MmY5OTg2MS5qcGVn.webp?v=1633346144-_Ej3OKUTSO5AbZ3zK5dInACeo5VHle-o2_uSuZY6O8I
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e0f6ff9dbdebf16fd835c4069d83b858784ad4387ef047e7a3bcf55c377febe

Request headers

Referer
https://paste.co.id/
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 16:27:42 GMT
x-mg-request-uuid
b499f2f4-8d27-4d41-a68d-521a0258dc21
age
230997
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
698dfe7fce955c62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8882
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2E5ZmM0ODI1Y2RlZmFlOTFmMTFjZWRlZWQzY2YwMmY1LmpwZWc.webp
s-img.mgid.com/g/6946118/492x328/0x59x1024x682/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/6946118/492x328/0x59x1024x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2E5ZmM0ODI1Y2RlZmFlOTFmMTFjZWRlZWQzY2YwMmY1LmpwZWc.webp?v=1633346144-yeAe5KAaedwzUndS2zrvs7XYZ2u9odN2tp4rRUWpeDc
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8803d6940ec3a25566da88341f5772793b638ae3b2e22e5b44c71e43f20e3581

Request headers

Referer
https://paste.co.id/
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:11 GMT
x-mg-request-uuid
b51b59eb-88be-4bae-90cb-b5cb02cb724c
age
21138
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
698dfe7fce995c62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20606
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzM5ZGMzY2I3MjBmYzRlYmVkZmUxNGE5MTc0N2UzNzIyLmpwZz90PTE0OTgxMjc5OTQyMTU.webp
s-img.mgid.com/g/3805578/492x328/0x150x1060x706/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805578/492x328/0x150x1060x706/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzM5ZGMzY2I3MjBmYzRlYmVkZmUxNGE5MTc0N2UzNzIyLmpwZz90PTE0OTgxMjc5OTQyMTU.webp?v=1633346144-YVXaf-grI85GpCTCRtAQP9UMP18cr3kREjUI3SNWdXw
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ac352419a63196a38f3166eb90fc965e96e2338c3b7d1570bbf54b596c307b1

Request headers

Referer
https://paste.co.id/
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:23:31 GMT
x-mg-request-uuid
64be88b8-3018-4f49-9531-aeee082f30c3
age
245612
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
698dfe7fceaa5c62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13436
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzAzODgxNTEzNDRjZTFjZDM4MDllMDg4NDkwODA5MGRkLmpwZWc.webp
s-img.mgid.com/g/4001407/492x328/0x0x899x599/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/4001407/492x328/0x0x899x599/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzAzODgxNTEzNDRjZTFjZDM4MDllMDg4NDkwODA5MGRkLmpwZWc.webp?v=1633346144-7gODQzDmXBiK6QyhDqMbGH4mauC6lU7SMp84yVMxYqw
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea956872aba11ad0988da83e59d62b3a8f25e07fcaad2dc9a4a6b82753515a2e

Request headers

Referer
https://paste.co.id/
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:08 GMT
x-mg-request-uuid
0c92be4f-c4df-41c3-9fdb-93129910119c
age
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
698dfe7fceac5c62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43118
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF8zNjcseV8xNTkvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDgvMTAxOTI0L2E0MDVmM...
s-img.mgid.com/g/10839594/492x328/-/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10839594/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF8zNjcseV8xNTkvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMDgvMTAxOTI0L2E0MDVmMTEzNjA5NjEyNGY0NGE3MjczZTQwN2ZkZjcxLmpwZWc.webp?v=1633346144-2-JxLyfDQJCnEU0HYrrKieNyW9LPKi6evmV9bxLOnc8
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bf5b63cb6813d7469b5e3404170149408167aa96d124b935a01c42d99110d8f

Request headers

Referer
https://paste.co.id/
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 16:30:09 GMT
x-mg-request-uuid
a3f140cd-054a-4526-b8bf-18b32a9ba15d
age
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
698dfe7fceae5c62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
25876
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU.webp
s-img.mgid.com/g/3805584/492x328/0x164x2046x1364/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3805584/492x328/0x164x2046x1364/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU.webp?v=1633346144-w5b65WtW83nlHUdfhAyyOHwgdaePu1oVDcaKPzYxOAA
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4558632b17eb8388ef7aa11f2e80fe788e9334670e4e01802d759758f0c0da65

Request headers

Referer
https://paste.co.id/
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 14:24:26 GMT
x-mg-request-uuid
1ae6ceb6-d349-4e2e-95ed-b071d0a5e4cc
age
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
698dfe7fceb05c62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8432
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M4MDcxMDI4MzE4M2VkYWU1NThlNTgyNjBkNTQ2M2U5LmpwZWc.webp
s-img.mgid.com/g/3887987/492x328/0x0x1200x800/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/3887987/492x328/0x0x1200x800/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M4MDcxMDI4MzE4M2VkYWU1NThlNTgyNjBkNTQ2M2U5LmpwZWc.webp?v=1633346144-4M957Q-upRzZaCYxMYJYH4RjvTiDwXpzyE6qDRIsQO0
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e4fe58233b68ddf459893ccc5a0d938a4e60ad7f90dbff756f3b69704e8e47c

Request headers

Referer
https://paste.co.id/
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
HIT
last-modified
Wed, 29 Sep 2021 15:00:13 GMT
x-mg-request-uuid
86eb6461-7df9-40db-aa3a-00ee568b5a0a
age
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
698dfe7fceb35c62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10306
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA3LzEwMTkyNC84YWU1YjgzMWI2Y2MxOTE0O...
s-img.mgid.com/g/10839581/492x328/-/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/10839581/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA3LzEwMTkyNC84YWU1YjgzMWI2Y2MxOTE0OTBhYjBlNDk3MWFiODU2My5qcGVn.webp?v=1633346144-6pDtEJXVxZyOlCoUwpZ28EsRc_ebtBN0ZkbVTNj1nas
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c049f42b0135ba00ec853380fa310c29b5b7bdfce210c0f80c3dfeb45365f712

Request headers

Referer
https://paste.co.id/
Origin
https://paste.co.id
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 16:27:58 GMT
x-mg-request-uuid
0b41188f-e16b-427a-9f4a-2927a35374d5
age
212502
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
698dfe7fceb45c62-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12650
server
cloudflare
sync.html
s.adtelligent.com/ Frame C86E 		1 KB
879 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=658327
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1633346145176356924818
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.36 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
cc86365-05.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://paste.co.id/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/

Response headers

Server
VertaMedia 1.0
Date
Mon, 04 Oct 2021 11:15:43 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
600
Access-Control-Allow-Origin
https://paste.co.id
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
usync.html
eus.rubiconproject.com/ Frame AC79
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1633346145176356924818
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://paste.co.id/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"403b8-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Oct 2021 11:15:45 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Mon, 04 Oct 2021 11:15:45 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=vILCnOO8FkDyByRDnGZj&pi=mgid&tc=1
43 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=vILCnOO8FkDyByRDnGZj&pi=mgid&tc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
698dfe8039cf42d5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=vILCnOO8FkDyByRDnGZj&pi=mgid&tc=1
pragma
no-cache
date
Mon, 04 Oct 2021 11:15:45 GMT, Mon, 04 Oct 2021 11:15:45 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
cm.idealmedia.io/setmuidn/ 		0
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=l94IJsWh7lf4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
698dfe800e811456-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
m
cm.mgid.com/
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=43907ff8-2ccd-489b-b0ff-5bf657ff135c
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=287839&c=43907ff8-2ccd-489b-b0ff-5bf657ff135c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
698dfe83fb5242d5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
//cm.mgid.com/m?cdsp=287839&c=43907ff8-2ccd-489b-b0ff-5bf657ff135c
date
Mon, 04 Oct 2021 11:15:45 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDk0SUpzV2g3bGY0&muidn=l94IJsWh7lf4
  • https://cm.mgid.com/google?muidn=l94IJsWh7lf4&google_ula={guid},5&google_gid=CAESEOnZhFu5zs61xjQdtXsz8PI&google_cver=1
0
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=l94IJsWh7lf4&google_ula={guid},5&google_gid=CAESEOnZhFu5zs61xjQdtXsz8PI&google_cver=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
698dfe80197442d5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=l94IJsWh7lf4&google_ula={guid},5&google_gid=CAESEOnZhFu5zs61xjQdtXsz8PI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=682H0CUJBRjCXTMwoTAMXlxj&ssp=mgid
  • https://cm.mgid.com/m?cdsp=433145&c=a4b8569b-e946-41bc-aa84-667f96ed1ccc&gdpr=&gdpr_consent=&us_privacy=
43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=a4b8569b-e946-41bc-aa84-667f96ed1ccc&gdpr=&gdpr_consent=&us_privacy=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
698dfe80eba742d5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
//cm.mgid.com/m?cdsp=433145&c=a4b8569b-e946-41bc-aa84-667f96ed1ccc&gdpr=&gdpr_consent=&us_privacy=
date
Mon, 04 Oct 2021 11:15:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l94IJsWh7lf4
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 04 Oct 2021 11:15:45 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
sync.gif
dispatcher.adxcore.com/a/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l94IJsWh7lf4
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l94IJsWh7lf4
  • https://dispatcher.adxcore.com/a/sync.gif?dsp=11&uid=a4b8569b-e946-41bc-aa84-667f96ed1ccc
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dispatcher.adxcore.com/a/sync.gif?dsp=11&uid=a4b8569b-e946-41bc-aa84-667f96ed1ccc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.135.96.59 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
cache-control
private
server
Apache

Redirect headers

location
//dispatcher.adxcore.com/a/sync.gif?dsp=11&uid=a4b8569b-e946-41bc-aa84-667f96ed1ccc
date
Mon, 04 Oct 2021 11:15:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=efffffe0-07b1-4074-bdbc-e42b161a659f&ttl=1635938145
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=efffffe0-07b1-4074-bdbc-e42b161a659f&ttl=1635938145
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
698dfe811c4d42d5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=efffffe0-07b1-4074-bdbc-e42b161a659f&ttl=1635938145
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
/
cm.lentainform.com/setmuidn/ 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=l94IJsWh7lf4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
698dfe800d554e55-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1633346145252&ns_c=UTF-8&cv=3.5&c8=Untitled%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&c9=
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1633346145252&ns_c=UTF-8&cv=3.5&c8=Untitled%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&c9=
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1633346145252&ns_c=UTF-8&cv=3.5&c8=Untitled%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-87.fra50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
y82k05uX_xM-v7WSl7geKUqyRKI_7eEpPipq-kbRYIr7aE3r-M7QBw==

Redirect headers

date
Mon, 04 Oct 2021 11:15:45 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1633346145252&ns_c=UTF-8&cv=3.5&c8=Untitled%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&c9=
content-length
195
x-amz-cf-id
dXMtHUiWvjUGxPL4poIXSBsHfYBUdwjTBgo8a9H09HQiTGX9uD1Fzw==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1633346145253&ns_c=UTF-8&cv=3.5&c8=Untitled%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&c9=
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1633346145253&ns_c=UTF-8&cv=3.5&c8=Untitled%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&c9=
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1633346145253&ns_c=UTF-8&cv=3.5&c8=Untitled%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-87.fra50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:15:45 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
D1BJrdApBXwC6ZNbwFRshc3wRH0mAF6OQMT0Q4StSyeF5jolQIj-Jw==

Redirect headers

date
Mon, 04 Oct 2021 11:15:45 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1633346145253&ns_c=UTF-8&cv=3.5&c8=Untitled%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo&c9=
content-length
195
x-amz-cf-id
bWlHuR3zM6CqMLQwcN8nXgHcPd5tpgHE7bIfDss2JXgIEpY-cwCE5A==
usync.js
eus.rubiconproject.com/ Frame AC79 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 04 Oct 2021 11:15:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=17018
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Mon, 04 Oct 2021 15:59:23 GMT
khaos.jpg
token.rubiconproject.com/ Frame AC79 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/jpg
add
o.wowreality.info/api/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://o.wowreality.info/api/log/add
Protocol
HTTP/1.1
Server
139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://paste.co.id
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Mon, 04 Oct 2021 11:15:45 GMT
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://paste.co.id
add
o.wowreality.info/api/log/ 		0
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.wowreality.info/api/log/add
Requested by
Host: static.lalaping.com
URL: https://static.lalaping.com/online.js?ver=2.0.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paste.co.id/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/json

Response headers

Date
Mon, 04 Oct 2021 11:15:45 GMT
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://paste.co.id
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length
0
m
cm.mgid.com/ Frame C86E
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
  • https://cm.mgid.com/m?cdsp=617666&c=92355d3b9c26d420
43 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=617666&c=92355d3b9c26d420
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=658327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
698dfe86091842d5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location
https://cm.mgid.com/m?cdsp=617666&c=92355d3b9c26d420
Date
Mon, 04 Oct 2021 11:15:45 GMT
Server
VertaMedia 1.0
Etag
92355d3b9c26d420
Content-Length
0
c
c.mgid.com/ 		43 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?f=1&pv=3&v=90|193|24|6CqQW9mzeJ40DNXnpmDGf6gIMG1VPRCJoeAH8QQWfBk3Hd9c5Qlfyyh2Qp7jhGvs&fw=1&extjs=66044&v=90|193|24|6CqQW9mzeJ40DNXnpmDGf9cHx2oD3jRdNoVF27yyy44TwBpguk3MayS2swuMgtIw&cid=997452&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=6b29cc06-2504-11ec-ace9-d094662c1c35&tt=Direct&iv=11&pageImp=1&pvid=17c4b0449819dc33ddb&muid=l94IJsWh7lf4&cbuster=163334614634320738790&tpl=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:46 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
d5887eef-1826-4d6a-b043-00f6cd984c83
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
698dfe86aa7e42d5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
c
c.mgid.com/ 		43 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?pv=3&v=202|216|8|6CqQW9mzeJ40DNXnpmDGfxUrr-8LFPzLtvtlRA_2JJsFyOB9Zt2cAx4tKRu3JY0n&fw=1&extjs=66044&v=202|216|8|6CqQW9mzeJ40DNXnpmDGfz3BFEvNYsKZ7-0IXNhB3UxFOOYDarHFpp2tzddDlVOk&v=202|216|8|6CqQW9mzeJ40DNXnpmDGfxM9MLpM1j23UtedqdT5BMc4Lyuqn8n56VCT_4GQjoZx&v=202|216|40|6CqQW9mzeJ40DNXnpmDGfw04LJLDSnkRy0C-B1KN3H7K-52ZjJw1qm1HP_N5y0lu&cid=997452&h2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&rid=6b28a22e-2504-11ec-aab1-2cea7f875b01&tt=Direct&iv=11&pageImp=0&pvid=17c4b0449819dc33ddb&muid=l94IJsWh7lf4&cbuster=1633346146344129663577&tpl=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://paste.co.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Oct 2021 11:15:46 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
1e5f5ab9-2e62-46ae-9234-e0d7d012728d
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
698dfe86aa7f42d5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforexrselect boolean| originAgentCluster object| adsbygoogle function| gtag object| dataLayer string| k object| _t82bw6mefbr object| dq2gmcp8btf object| zfgformats function| setImmediate function| clearImmediate function| _josuo function| _oxqvys function| downloadJSAtOnload number| max_content_size_kb number| paste_editor_height string| ad_block_message boolean| isAdBlockActive function| $ function| jQuery object| bootstrap function| WOW undefined| _this function| Color function| Chart object| Waves function| printDiv function| copyToClip function| handleFileSelect string| content string| txt_copied string| txt_copy object| _self object| Prism object| _django_template object| httpLanguages string| contentType object| options object| typescript object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map object| webpushlogs function| onClickTrigger boolean| zfgloadedpopup string| google_user_agent_client_hint object| google_tag_manager function| ClipboardJS object| sdk object| _mgIntExchangeNews object| MarketGidInfC997452 function| MarketGidCContextBlock997452 function| MarketGidCMainBlock997452 function| MarketGidCInternalExchangeBlock997452 function| MarketGidCColorBlock997452 function| MarketGidCRejectBlock997452 function| MarketGidCCriteoBlock997452 function| MarketGidCInternalExchangeLoggerBlock997452 function| MarketGidCObserverBlock997452 function| MarketGidCSendDimensionsBlock997452 function| MarketGidCAntifraudStatisticsBlock997452 function| MarketGidCRtbBlock997452 function| MarketGidCIframeSizeChangerBlock997452 function| MarketGidCContentPreviewBlock997452 function| MarketGidCGradientBlock997452 function| MarketGidCResponsiveBlock997452 boolean| mg_loaded_414527_997452 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| installOnFly boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode boolean| zfgloadednative boolean| _retranberw object| gaplugins object| gaData object| regeneratorRuntime function| _retranber number| wm string| oaid object| onClickExcludes object| _nps object| _0x2efe function| _0x2200 function| mgReject997452 function| mgLoadAds997452_0f02c function| MarketGidCReject997452 function| MarketGidLoadGoods997452_0f02c function| mgLoadAds997452_17e27 function| MarketGidLoadGoods997452_17e27 function| mgLoadAds997452_0c6aa function| MarketGidLoadGoods997452_0c6aa object| _mgq function| _mgqp number| _mgqt number| _mgqi boolean| MarketGidCSvsdsFlag string| _mgCanonicalUri boolean| _mgPageViewEndPoint414527 string| _mgPvid object| GoogleGcLKhOms boolean| _mgPageView414527 function| LoadCriteoAllPlaces997452_0f02c function| LoadCriteoAllPlaces997452_17e27 function| LoadCriteoAllPlaces997452_0c6aa boolean| i.js.loaded boolean| i-noref.js.loaded object| google_image_requests object| _comscore function| udm_ object| ns_p object| COMSCORE object| _mgwcapping boolean| _mgPageImp414527

44 Cookies

Domain/Path Name / Value
toglooman.com/42 Name: OAID
Value: 70a07c094841481e9fd6b455a10f1f71
toglooman.com/42 Name: oaidts
Value: 1633346144
.adxcore.com/a Name: advst_uid_11
Value: a4b8569b-e946-41bc-aa84-667f96ed1ccc
.mgid.com/ Name: __cf_bm
Value: sHUe_dkoqE965gUXDzVjQ51RtDkovb1k1vErG8pmrvU-1633346143-0-AdaYPTawIrHGu6T1LaM979tVHFMbnNfdFamHSymR275RYk7preeQMHIhxKkpB9uXceoHpqNhy7ZgvqZcyV5GNY0=
bedrapiona.com/ Name: OAID
Value: 412528682df644ae98cbd2b03e73620c
bedrapiona.com/ Name: oaidts
Value: 1633346144
toglooman.com/ Name: scm
Value: 1
toglooman.com/ Name: OAID
Value: 70a07c094841481e9fd6b455a10f1f71
toglooman.com/ Name: oaidts
Value: 1633346144
.paste.co.id/ Name: __gads
Value: ID=4a4ae769a1052590-221e7839e5ca00e0:T=1633346144:RT=1633346144:S=ALNI_MaWokZ3aHVS2VDVM4V4LKjQDXF5vA
onmarshtompor.com/ Name: OAID
Value: 412528682df644ae98cbd2b03e73620c
onmarshtompor.com/ Name: oaidts
Value: 1633346144
dozubatan.com/ Name: OAID
Value: 3820c1b0d51d436ea6b5cf716e03cc79
my.rtmark.net/ Name: ID
Value: dfc5489aee9445ffbd6a108b1304d4de
.paste.co.id/ Name: _ga
Value: GA1.3.1396786116.1633346144
.paste.co.id/ Name: _gid
Value: GA1.3.1151568107.1633346144
.paste.co.id/ Name: _gat_gtag_UA_137362802_1
Value: 1
.paste.co.id/ Name: _gat_gtag_UA_174907544_1
Value: 1
inpagepush.com/ Name: OAID
Value: dfc5489aee9445ffbd6a108b1304d4de
.mgid.com/ Name: muidn
Value: l94IJsWh7lf4
servicer.mgid.com/ Name: __mglb
Value: cbeb893f26be92ee4d57b414fbc5f82c
paste.co.id/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C997452%22%3A%7B%22page%22%3A1%2C%22time%22%3A1633346145067%7D%7D
.scorecardresearch.com/ Name: UID
Value: 1DXMTHUIWVJUGXPL4POIXSg1633346145
.bidswitch.net/ Name: c
Value: 1633346145
.bidswitch.net/ Name: tuuid_lu
Value: 1633346145
.doubleclick.net/ Name: IDE
Value: AHWqTUnpYcAf8tj_BeImwPY-LdfhD81M-A2V06759uA7oRs0eBMXdIhXAe8ypt94HbQ
.creativecdn.com/ Name: u
Value: vILCnOO8FkDyByRDnGZj
.creativecdn.com/ Name: ts
Value: 1633346145
.bidswitch.net/ Name: tuuid
Value: a4b8569b-e946-41bc-aa84-667f96ed1ccc
.e-volution.ai/ Name: v_usr
Value: ff48bc80-bda1-443a-9e12-53148583922d
paste.co.id/ Name: XSRF-TOKEN
Value: eyJpdiI6Inozbm1FdWRHZ1hmbW1abHZLaWtFQXc9PSIsInZhbHVlIjoiVjNTOGpPXC82Mm93emdYXC9FcGZOWkpBTmZGcHFJZGdQU09jV2J4TVJjM2Z2S0hxSzlPNWdiQWEzVnRNcEFiRHZCIiwibWFjIjoiY2Y1YjFhYjQzYTZlOWQ0ZDYyODYwYWM4NTNjNmRjNjllZDc4ZWU0NjQ2NDQ2NmIyNzE0MDFjNzFkZmZmN2Q4MCJ9
paste.co.id/ Name: pasteshr_session
Value: eyJpdiI6InRCU0JOaTV2WGFhODROV1RoZG1Vd0E9PSIsInZhbHVlIjoiQlh3OEhpY2liT3l2dU5JdnpZZGM0dFwvdlhkNVRoKzd5Qk1xXC94SUFva1RDZlI0bzN5bzVCUXBqb2ZYeGo3ZWNzIiwibWFjIjoiNDA0OTAzMzJmOTgyMTI3YWI3NTQxOTExZDA5MWEzNGEyZGIzOWRmMGU5ZWZkZjQ5MjU0MzI4NDZjNDhmOTUzOSJ9
.idealmedia.io/ Name: muidn
Value: l94IJsWh7lf4
.lentainform.com/ Name: muidn
Value: l94IJsWh7lf4
.erne.co/ Name: u
Value: 682H0CUJBRjCXTMwoTAMXlxj
.adsrvr.org/ Name: TDID
Value: efffffe0-07b1-4074-bdbc-e42b161a659f
dispatcher.adxcore.com/ Name: DISPATCHER
Value: DIS1
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjMqfyq4cyDOhAFOAE.
.mfadsrvr.com/ Name: tuuid
Value: 43907ff8-2ccd-489b-b0ff-5bf657ff135c
.mfadsrvr.com/ Name: c
Value: 1633346145
.mfadsrvr.com/ Name: tuuid_lu
Value: 1633346145
.mfadsrvr.com/ Name: ssh
Value: !mgid,1633346145
.adtelligent.com/ Name: vmuid
Value: 92355d3b9c26d420
cm.mgid.com/ Name: mg_sync
Value: {"287839":1633346145,"371158":1633346145,"501037":1633346145,"617666":1633346146}

3 Console Messages

Source Level URL
Text
network error URL: https://www.qrcoder.co.uk/api/v1/?size=4&text=https%3A%2F%2Fpaste.co.id%2FRtqoVy3Ejo
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
deprecation warning URL: https://static.lalaping.com/online.js?ver=2.0.0
Message:
RTP data channels are no longer supported. The "RtpDataChannels" constraint is currently ignored, and may cause an error at a later date.
deprecation warning URL: https://static.lalaping.com/online.js?ver=2.0.0
Message:
'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
bedrapiona.com
c.mgid.com
cdn.mgid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
dispatcher.adxcore.com
dozubatan.com
eus.rubiconproject.com
googleads.g.doubleclick.net
green.erne.co
iclickcdn.com
inpagepush.com
interst12.com
jsc.mgid.com
littlecdn.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
my.rtmark.net
o.wowreality.info
onmarshtompor.com
pagead2.googlesyndication.com
partner.googleadservices.com
paste.co.id
perf.cdnads.com
pixel.rubiconproject.com
propeller-tracking.com
pseepsie.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
s.adtelligent.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
seeptoag.net
servicer.mgid.com
static.cdnativepush.com
static.lalaping.com
stats.g.doubleclick.net
sync.adtelligent.com
sync.e-volution.ai
toglooman.com
token.rubiconproject.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.qrcoder.co.uk
x.bidswitch.net
104.16.18.94
104.16.221.74
104.18.11.207
104.19.133.78
104.19.136.78
104.19.217.61
104.26.13.118
104.26.8.123
109.203.125.88
109.206.161.21
139.45.195.254
139.45.195.8
139.45.197.162
139.45.197.188
139.45.197.234
139.45.197.237
139.45.197.239
139.45.197.240
139.45.197.243
139.45.197.250
142.250.184.225
142.250.185.110
142.250.185.168
142.250.185.66
142.250.185.98
142.250.186.162
142.250.186.36
142.250.186.98
143.204.98.87
172.217.18.98
172.67.10.98
178.162.156.35
185.184.8.65
23.37.42.132
35.212.212.222
5.135.96.59
5.189.137.168
52.29.120.182
62.149.0.36
62.149.0.72
69.173.144.138
69.173.144.139
74.125.140.157
76.223.111.131
87.98.128.108
01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c
0255ba8a1ae341593c7a32c0e14b85ea4f1935087d8ed116a3992f0a7f8907c4
0491492f45a37ae8dd753622b824da1849ced9dd28f2043557c8d6dc84ff689e
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669
0cd18f89b26f49f6ba4a8194ecfd367f08a9cae24d28bf2f02a004476fbaad90
0e80844ba59f2c00b3e415fdfce9f67ee902bf36c9286e4ab88f2a3d92083794
1077b52bcaa0221b6f9fb17bf019d9d2fbd3a2604179af74711f12b7618e14d7
140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1613bb1ade5a89b973e72288cbc3883fce3657e7257c528822956fb643ededd2
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
16e65f665cc49772865d5e46455f2ef7a11a15cbc0962f43f98837f6c5e46ae5
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e
27b4d85d3016db92789e051bb3ea9ff8f76a8e7edc555f279138e2903205384c
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
29f919dbc99c1082e74540694026f9542b9a80b78073922fa0a4111377092926
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d28abba387215286b5428cdadf459db861cece8d44c43e2403ba06e58bbe71c
2eb3c474761f5ee03af19f834e558d791e4909ef08fffa3e913ea26a3b1424b3
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
35621b35e7573447ad731366b95cc1d90470ddeaeb08961dfc894f3b2facc013
36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6
3b71cafee3aa748879b39914c46091d269605071c131adc9ef37309749e8f1fe
3ccd7b6c64ba4b71f0db9d2002d589e0a15cd567536891dc87fe90063264d365
3e4fe58233b68ddf459893ccc5a0d938a4e60ad7f90dbff756f3b69704e8e47c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3
4558632b17eb8388ef7aa11f2e80fe788e9334670e4e01802d759758f0c0da65
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
67a29b893fd282f0f336c865d0ecab90df56f18863f1e1064de65a0e62dc3a47
683cb9df11c61a975d8587dc40ec50e8516bd18b9b9c500615372581d27e4712
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e0f6ff9dbdebf16fd835c4069d83b858784ad4387ef047e7a3bcf55c377febe
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
775838d75f44eb048309c2c27a38e021190d00652a2c3bf995082babbd24c08f
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
79608ed044b1bf4569cf31dcd176a26f53c471a03970ed70464412da09e82ecc
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5
7bbdc632c93c78f5dc94e8a3ddeadd1f2acb2efab6b099cbf47504eb17c4cf2b
8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140
8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045
86d346d04ac4304fa681a2a2ab854cf156cbae19ff35a188cc600cc5d0d03164
871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed
87cd87744aa5873314feb68c3124765070bb2a4e7dfeef23b23ab4c67e7e6312
8803d6940ec3a25566da88341f5772793b638ae3b2e22e5b44c71e43f20e3581
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568
8ac352419a63196a38f3166eb90fc965e96e2338c3b7d1570bbf54b596c307b1
8b5df479869a066694cf878a5d0752b310571f3a6f283d8d19a03ab9e1f2b673
8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716
8b9040bec306000686e911cd81412d1b7cb4e8268c057351f55d01215ca7ff79
8bf5b63cb6813d7469b5e3404170149408167aa96d124b935a01c42d99110d8f
900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93
90b623d8c79ad63ceaeadf67f9e9661c04ce926319187c2f1c7beeebbc177999
92c9e465407abc0fff0234e4bfb7c667799f020377e08be8f494b0f7e1fdba9a
94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a
b0e7fadc3bee4745eb7e38e7684dc1ab8ffb8639d16f1ebdc21cbca2f9dbcc0b
b0edd8524eb10deb5eff33156f13c08bef26fdb2042fbbdabab02a7351d7c354
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
b97da5069a00df3012c75cf8295a8290dca9ced906d67f4ba972a5b7c9355bdd
bcef0af5a6953da87ed9353729f60db60540b4bc5c9081b98bfae84f97e9128f
be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238
bfc457bbe2bd64e3c254e032d1e8252668c4166431764d9a2f3ecfe8a47f3a82
c049f42b0135ba00ec853380fa310c29b5b7bdfce210c0f80c3dfeb45365f712
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
c7f99f1f3057c6c976955105d6a54e7149d2e037fb8d1d8a2df6e6d2043271fd
cc7b69dce7a199a83f41f4f0f14c3955c09788a452a9abc2aa5924ad984ee513
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0ec9dbfde0bd4317e84b614fc44ef5332a27d3363b38ab3b2f02ff484a33c85
d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78
d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac
d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517
d801a7aee4bfe2c958fd643f0cbeec4594298233004ada814fbff90eeb0b1c0b
dca2e5087612e2bf4420ce4fcd117fa4b2f20ae6ac67f9469c9e6fe45169907a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df0d0e06b89b812c5e64d53884b1092af8ad99e98b4b36eb9d5f3868b51aa978
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d697c2533dd266c943b504a8f3696c87377d38171c5979df27d3bf5970500c
e9cd157aaf539ecdef6120adb67acd9230c5ef7223133493e2339be589a71ff7
ea756ee47cf288fe4ff48e8e72686f24ec239d60cacc70f8f62017a694f8c075
ea956872aba11ad0988da83e59d62b3a8f25e07fcaad2dc9a4a6b82753515a2e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881