paste.co.id Open in urlscan Pro
5.189.137.168 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paste.co.id/bWKv9ztFz8
Submission: On August 14 via manual (August 14th 2021, 4:28:14 am UTC) from ID

Summary HTTP 137 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 38 IPs in 6 countries across 39 domains to perform 137 HTTP transactions. The main IP is 5.189.137.168, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is paste.co.id.
TLS certificate: Issued by R3 on June 22nd 2021. Valid for: 3 months.

This is the only time paste.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	5.189.137.168 5.189.137.168	51167 (CONTABO) (CONTABO)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
6	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
10	139.45.196.145 139.45.196.145	9002 (RETN-AS) (RETN-AS)
19	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	109.203.125.88 109.203.125.88	31727 (NODE4-AS) (NODE4-AS)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:d76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.197.234 139.45.197.234	9002 (RETN-AS) (RETN-AS)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	139.45.197.250 139.45.197.250	9002 (RETN-AS) (RETN-AS)
6	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
2	139.45.197.243 139.45.197.243	9002 (RETN-AS) (RETN-AS)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
3	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4b21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
3	139.45.197.156 139.45.197.156	9002 (RETN-AS) (RETN-AS)
15	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	65.9.73.82 65.9.73.82	16509 (AMAZON-02) (AMAZON-02)
1	2a0c:5c81:509... 2a0c:5c81:5095:0:225:90ff:fefa:245d	55081 (24SHELLS) (24SHELLS)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
2 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	104.19.217.61 104.19.217.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	109.206.188.82 109.206.188.82	50245 (SERVEREL-AS) (SERVEREL-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
5 5	18.198.86.30 18.198.86.30	16509 (AMAZON-02) (AMAZON-02)
1 1	49.12.13.182 49.12.13.182	24940 (HETZNER-AS) (HETZNER-AS)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
1	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
1 1	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
137	38

16 5.189.137.168 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi465240.contaboserver.net

paste.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dozubatan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.196.145 (United Kingdom)

ASN9002 (RETN-AS, GB)

seeptoag.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.19.135.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.203.125.88 (United Kingdom)

ASN31727 (NODE4-AS, GB)
PTR: euk-88894.eukservers.com

www.qrcoder.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:d76 (United States)

ASN13335 (CLOUDFLARENET, US)

iclickcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.234 (United Kingdom)

ASN9002 (RETN-AS, GB)

bedrapiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)

pseepsie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

toglooman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
itgiblean.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)

onmarshtompor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4b21 (United States)

ASN13335 (CLOUDFLARENET, US)

static.lalaping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.156 (United Kingdom)

ASN9002 (RETN-AS, GB)

static.cdnativepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.19.132.78 (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 65.9.73.82 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.217.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.188.82 (Netherlands) 1 redirects

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.188.82.serverel.net

sync.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (The Dalles, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.198.86.30 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-86-30.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.13.182 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.182.13.12.49.clients.your-server.de

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

usermatch.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)

sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.149.0.72 (Ukraine) 1 redirects

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

o.wowreality.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	mgid.com jsc.mgid.com c.mgid.com cdn.mgid.com servicer.mgid.com s-img.mgid.com cm.mgid.com	270 KB
16	paste.co.id paste.co.id	412 KB
10	seeptoag.net seeptoag.net	65 KB
9	google.com adservice.google.com www.google.com	36 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	225 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com	11 KB
5	scorecardresearch.com 2 redirects sb.scorecardresearch.com	3 KB
5	toglooman.com toglooman.com	124 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	11 KB
5	inpagepush.com inpagepush.com	34 KB
4	cloudflare.com cdnjs.cloudflare.com	49 KB
3	cdnativepush.com static.cdnativepush.com	5 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	rtmark.net my.rtmark.net	2 KB
3	google.de adservice.google.de www.google.de	1 KB
3	pseepsie.com pseepsie.com	45 KB
2	wowreality.info o.wowreality.info	398 B
2	1rx.io 2 redirects sync.1rx.io	743 B
2	unrulymedia.com 1 redirects usermatch.targeting.unrulymedia.com sync.targeting.unrulymedia.com	614 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	757 B
2	creativecdn.com 2 redirects creativecdn.com	687 B
2	adsrvr.org 2 redirects match.adsrvr.org	907 B
2	adtelligent.com 1 redirects s.adtelligent.com sync.adtelligent.com	1 KB
2	onmarshtompor.com onmarshtompor.com	2 KB
2	googletagmanager.com www.googletagmanager.com	80 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	84 KB
1	itgiblean.com itgiblean.com	326 B
1	idealmedia.io cm.idealmedia.io	413 B
1	splicky.com 1 redirects bidswitch-eu.splicky.com	218 B
1	e-volution.ai 1 redirects sync.e-volution.ai	463 B
1	lentainform.com cm.lentainform.com	496 B
1	lalaping.com static.lalaping.com	34 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	googleadservices.com partner.googleadservices.com	656 B
1	dozubatan.com dozubatan.com	30 KB
1	bedrapiona.com bedrapiona.com	2 KB
1	iclickcdn.com iclickcdn.com	21 KB
1	qrcoder.co.uk www.qrcoder.co.uk
137	39

	Domain	Requested by
16	paste.co.id	paste.co.id cdnjs.cloudflare.com
15	s-img.mgid.com	jsc.mgid.com
10	seeptoag.net	paste.co.id seeptoag.net
8	cm.mgid.com	jsc.mgid.com s.adtelligent.com
7	www.google.com	paste.co.id tpc.googlesyndication.com
6	pagead2.googlesyndication.com	paste.co.id pagead2.googlesyndication.com tpc.googlesyndication.com
5	x.bidswitch.net	5 redirects
5	sb.scorecardresearch.com	2 redirects jsc.mgid.com
5	toglooman.com	iclickcdn.com toglooman.com
5	inpagepush.com	paste.co.id inpagepush.com
4	cdn.mgid.com	jsc.mgid.com
4	cdnjs.cloudflare.com	paste.co.id
3	servicer.mgid.com	jsc.mgid.com
3	static.cdnativepush.com	inpagepush.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	my.rtmark.net	inpagepush.com paste.co.id onmarshtompor.com
3	pseepsie.com	iclickcdn.com pseepsie.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	o.wowreality.info	static.lalaping.com
2	sync.1rx.io	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	creativecdn.com	2 redirects
2	match.adsrvr.org	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	c.mgid.com	jsc.mgid.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	onmarshtompor.com	iclickcdn.com
2	www.googletagmanager.com	paste.co.id www.googletagmanager.com
2	jsc.mgid.com	paste.co.id jsc.mgid.com
2	maxcdn.bootstrapcdn.com	paste.co.id maxcdn.bootstrapcdn.com
1	itgiblean.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	sync.adtelligent.com	1 redirects
1	sync.targeting.unrulymedia.com
1	usermatch.targeting.unrulymedia.com	1 redirects
1	cm.idealmedia.io
1	bidswitch-eu.splicky.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	pixel.rubiconproject.com
1	sync.e-volution.ai	1 redirects
1	cm.lentainform.com
1	secure-assets.rubiconproject.com	1 redirects
1	s.adtelligent.com	cm.mgid.com
1	www.google.de	paste.co.id
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.lalaping.com	toglooman.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	dozubatan.com	iclickcdn.com
1	bedrapiona.com	iclickcdn.com
1	iclickcdn.com	paste.co.id
1	www.qrcoder.co.uk	paste.co.id
137	54

This site contains links to these domains. Also see Links.

Domain
widgets.mgid.com
www.mgid.com
clustermapping.us
socraticmed.net
www.halopajak.id
amara.org
freeguy.home.blog
www.hybrid-analysis.com
www.easymarks.org
www.vibrantbuzz.com
articlepedia.xyz
dcm.shivtr.com
ide.geeksforgeeks.org
www.peeranswer.com
paiza.io

Subject Issuer	Validity	Valid
paste.co.id R3	`2021-06-22` - `2021-09-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
inpagepush.com R3	`2021-07-30` - `2021-10-28`	3 months	crt.sh
seeptoag.net R3	`2021-08-11` - `2021-11-09`	3 months	crt.sh
qrcoder.co.uk cPanel, Inc. Certification Authority	`2021-08-14` - `2021-11-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
bedrapiona.com R3	`2021-08-03` - `2021-11-01`	3 months	crt.sh
dozubatan.com R3	`2021-08-10` - `2021-11-08`	3 months	crt.sh
pseepsie.com R3	`2021-05-28` - `2021-08-26`	3 months	crt.sh
toglooman.com R3	`2021-07-09` - `2021-10-07`	3 months	crt.sh
onmarshtompor.com R3	`2021-08-04` - `2021-11-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
cdnativepush.com R3	`2021-07-14` - `2021-10-12`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-08-05` - `2021-11-03`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.targeting.unrulymedia.com DigiCert SHA2 Secure Server CA	`2020-05-04` - `2022-05-09`	2 years	crt.sh
wowreality.info R3	`2021-07-30` - `2021-10-28`	3 months	crt.sh
itgiblean.com R3	`2021-08-10` - `2021-11-08`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://paste.co.id/bWKv9ztFz8
Frame ID: 04A9F7EB3676F63DF613D4ABDE495E76
Requests: 115 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html
Frame ID: 38AE51F25B65A6A572B18BBCBA96C781
Requests: 1 HTTP requests in this frame

Frame: https://onmarshtompor.com/fac.php?OAID=2a0c2932fd0c4f45b5bbe1335bf4158e&oaidts=1628915278
Frame ID: 81DE5028EB0C7506DAF0442922CD26ED
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1628915278&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628915278104&bpp=2&bdt=310&idt=270&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4378604846523&frm=20&pv=2&ga_vid=352520918.1628915278&ga_sid=1628915278&ga_hid=1217153136&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C31062297&oid=3&pvsid=2855949837188812&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=281
Frame ID: 2F61B46AE515617E3CDDB49FE3C00DB8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=1213588912&adf=2125710545&pi=t.aa~a.2711115096~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1628915278&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628915278505&bpp=2&bdt=711&idt=2&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D352714a05e9f78ce-222e1f8aabc900e4%3AT%3D1628915278%3ART%3D1628915278%3AS%3DALNI_MajRgDZKpYw45-2huuHJSOOG2Mcqw&prev_fmts=0x0&nras=2&correlator=4378604846523&frm=20&pv=1&ga_vid=352520918.1628915278&ga_sid=1628915278&ga_hid=1217153136&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C31062297&oid=3&pvsid=2855949837188812&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7xI1GRBZvX&p=https%3A//paste.co.id&dtd=8
Frame ID: 7CD91DD1DD4F80F2D738A70347214FF7
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 627A7E517AACD47AF34175922C5BAFA0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 309AA4B3589C3356A82D1BF43D40C736
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 06F5ED8EEEDE9E3D1FD7B8D080915300
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1628915279175928011779
Frame ID: 8AF7FC74775034916CB988C5C7A943EF
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: 39498BEA3A16C3E565F40E126BE1F0D4
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: A4B52DED118CAF6C5AF60CB554DB8FB4
Requests: 3 HTTP requests in this frame

Frame: https://static.cdnativepush.com/contents/s/27/37/a4/8fd12ad9d8597ca0ddca80c749/0738745987824.png
Frame ID: E6F5A7C4478777D290E2ED18DC946C95
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

137
Requests

100 %
HTTPS

34 %
IPv6

39
Domains

54
Subdomains

38
IPs

6
Countries

1596 kB
Transfer

3929 kB
Size

13
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.mgid.com/?utm_source=paste.co.id&utm_medium=referral&utm_campaign=widgets&utm_content=997452
Title:

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy
Title:

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164878/i/57333099/0/pp/1/1?h=vxYVSRg4D7aZaUcZSTU58QqbdI1vFzk6nuK8YD4uKjukJN3XmCNuoximDF0dASdP&rid=0147af15-fcb8-11eb-8adb-d094662c24f7&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164888/i/57333099/0/pp/2/1?h=vxYVSRg4D7aZaUcZSTU58WfxIohKgTQapH5U-J0tRKxyteBbAA2E9evrpJvpLgN9&rid=0147af15-fcb8-11eb-8adb-d094662c24f7&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164872/i/57333099/0/pp/3/1?h=vxYVSRg4D7aZaUcZSTU58b92cStZ2j4qLfvg-_Pq437E0POwYYn4ruFjbLMsyAAO&rid=0147af15-fcb8-11eb-8adb-d094662c24f7&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164846/i/57333099/0/pp/4/1?h=vxYVSRg4D7aZaUcZSTU58eSVgxYRMJJ97wKCS-7Qx9TMZHyJ_CU3XwgiyImiYeKR&rid=0147af15-fcb8-11eb-8adb-d094662c24f7&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://clustermapping.us/organization/123movies-watch-free-guy-2021-hd-online-full-free-download
Title: https://clustermapping.us/organization/123movies-watch-free-guy-2021-hd-online-full-free-download

Search URL Search Domain Scan URL

URL: https://clustermapping.us/organization/123movies-4k-free-guy-2021-watch-online-full-hd-free-putlocker-0
Title: https://clustermapping.us/organization/123movies-4k-free-guy-2021-watch-online-full-hd-free-putlocker-0

Search URL Search Domain Scan URL

URL: https://clustermapping.us/organization/watch-free-guy-2021-hd-online-full-free-ryan-reynolds-almost
Title: https://clustermapping.us/organization/watch-free-guy-2021-hd-online-full-free-ryan-reynolds-almost

Search URL Search Domain Scan URL

URL: https://clustermapping.us/organization/123movies-watch-free-guy-2021-almost-hd-online-full-free-download-here
Title: https://clustermapping.us/organization/123movies-watch-free-guy-2021-almost-hd-online-full-free-download-here

Search URL Search Domain Scan URL

URL: https://clustermapping.us/organization/hdwatch-free-guy-2021-online-movie-full-free-sub-eng
Title: https://clustermapping.us/organization/hdwatch-free-guy-2021-online-movie-full-free-sub-eng

Search URL Search Domain Scan URL

URL: https://socraticmed.net/groups/123movies-watch-free-guy-online-movie-full-free-2021-08-11-sub-eng/
Title: https://socraticmed.net/groups/123movies-watch-free-guy-online-movie-full-free-2021-08-11-sub-eng/

Search URL Search Domain Scan URL

URL: https://socraticmed.net/groups/123movies-free-guy-2021-watch-online-full-hd-free-putlocker/
Title: https://socraticmed.net/groups/123movies-free-guy-2021-watch-online-full-hd-free-putlocker/

Search URL Search Domain Scan URL

URL: https://socraticmed.net/groups/hd-watch-free-guy-2021-full-movie-online-free-ryan-reynolds-almost/
Title: https://socraticmed.net/groups/hd-watch-free-guy-2021-full-movie-online-free-ryan-reynolds-almost/

Search URL Search Domain Scan URL

URL: https://socraticmed.net/groups/hd-almost-watch-free-guy-2021-full-movie-online-free/
Title: https://socraticmed.net/groups/hd-almost-watch-free-guy-2021-full-movie-online-free/

Search URL Search Domain Scan URL

URL: https://socraticmed.net/groups/hd-123movies-free-guy-2021-watch-full-movie-online-free/
Title: https://socraticmed.net/groups/hd-123movies-free-guy-2021-watch-full-movie-online-free/

Search URL Search Domain Scan URL

URL: https://www.halopajak.id/groups/123movies-free-guy-2021-watch-online-full-hd-free-ryan-reynolds-almost/
Title: https://www.halopajak.id/groups/123movies-free-guy-2021-watch-online-full-hd-free-ryan-reynolds-almost/

Search URL Search Domain Scan URL

URL: https://www.halopajak.id/groups/hd-almost-watch-free-guy-2021-full-movie-online-free/
Title: https://www.halopajak.id/groups/hd-almost-watch-free-guy-2021-full-movie-online-free/

Search URL Search Domain Scan URL

URL: https://www.halopajak.id/groups/hd-almost-watch-free-guy-2021-full-movie-online-free/group-info/
Title: https://www.halopajak.id/groups/hd-almost-watch-free-guy-2021-full-movie-online-free/group-info/

Search URL Search Domain Scan URL

URL: https://amara.org/en/profiles/profile/anfd5BvfHYG4MJF1JXFIIWM55EjqEicI7GEOLc1MCdA/
Title: https://amara.org/en/profiles/profile/anfd5BvfHYG4MJF1JXFIIWM55EjqEicI7GEOLc1MCdA/

Search URL Search Domain Scan URL

URL: https://freeguy.home.blog/2021/08/14/123movies-watch-free-guy-2021-movie-online-full-hd-free-putlocker/
Title: https://freeguy.home.blog/2021/08/14/123movies-watch-free-guy-2021-movie-online-full-hd-free-putlocker/

Search URL Search Domain Scan URL

URL: https://freeguy.home.blog/2021/08/14/ryan-reynolds-almost-saves-free-guy-believe-it-or-not-2021-08-11/
Title: https://freeguy.home.blog/2021/08/14/ryan-reynolds-almost-saves-free-guy-believe-it-or-not-2021-08-11/

Search URL Search Domain Scan URL

URL: https://www.hybrid-analysis.com/sample/d83bf873ae38c2909836b3f52a6afc5f38405b54b0585554bedb94341ebbf26a
Title: https://www.hybrid-analysis.com/sample/d83bf873ae38c2909836b3f52a6afc5f38405b54b0585554bedb94341ebbf26a

Search URL Search Domain Scan URL

URL: https://www.hybrid-analysis.com/sample/d83bf873ae38c2909836b3f52a6afc5f38405b54b0585554bedb94341ebbf26a/611732f14813ac53db39d29f
Title: https://www.hybrid-analysis.com/sample/d83bf873ae38c2909836b3f52a6afc5f38405b54b0585554bedb94341ebbf26a/611732f14813ac53db39d29f

Search URL Search Domain Scan URL

URL: http://www.easymarks.org/link/1035312/watch-free-guy-free-2021
Title: http://www.easymarks.org/link/1035312/watch-free-guy-free-2021

Search URL Search Domain Scan URL

URL: http://www.vibrantbuzz.com/article/1515498/ryan-reynolds-almost-saves-free-guy-believe-it-or-not-2021
Title: http://www.vibrantbuzz.com/article/1515498/ryan-reynolds-almost-saves-free-guy-believe-it-or-not-2021

Search URL Search Domain Scan URL

URL: https://articlepedia.xyz/ryan-reynolds-almost-saves-free-guy-2021-believe-it-or-not/
Title: https://articlepedia.xyz/ryan-reynolds-almost-saves-free-guy-2021-believe-it-or-not/

Search URL Search Domain Scan URL

URL: http://www.vibrantbuzz.com/link/979446/home-%e2%80%93-hd-almost-watch-free-guy-2021-full-movie-online-free-%e2%80%93-socratic-med
Title: http://www.vibrantbuzz.com/link/979446/home-–-hd-almost-watch-free-guy-2021-full-movie-online-free-–-socratic-med

Search URL Search Domain Scan URL

URL: https://dcm.shivtr.com/forum_threads/3576259
Title: https://dcm.shivtr.com/forum_threads/3576259

Search URL Search Domain Scan URL

URL: https://ide.geeksforgeeks.org/eXZpVtIErJ
Title: https://ide.geeksforgeeks.org/eXZpVtIErJ

Search URL Search Domain Scan URL

URL: https://www.peeranswer.com/question/6117376464d813fc5e96fee2
Title: https://www.peeranswer.com/question/6117376464d813fc5e96fee2

Search URL Search Domain Scan URL

URL: https://paiza.io/projects/064T9k_iZmDqWZ4SVser9g
Title: https://paiza.io/projects/064T9k_iZmDqWZ4SVser9g

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164831/i/57333099/0/pp/1/1?h=vxYVSRg4D7aZaUcZSTU58SueWeRRIhVcCRro0v9Ax_VZx52_Vom2ULkaEpF_PZke&rid=0149aca6-fcb8-11eb-bcff-d094662c1c35&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193504/i/57333099/0/pp/2/1?h=vxYVSRg4D7aZaUcZSTU58Xl9U37eMe__mkQeim3tIcsGA6XP-71s4M4Ky69wWG1q&rid=0149aca6-fcb8-11eb-bcff-d094662c1c35&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164878/i/57333099/0/pp/3/1?h=vxYVSRg4D7aZaUcZSTU58QqbdI1vFzk6nuK8YD4uKjtATrJGuUdGWwRqa3QyQM5s&rid=0149aca6-fcb8-11eb-bcff-d094662c1c35&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193529/i/57333099/0/pp/4/1?h=vxYVSRg4D7aZaUcZSTU58bVOlTjL01nhxBNmehuyKjUf80fA75SRFN-5R4PuKR9O&rid=0149aca6-fcb8-11eb-bcff-d094662c1c35&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164869/i/57333099/0/pp/1/1?h=vxYVSRg4D7aZaUcZSTU58S7nNUIzN7mpMtAKojjPWzlr22hoNMjghqcJyeV358Kp&rid=0148fc73-fcb8-11eb-9122-2cea7f875b01&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193489/i/57333099/0/pp/2/1?h=vxYVSRg4D7aZaUcZSTU58QXKDfn2X2xbt5vo72Ma9rXgBEB3kzUrBSNnKKWgSstx&rid=0148fc73-fcb8-11eb-9122-2cea7f875b01&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164909/i/57333099/0/pp/3/1?h=vxYVSRg4D7aZaUcZSTU58XyVa3Js0Lr6R_JXvaX1tv3SuTCGBDYL8X0_7iC3KbZA&rid=0148fc73-fcb8-11eb-9122-2cea7f875b01&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164835/i/57333099/0/pp/4/1?h=vxYVSRg4D7aZaUcZSTU58Xv2zQhuPckkOFjL-48EAowLbDQbx7bBSFj4iYIq6b4c&rid=0148fc73-fcb8-11eb-9122-2cea7f875b01&tt=Direct&att=3&afrd=8&iv=11&ct=1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 115

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=9f81e39f-9a6a-40f1-90aa-c0864ea44079&ttl=1631507279

Request Chain 116

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=MqYKHMAHdBlHhndO5TcP&pi=mgid&tc=1

Request Chain 118

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l7dWbhG3c2rl HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=

Request Chain 119

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDdkV2JoRzNjMnJs&muidn=l7dWbhG3c2rl HTTP 302
https://cm.mgid.com/google?muidn=l7dWbhG3c2rl&google_ula={guid},5&google_gid=CAESEPNBjzSvxnuSgHOiLgUpou0&google_cver=1

Request Chain 120

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=a44448ff-eef6-4808-a855-d55a150e73e6

Request Chain 121

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=423f4cd7-f1d3-4c21-aa44-67dc63322c07 HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=423f4cd7-f1d3-4c21-aa44-67dc63322c07 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=423f4cd7-f1d3-4c21-aa44-67dc63322c07&gdpr=&gdpr_consent=&us_privacy=

Request Chain 123

https://x.bidswitch.net/sync?dsp_id=303&user_id=l7dWbhG3c2rl HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l7dWbhG3c2rl HTTP 302
https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/423f4cd7-f1d3-4c21-aa44-67dc63322c07?gdpr=&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/bidswitch/423f4cd7-f1d3-4c21-aa44-67dc63322c07?gdpr=&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/bidswitch/423f4cd7-f1d3-4c21-aa44-67dc63322c07?zcc=1&dspret=0&cb=1628915279570 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-cd9544c6-f3f9-4524-87d2-1dc826a35b21-003

Request Chain 124

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1628915279305&ns_c=UTF-8&cv=3.5&c8=Ryan%20Reynolds%20(Almost)%20Saves%20Free%20Guy%2C%20Believe%20It%20or%20Not%20(2021)%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1628915279305&ns_c=UTF-8&cv=3.5&c8=Ryan%20Reynolds%20(Almost)%20Saves%20Free%20Guy%2C%20Believe%20It%20or%20Not%20(2021)%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&c9=

Request Chain 125

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1628915279306&ns_c=UTF-8&cv=3.5&c8=Ryan%20Reynolds%20(Almost)%20Saves%20Free%20Guy%2C%20Believe%20It%20or%20Not%20(2021)%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1628915279306&ns_c=UTF-8&cv=3.5&c8=Ryan%20Reynolds%20(Almost)%20Saves%20Free%20Guy%2C%20Believe%20It%20or%20Not%20(2021)%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&c9=

Request Chain 126

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D HTTP 302
https://cm.mgid.com/m?cdsp=617666&c=97f8ef5b7539f983

137 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request bWKv9ztFz8 Show response
paste.co.id/ 85 KB
25 KB 5140ms
5018ms Document
text/html 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/bWKv9ztFz8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: a41c200ffb948f513a819c6de0b7dbfa82597bfcc6ea8f00cf919bc19f5fd0f7

Request headers

:method: GET
:authority: paste.co.id
:scheme: https
:path: /bWKv9ztFz8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, private
content-type: text/html; charset=UTF-8
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
set-cookie: XSRF-TOKEN=eyJpdiI6IjFWZ2NiU3lEdHhDZVJUTk1ENTlFd3c9PSIsInZhbHVlIjoiU1JUMG1cL1pwdk9GeklxTXU2MzZRWVRpS0lzSzZ6NFpMTm5zNlwvNE81aXN5eHhpVGtnNE52SHhxeVpxSDMrMjVyIiwibWFjIjoiMmQwYjU5M2RmZDcxY2E0Y2M3MWM4NzhiYjJkODhlZDM2YTIyZTkxOGU3MDQ5ZTAyOWVjOTkxY2E5ODUwODYzYSJ9; expires=Sat, 14-Aug-2021 06:27:57 GMT; Max-Age=7200; path=/ pasteshr_session=eyJpdiI6Im1sOXNsWmZkaHZBQWFXTDZ2OXp5RFE9PSIsInZhbHVlIjoiVzJ5YW5uV2Jjc1hEaTUrU3REUHZxME51M2tBRFN5WHk4NGRwNFZRekEwNzByYm9zK2Q2c3VGVE9JSmV0VnJrYSIsIm1hYyI6IjQ0MDkwZGFhOWQ4OGU4MGIzZTc3ODFkNTAxZWM5ZGFiNjNiZTJiOWE2YjA5YzI0NDM2NDBhNjUzMjU4NDM3MjUifQ%3D%3D; expires=Sat, 14-Aug-2021 06:27:57 GMT; Max-Age=7200; path=/; httponly
content-encoding: gzip
vary: Accept-Encoding
content-length: 25207
date: Sat, 14 Aug 2021 04:27:57 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 28ms
12ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617
age: 807911
cdn-cachedat: 2021-07-24 08:09:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 40b2c5e257c44c41b18e54bb6d5c182e
cf-ray: 67e76f065f734a98-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 bootstrap.min.css
paste.co.id/css/ 138 KB
18 KB 140ms
36ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/bootstrap.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

:path: /css/bootstrap.min.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IjFWZ2NiU3lEdHhDZVJUTk1ENTlFd3c9PSIsInZhbHVlIjoiU1JUMG1cL1pwdk9GeklxTXU2MzZRWVRpS0lzSzZ6NFpMTm5zNlwvNE81aXN5eHhpVGtnNE52SHhxeVpxSDMrMjVyIiwibWFjIjoiMmQwYjU5M2RmZDcxY2E0Y2M3MWM4NzhiYjJkODhlZDM2YTIyZTkxOGU3MDQ5ZTAyOWVjOTkxY2E5ODUwODYzYSJ9; pasteshr_session=eyJpdiI6Im1sOXNsWmZkaHZBQWFXTDZ2OXp5RFE9PSIsInZhbHVlIjoiVzJ5YW5uV2Jjc1hEaTUrU3REUHZxME51M2tBRFN5WHk4NGRwNFZRekEwNzByYm9zK2Q2c3VGVE9JSmV0VnJrYSIsIm1hYyI6IjQ0MDkwZGFhOWQ4OGU4MGIzZTc3ODFkNTAxZWM5ZGFiNjNiZTJiOWE2YjA5YzI0NDM2NDBhNjUzMjU4NDM3MjUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/bWKv9ztFz8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/bWKv9ztFz8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:57 GMT
content-encoding: br
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
etag: "22688-5be452f6-4a15aa;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 18560
expires: Sat, 21 Aug 2021 04:27:57 GMT

GET
H3-29 200 mdb.min.css
paste.co.id/css/ 226 KB
22 KB 141ms
37ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/mdb.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045

Request headers

:path: /css/mdb.min.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IjFWZ2NiU3lEdHhDZVJUTk1ENTlFd3c9PSIsInZhbHVlIjoiU1JUMG1cL1pwdk9GeklxTXU2MzZRWVRpS0lzSzZ6NFpMTm5zNlwvNE81aXN5eHhpVGtnNE52SHhxeVpxSDMrMjVyIiwibWFjIjoiMmQwYjU5M2RmZDcxY2E0Y2M3MWM4NzhiYjJkODhlZDM2YTIyZTkxOGU3MDQ5ZTAyOWVjOTkxY2E5ODUwODYzYSJ9; pasteshr_session=eyJpdiI6Im1sOXNsWmZkaHZBQWFXTDZ2OXp5RFE9PSIsInZhbHVlIjoiVzJ5YW5uV2Jjc1hEaTUrU3REUHZxME51M2tBRFN5WHk4NGRwNFZRekEwNzByYm9zK2Q2c3VGVE9JSmV0VnJrYSIsIm1hYyI6IjQ0MDkwZGFhOWQ4OGU4MGIzZTc3ODFkNTAxZWM5ZGFiNjNiZTJiOWE2YjA5YzI0NDM2NDBhNjUzMjU4NDM3MjUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/bWKv9ztFz8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/bWKv9ztFz8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:57 GMT
content-encoding: br
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
etag: "38940-5be452f6-4a15a9;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 22616
expires: Sat, 21 Aug 2021 04:27:57 GMT

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/ 15 KB
2 KB 12ms
11ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/select2.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 188614
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1624
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-3b5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzBxIuSJ3bqUM9TkQ8u53JTMaRxioto4kZkwB42ypA1bZO5gjQmwp4m5slbZaqTNAc4aGpiO%2FLwGEXBK%2BpjM5uNGZU8iE2Ex3S%2FlJIMcSxQSNRrEWU5eQ%2BkHl5aMLcavvha%2B2Wchl4G5rf46MvvqGFix"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 67e76f063c014a55-FRA
expires: Thu, 04 Aug 2022 04:27:57 GMT

GET
H3-29 200 special.min.css
paste.co.id/css/skins/ 3 KB
845 B 138ms
36ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/skins/special.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: d801a7aee4bfe2c958fd643f0cbeec4594298233004ada814fbff90eeb0b1c0b

Request headers

:path: /css/skins/special.min.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IjFWZ2NiU3lEdHhDZVJUTk1ENTlFd3c9PSIsInZhbHVlIjoiU1JUMG1cL1pwdk9GeklxTXU2MzZRWVRpS0lzSzZ6NFpMTm5zNlwvNE81aXN5eHhpVGtnNE52SHhxeVpxSDMrMjVyIiwibWFjIjoiMmQwYjU5M2RmZDcxY2E0Y2M3MWM4NzhiYjJkODhlZDM2YTIyZTkxOGU3MDQ5ZTAyOWVjOTkxY2E5ODUwODYzYSJ9; pasteshr_session=eyJpdiI6Im1sOXNsWmZkaHZBQWFXTDZ2OXp5RFE9PSIsInZhbHVlIjoiVzJ5YW5uV2Jjc1hEaTUrU3REUHZxME51M2tBRFN5WHk4NGRwNFZRekEwNzByYm9zK2Q2c3VGVE9JSmV0VnJrYSIsIm1hYyI6IjQ0MDkwZGFhOWQ4OGU4MGIzZTc3ODFkNTAxZWM5ZGFiNjNiZTJiOWE2YjA5YzI0NDM2NDBhNjUzMjU4NDM3MjUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/bWKv9ztFz8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/bWKv9ztFz8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:57 GMT
content-encoding: br
last-modified: Wed, 24 Apr 2019 12:08:22 GMT
server: LiteSpeed
etag: "bab-5cc051b6-5052d5;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 778
expires: Sat, 21 Aug 2021 04:27:57 GMT

GET
H3-29 200 app.min.css
paste.co.id/css/ 648 B
288 B 139ms
36ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/app.min.css?v=1.2
Requested by: Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b

Request headers

:path: /css/app.min.css?v=1.2
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IjFWZ2NiU3lEdHhDZVJUTk1ENTlFd3c9PSIsInZhbHVlIjoiU1JUMG1cL1pwdk9GeklxTXU2MzZRWVRpS0lzSzZ6NFpMTm5zNlwvNE81aXN5eHhpVGtnNE52SHhxeVpxSDMrMjVyIiwibWFjIjoiMmQwYjU5M2RmZDcxY2E0Y2M3MWM4NzhiYjJkODhlZDM2YTIyZTkxOGU3MDQ5ZTAyOWVjOTkxY2E5ODUwODYzYSJ9; pasteshr_session=eyJpdiI6Im1sOXNsWmZkaHZBQWFXTDZ2OXp5RFE9PSIsInZhbHVlIjoiVzJ5YW5uV2Jjc1hEaTUrU3REUHZxME51M2tBRFN5WHk4NGRwNFZRekEwNzByYm9zK2Q2c3VGVE9JSmV0VnJrYSIsIm1hYyI6IjQ0MDkwZGFhOWQ4OGU4MGIzZTc3ODFkNTAxZWM5ZGFiNjNiZTJiOWE2YjA5YzI0NDM2NDBhNjUzMjU4NDM3MjUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/bWKv9ztFz8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/bWKv9ztFz8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:57 GMT
content-encoding: br
last-modified: Fri, 05 Jun 2020 17:06:52 GMT
server: LiteSpeed
etag: "288-5eda7bac-4a15ad;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 222
expires: Sat, 21 Aug 2021 04:27:57 GMT

GET
H3-29 200 prism-okadia.css
paste.co.id/plugins/prismjs/ 13 KB
4 KB 137ms
35ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism-okadia.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6

Request headers

:path: /plugins/prismjs/prism-okadia.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IjFWZ2NiU3lEdHhDZVJUTk1ENTlFd3c9PSIsInZhbHVlIjoiU1JUMG1cL1pwdk9GeklxTXU2MzZRWVRpS0lzSzZ6NFpMTm5zNlwvNE81aXN5eHhpVGtnNE52SHhxeVpxSDMrMjVyIiwibWFjIjoiMmQwYjU5M2RmZDcxY2E0Y2M3MWM4NzhiYjJkODhlZDM2YTIyZTkxOGU3MDQ5ZTAyOWVjOTkxY2E5ODUwODYzYSJ9; pasteshr_session=eyJpdiI6Im1sOXNsWmZkaHZBQWFXTDZ2OXp5RFE9PSIsInZhbHVlIjoiVzJ5YW5uV2Jjc1hEaTUrU3REUHZxME51M2tBRFN5WHk4NGRwNFZRekEwNzByYm9zK2Q2c3VGVE9JSmV0VnJrYSIsIm1hYyI6IjQ0MDkwZGFhOWQ4OGU4MGIzZTc3ODFkNTAxZWM5ZGFiNjNiZTJiOWE2YjA5YzI0NDM2NDBhNjUzMjU4NDM3MjUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/bWKv9ztFz8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/bWKv9ztFz8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:57 GMT
content-encoding: br
last-modified: Tue, 29 Jan 2019 22:43:52 GMT
server: LiteSpeed
etag: "326d-5c50d728-4c4795;br"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3354
expires: Sat, 21 Aug 2021 04:27:57 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 60ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba45b9535d8b81f446e72a0f37425bb253fe5a084d71d58830fb19f48d3f3529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49910
x-xss-protection: 0
server: cafe
etag: 16784155829801746734
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 14 Aug 2021 04:27:58 GMT

GET
H2 200 3509488 Show response
inpagepush.com/400/ 83 KB
30 KB 119ms
49ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3509488

Requested by

Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

dbe66044132217047e9a50fa99575a80d0c6707b7a8aeb9577b1ceab7cc3f36a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: c1d470d546cb91ba3a800df11d5ae6e9
pragma: no-cache
date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 ntfc.php Show response
seeptoag.net/ 15 KB
6 KB 115ms
32ms Script
application/javascript 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/ntfc.php?p=3534037
Requested by: Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: aa7b6d5b770a73bfa79bb530f6549221a559d0e366daa55005255ec66ae752db

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 13:13:56 GMT
server: nginx
etag: W/"61127b94-3b23"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H3-29 200 default-avatar.png
paste.co.id/img/ 7 KB
7 KB 149ms
148ms Image
image/png 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paste.co.id/img/default-avatar.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517

Request headers

:path: /img/default-avatar.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IjFWZ2NiU3lEdHhDZVJUTk1ENTlFd3c9PSIsInZhbHVlIjoiU1JUMG1cL1pwdk9GeklxTXU2MzZRWVRpS0lzSzZ6NFpMTm5zNlwvNE81aXN5eHhpVGtnNE52SHhxeVpxSDMrMjVyIiwibWFjIjoiMmQwYjU5M2RmZDcxY2E0Y2M3MWM4NzhiYjJkODhlZDM2YTIyZTkxOGU3MDQ5ZTAyOWVjOTkxY2E5ODUwODYzYSJ9; pasteshr_session=eyJpdiI6Im1sOXNsWmZkaHZBQWFXTDZ2OXp5RFE9PSIsInZhbHVlIjoiVzJ5YW5uV2Jjc1hEaTUrU3REUHZxME51M2tBRFN5WHk4NGRwNFZRekEwNzByYm9zK2Q2c3VGVE9JSmV0VnJrYSIsIm1hYyI6IjQ0MDkwZGFhOWQ4OGU4MGIzZTc3ODFkNTAxZWM5ZGFiNjNiZTJiOWE2YjA5YzI0NDM2NDBhNjUzMjU4NDM3MjUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: paste.co.id
referer: https://paste.co.id/bWKv9ztFz8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/bWKv9ztFz8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
last-modified: Wed, 28 Nov 2018 16:58:44 GMT
server: LiteSpeed
etag: "1b2d-5bfec944-90052b;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 6957
expires: Sat, 21 Aug 2021 04:27:58 GMT

GET
H2 200 paste.co.id.997452.js Show response
jsc.mgid.com/p/a/ 2 KB
1 KB 97ms
49ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dfc258187db25a77b8760110cb1dfbd9b13ed139c27b66ea7aa7fffb6055476

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: ZM96RGWWFEMTCVM0
last-modified: Wed, 11 Aug 2021 13:01:06 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: f1RU5sYG6aTXJIRqOSOMw07h0oq770H1eGF8mHreUX85FMEEJkQm4l7ivq04a1wcHUg+YGpoSHA=
cf-bgj: minify
server: cloudflare
etag: W/"eed0b2793fc1188a769da05ae05f7063"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 67e76f07ddef3323-CDG
expires: Sat, 14 Aug 2021 07:27:58 GMT

GET
H/1.1 403
Forbidden /
www.qrcoder.co.uk/api/v1/ 0
0 179ms
34ms Image
text/html 109.203.125.88
NODE4-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.qrcoder.co.uk/api/v1/?size=4&text=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8
Requested by: Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 109.203.125.88 , United Kingdom, ASN31727 (NODE4-AS, GB),
Reverse DNS: euk-88894.eukservers.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
28 KB 21ms
12ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 360254
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 27433
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MkTwpQuw7rQ0oogHaMgbFNNizuVrwBrNhBPehSc4bzMnlvpBx60DyXjKeD1uwSCM%2Ff4arNwqd%2FMVFEyVplcnVFbUFANn9Al4AQ8TdpKfMOn7%2F3eOaaa8SMWjAc8npkmSHcb%2FR6NxdPcEPVlpyXONJ7ry"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 67e76f072c594ecd-FRA
expires: Thu, 04 Aug 2022 04:27:57 GMT

GET
H3-29 200 bootstrap.min.js Show response
paste.co.id/js/ 50 KB
13 KB 32ms
31ms Script
application/x-javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/bootstrap.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

:path: /js/bootstrap.min.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IjFWZ2NiU3lEdHhDZVJUTk1ENTlFd3c9PSIsInZhbHVlIjoiU1JUMG1cL1pwdk9GeklxTXU2MzZRWVRpS0lzSzZ6NFpMTm5zNlwvNE81aXN5eHhpVGtnNE52SHhxeVpxSDMrMjVyIiwibWFjIjoiMmQwYjU5M2RmZDcxY2E0Y2M3MWM4NzhiYjJkODhlZDM2YTIyZTkxOGU3MDQ5ZTAyOWVjOTkxY2E5ODUwODYzYSJ9; pasteshr_session=eyJpdiI6Im1sOXNsWmZkaHZBQWFXTDZ2OXp5RFE9PSIsInZhbHVlIjoiVzJ5YW5uV2Jjc1hEaTUrU3REUHZxME51M2tBRFN5WHk4NGRwNFZRekEwNzByYm9zK2Q2c3VGVE9JSmV0VnJrYSIsIm1hYyI6IjQ0MDkwZGFhOWQ4OGU4MGIzZTc3ODFkNTAxZWM5ZGFiNjNiZTJiOWE2YjA5YzI0NDM2NDBhNjUzMjU4NDM3MjUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/bWKv9ztFz8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/bWKv9ztFz8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:57 GMT
content-encoding: br
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
etag: "c75f-5be452f6-4418f5;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 13341
expires: Sat, 21 Aug 2021 04:27:57 GMT

GET
H3-29 200 mdb.min.js Show response
paste.co.id/js/ 204 KB
59 KB 77ms
76ms Script
application/x-javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/mdb.min.js?v=2
Requested by: Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669

Request headers

:path: /js/mdb.min.js?v=2
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IjFWZ2NiU3lEdHhDZVJUTk1ENTlFd3c9PSIsInZhbHVlIjoiU1JUMG1cL1pwdk9GeklxTXU2MzZRWVRpS0lzSzZ6NFpMTm5zNlwvNE81aXN5eHhpVGtnNE52SHhxeVpxSDMrMjVyIiwibWFjIjoiMmQwYjU5M2RmZDcxY2E0Y2M3MWM4NzhiYjJkODhlZDM2YTIyZTkxOGU3MDQ5ZTAyOWVjOTkxY2E5ODUwODYzYSJ9; pasteshr_session=eyJpdiI6Im1sOXNsWmZkaHZBQWFXTDZ2OXp5RFE9PSIsInZhbHVlIjoiVzJ5YW5uV2Jjc1hEaTUrU3REUHZxME51M2tBRFN5WHk4NGRwNFZRekEwNzByYm9zK2Q2c3VGVE9JSmV0VnJrYSIsIm1hYyI6IjQ0MDkwZGFhOWQ4OGU4MGIzZTc3ODFkNTAxZWM5ZGFiNjNiZTJiOWE2YjA5YzI0NDM2NDBhNjUzMjU4NDM3MjUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/bWKv9ztFz8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/bWKv9ztFz8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:57 GMT
content-encoding: br
last-modified: Tue, 29 Jan 2019 22:15:46 GMT
server: LiteSpeed
etag: "331d6-5c50d092-441907;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 60235
expires: Sat, 21 Aug 2021 04:27:57 GMT

GET
H3-29 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/ 65 KB
16 KB 13ms
11ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/select2.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 502060
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15668
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-1042e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6895sEF6I5ZZwCCQKbQnNfnbdkpxUtN5%2FN1wzqbtC8DxvqwMs1V0dEtlkY%2FT3luAGR6j5wh%2BoU1E1o2QlKjqFDTXd8INNjTGScfaiThAP7e9p3SsmiqaPQPAejcdM%2ByX7xngO01DxHUbOK1CnapbEAaR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 67e76f078ce24ecd-FRA
expires: Thu, 04 Aug 2022 04:27:58 GMT

GET
H3-29 200 ads.js Show response
paste.co.id/js/ 22 B
132 B 81ms
79ms Script
application/x-javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/ads.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140

Request headers

:path: /js/ads.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IjFWZ2NiU3lEdHhDZVJUTk1ENTlFd3c9PSIsInZhbHVlIjoiU1JUMG1cL1pwdk9GeklxTXU2MzZRWVRpS0lzSzZ6NFpMTm5zNlwvNE81aXN5eHhpVGtnNE52SHhxeVpxSDMrMjVyIiwibWFjIjoiMmQwYjU5M2RmZDcxY2E0Y2M3MWM4NzhiYjJkODhlZDM2YTIyZTkxOGU3MDQ5ZTAyOWVjOTkxY2E5ODUwODYzYSJ9; pasteshr_session=eyJpdiI6Im1sOXNsWmZkaHZBQWFXTDZ2OXp5RFE9PSIsInZhbHVlIjoiVzJ5YW5uV2Jjc1hEaTUrU3REUHZxME51M2tBRFN5WHk4NGRwNFZRekEwNzByYm9zK2Q2c3VGVE9JSmV0VnJrYSIsIm1hYyI6IjQ0MDkwZGFhOWQ4OGU4MGIzZTc3ODFkNTAxZWM5ZGFiNjNiZTJiOWE2YjA5YzI0NDM2NDBhNjUzMjU4NDM3MjUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/bWKv9ztFz8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/bWKv9ztFz8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
last-modified: Sat, 14 Mar 2020 00:25:06 GMT
server: LiteSpeed
etag: "16-5e6c2462-441908;;;"
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 22
expires: Sat, 21 Aug 2021 04:27:58 GMT

GET
H3-29 200 app.min.js Show response
paste.co.id/js/ 1 KB
710 B 81ms
79ms Script
application/x-javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/app.min.js?v=1.5
Requested by: Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93

Request headers

:path: /js/app.min.js?v=1.5
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IjFWZ2NiU3lEdHhDZVJUTk1ENTlFd3c9PSIsInZhbHVlIjoiU1JUMG1cL1pwdk9GeklxTXU2MzZRWVRpS0lzSzZ6NFpMTm5zNlwvNE81aXN5eHhpVGtnNE52SHhxeVpxSDMrMjVyIiwibWFjIjoiMmQwYjU5M2RmZDcxY2E0Y2M3MWM4NzhiYjJkODhlZDM2YTIyZTkxOGU3MDQ5ZTAyOWVjOTkxY2E5ODUwODYzYSJ9; pasteshr_session=eyJpdiI6Im1sOXNsWmZkaHZBQWFXTDZ2OXp5RFE9PSIsInZhbHVlIjoiVzJ5YW5uV2Jjc1hEaTUrU3REUHZxME51M2tBRFN5WHk4NGRwNFZRekEwNzByYm9zK2Q2c3VGVE9JSmV0VnJrYSIsIm1hYyI6IjQ0MDkwZGFhOWQ4OGU4MGIzZTc3ODFkNTAxZWM5ZGFiNjNiZTJiOWE2YjA5YzI0NDM2NDBhNjUzMjU4NDM3MjUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/bWKv9ztFz8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/bWKv9ztFz8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: br
last-modified: Sat, 14 Mar 2020 00:34:12 GMT
server: LiteSpeed
etag: "5b0-5e6c2684-4418f7;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 643
expires: Sat, 21 Aug 2021 04:27:58 GMT

GET
H3-29 200 prism.js Show response
paste.co.id/plugins/prismjs/ 328 KB
112 KB 81ms
79ms Script
application/x-javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a

Request headers

:path: /plugins/prismjs/prism.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IjFWZ2NiU3lEdHhDZVJUTk1ENTlFd3c9PSIsInZhbHVlIjoiU1JUMG1cL1pwdk9GeklxTXU2MzZRWVRpS0lzSzZ6NFpMTm5zNlwvNE81aXN5eHhpVGtnNE52SHhxeVpxSDMrMjVyIiwibWFjIjoiMmQwYjU5M2RmZDcxY2E0Y2M3MWM4NzhiYjJkODhlZDM2YTIyZTkxOGU3MDQ5ZTAyOWVjOTkxY2E5ODUwODYzYSJ9; pasteshr_session=eyJpdiI6Im1sOXNsWmZkaHZBQWFXTDZ2OXp5RFE9PSIsInZhbHVlIjoiVzJ5YW5uV2Jjc1hEaTUrU3REUHZxME51M2tBRFN5WHk4NGRwNFZRekEwNzByYm9zK2Q2c3VGVE9JSmV0VnJrYSIsIm1hYyI6IjQ0MDkwZGFhOWQ4OGU4MGIzZTc3ODFkNTAxZWM5ZGFiNjNiZTJiOWE2YjA5YzI0NDM2NDBhNjUzMjU4NDM3MjUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/bWKv9ztFz8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/bWKv9ztFz8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: br
last-modified: Sat, 24 Nov 2018 17:17:38 GMT
server: LiteSpeed
etag: "521a1-5bf987b2-4c4790;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 114523
expires: Sat, 21 Aug 2021 04:27:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
40 KB 42ms
20ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-174907544-1

Requested by

Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3d0117695832e89c6c003f7846b90435283e192220600b2800d9c653f6a68180

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40915
x-xss-protection: 0
last-modified: Sat, 14 Aug 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 14 Aug 2021 04:27:58 GMT

GET
H2 200 tag.min.js Show response
iclickcdn.com/ 59 KB
21 KB 41ms
17ms Script
text/javascript 2606:4700:20::681a:d76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iclickcdn.com/tag.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d155915dc255556fb696d51d847d0070941c6fc2f9ce03d869681b30b9222b24

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
age: 59645
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
x-trace-id: ed256e463937c1059f2c81e64e1e727f
pragma: no-cache
last-modified: Fri, 13 Aug 2021 11:25:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngdYSGMw1EE5VP%2BcaJ2d7ZSlzoNDwZ6ILfiX2oTUzgWwuIYRnvOFQyfSFr9tChEcrpBp%2B4RYwpnD1Iuo7Jclw2jTx3IEutkbqn%2FIkMOhe3cTvAioIQ%2BKhyTKWc7O9QDE7h2SzJylBjLiYT8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 67e76f07ae40073e-FRA
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Sat, 14 Aug 2021 11:53:52 GMT

GET
H3-29 200 Roboto-Light.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 56ms
55ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Light.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75

Request headers

sec-fetch-mode: cors
origin: https://paste.co.id
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6IjFWZ2NiU3lEdHhDZVJUTk1ENTlFd3c9PSIsInZhbHVlIjoiU1JUMG1cL1pwdk9GeklxTXU2MzZRWVRpS0lzSzZ6NFpMTm5zNlwvNE81aXN5eHhpVGtnNE52SHhxeVpxSDMrMjVyIiwibWFjIjoiMmQwYjU5M2RmZDcxY2E0Y2M3MWM4NzhiYjJkODhlZDM2YTIyZTkxOGU3MDQ5ZTAyOWVjOTkxY2E5ODUwODYzYSJ9; pasteshr_session=eyJpdiI6Im1sOXNsWmZkaHZBQWFXTDZ2OXp5RFE9PSIsInZhbHVlIjoiVzJ5YW5uV2Jjc1hEaTUrU3REUHZxME51M2tBRFN5WHk4NGRwNFZRekEwNzByYm9zK2Q2c3VGVE9JSmV0VnJrYSIsIm1hYyI6IjQ0MDkwZGFhOWQ4OGU4MGIzZTc3ODFkNTAxZWM5ZGFiNjNiZTJiOWE2YjA5YzI0NDM2NDBhNjUzMjU4NDM3MjUifQ%3D%3D
:path: /font/roboto/Roboto-Light.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: paste.co.id
referer: https://paste.co.id/css/mdb.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
etag: "c0e4-5be452f6-900467;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 49380
expires: Sat, 21 Aug 2021 04:27:58 GMT

GET
H3-29 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 27ms
18ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://paste.co.id
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617, 617
age: 2345420
cdn-cachedat: 2021-06-08 21:27:38
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: cdafe510690689dc875ca0596a5bcb9b
accept-ranges: bytes
cf-ray: 67e76f079c8a9724-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-29 200 Roboto-Regular.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 71ms
70ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Regular.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0

Request headers

sec-fetch-mode: cors
origin: https://paste.co.id
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6IjFWZ2NiU3lEdHhDZVJUTk1ENTlFd3c9PSIsInZhbHVlIjoiU1JUMG1cL1pwdk9GeklxTXU2MzZRWVRpS0lzSzZ6NFpMTm5zNlwvNE81aXN5eHhpVGtnNE52SHhxeVpxSDMrMjVyIiwibWFjIjoiMmQwYjU5M2RmZDcxY2E0Y2M3MWM4NzhiYjJkODhlZDM2YTIyZTkxOGU3MDQ5ZTAyOWVjOTkxY2E5ODUwODYzYSJ9; pasteshr_session=eyJpdiI6Im1sOXNsWmZkaHZBQWFXTDZ2OXp5RFE9PSIsInZhbHVlIjoiVzJ5YW5uV2Jjc1hEaTUrU3REUHZxME51M2tBRFN5WHk4NGRwNFZRekEwNzByYm9zK2Q2c3VGVE9JSmV0VnJrYSIsIm1hYyI6IjQ0MDkwZGFhOWQ4OGU4MGIzZTc3ODFkNTAxZWM5ZGFiNjNiZTJiOWE2YjA5YzI0NDM2NDBhNjUzMjU4NDM3MjUifQ%3D%3D
:path: /font/roboto/Roboto-Regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: paste.co.id
referer: https://paste.co.id/css/mdb.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
etag: "c054-5be452f6-900463;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 49236
expires: Sat, 21 Aug 2021 04:27:58 GMT

GET
H3-29 200 Roboto-Bold.woff2
paste.co.id/font/roboto/ 49 KB
49 KB 43ms
42ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Bold.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716

Request headers

sec-fetch-mode: cors
origin: https://paste.co.id
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6IjFWZ2NiU3lEdHhDZVJUTk1ENTlFd3c9PSIsInZhbHVlIjoiU1JUMG1cL1pwdk9GeklxTXU2MzZRWVRpS0lzSzZ6NFpMTm5zNlwvNE81aXN5eHhpVGtnNE52SHhxeVpxSDMrMjVyIiwibWFjIjoiMmQwYjU5M2RmZDcxY2E0Y2M3MWM4NzhiYjJkODhlZDM2YTIyZTkxOGU3MDQ5ZTAyOWVjOTkxY2E5ODUwODYzYSJ9; pasteshr_session=eyJpdiI6Im1sOXNsWmZkaHZBQWFXTDZ2OXp5RFE9PSIsInZhbHVlIjoiVzJ5YW5uV2Jjc1hEaTUrU3REUHZxME51M2tBRFN5WHk4NGRwNFZRekEwNzByYm9zK2Q2c3VGVE9JSmV0VnJrYSIsIm1hYyI6IjQ0MDkwZGFhOWQ4OGU4MGIzZTc3ODFkNTAxZWM5ZGFiNjNiZTJiOWE2YjA5YzI0NDM2NDBhNjUzMjU4NDM3MjUifQ%3D%3D
:path: /font/roboto/Roboto-Bold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: paste.co.id
referer: https://paste.co.id/css/mdb.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
etag: "c338-5be452f6-900465;;;"
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 49976
expires: Sat, 21 Aug 2021 04:27:58 GMT

GET
H2 200 / Show response
bedrapiona.com/5/3724584/ 3 KB
2 KB 101ms
35ms XHR
application/json 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/3724584/?oo=1
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: eeaa0cd3b78f62abc84aafe6001c7df531b4fd569ad3e8df7939ad8d757ebbaf

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 68d8351f173749e772ec412a1222c91d
pragma: no-cache, no-cache
date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: gzip
server: nginx
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://e2ertt.com>; rel="preconnect dns-prefetch"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://paste.co.id
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/ 252 KB
93 KB 43ms
30ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4712388827405335&plah=paste.co.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95570
x-xss-protection: 0
server: cafe
etag: 10066065015092213272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 14 Aug 2021 04:27:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/ Frame 38AE 10 KB
5 KB 26ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210809/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 13 Aug 2021 21:06:33 GMT
expires: Fri, 27 Aug 2021 21:06:33 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 26485
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 paste.co.id.997452.es6.js Show response
jsc.mgid.com/p/a/ 229 KB
64 KB 77ms
54ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 367ea4a2337e669a6eeec1f614332c274bb6bb42706d0676516bd43c0c4ac0f5

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 11CXMGF7BE7R9ZHG
last-modified: Wed, 11 Aug 2021 13:01:06 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: 0xtPTgHB/wHf9660SoPT9OcVmUVdP/+9OORXAJzMN5U27Od/cKGF1hocDsjfVQ16q1bVKjvb96o=
cf-bgj: minify
server: cloudflare
etag: W/"66d496ae6cda6046a274cae77419fd34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 67e76f086a720834-CDG
expires: Sat, 14 Aug 2021 07:27:58 GMT

GET
H2 200 zone Show response
seeptoag.net/ 696 B
980 B 34ms
33ms Fetch
application/json 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/zone?pub=0&zone_id=3534037&is_mobile=false&domain=paste.co.id&var=&ymid=&var_3=

Requested by

Host: seeptoag.net
URL: https://seeptoag.net/ntfc.php?p=3534037

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5722a26c28955f49b4f7e69f45c192bc8b4127a4323390e149f6c1835e957869

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: e808d8d245f90df565352ace92b2f39d
date: Sat, 14 Aug 2021 04:27:58 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 696

GET
H2 200 universal.min.js Show response
seeptoag.net/pfe/current/ 106 KB
38 KB 115ms
49ms Fetch
application/javascript 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/pfe/current/universal.min.js?v=3.1.309
Requested by: Host: seeptoag.net
URL: https://seeptoag.net/ntfc.php?p=3534037
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 35751fd45cc96fc57e090b12cb1e4be8c29c99c930cc679874c6a9009c64b2f1

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 13:13:56 GMT
server: nginx
etag: W/"61127b94-1a71b"
content-type: application/javascript
access-control-allow-origin: https://paste.co.id
cache-control: no-cache
access-control-allow-credentials: true

GET
H3-29 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/ 10 KB
4 KB 12ms
12ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/plugins/prismjs/prism.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 195727
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2905
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e29-29a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ptrl9hxXwLgBgJeaLKp9jwuS2J18U%2FbuEWlWrUm%2BFbxctfNG0sYcVeaO2ag%2BKgtVeVPdUCGyYtG8wFXj7rA4EfXfVYXi4ndVuxJLPAtacoREoUedIK5hjWfA%2F64r1xINRwTksd%2FhGsB77d4LZpfeytzl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 67e76f09bfa04ecd-FRA
expires: Thu, 04 Aug 2022 04:27:58 GMT

GET
H2 200 3724582 Show response
dozubatan.com/400/ 83 KB
30 KB 118ms
49ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dozubatan.com/400/3724582

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

503a5e90dfb6d6465fc14e26be82d59b7f67d45a538f64d480297db30406db79

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: d7ee2b2e3b3e2daabf4b6d3b4934229d
pragma: no-cache
date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 tag.min.js Show response
pseepsie.com/pfe/current/ 15 KB
6 KB 100ms
30ms Script
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pseepsie.com/pfe/current/tag.min.js?z=4022315
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 3ccbdd96d449ac73068148c6aee1355929c04a639071892b79a98ea8f710b49b

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 13:13:56 GMT
server: nginx
etag: W/"61127b94-3bfd"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 1 Show response
toglooman.com/ 7 KB
4 KB 100ms
33ms Script
text/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/1?z=3724583
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7a60efa64737080679b01847ab127ed07a7cbfd541ec5c693caf2b7cc06f2417

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: gzip
x-sc: YXslUcTJL6KvCcJMS2Nh_3sLDf4D8Jiqq8sZ6hByOtQmt3lSGPB0e5Tbl4UwjcwB4AiLrhWKfC6rYzpDk1KgRslYWHI=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fac.php Show response
onmarshtompor.com/ Frame 81DE 203 B
833 B 95ms
30ms Document
text/html 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/fac.php?OAID=2a0c2932fd0c4f45b5bbe1335bf4158e&oaidts=1628915278

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

98c6714c552faeabfd6762b7d4293ae20071e173f970c99377e1d2c3afde0429

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onmarshtompor.com
:scheme: https
:path: /fac.php?OAID=2a0c2932fd0c4f45b5bbe1335bf4158e&oaidts=1628915278
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

server: nginx
date: Sat, 14 Aug 2021 04:27:58 GMT
content-type: text/html; charset=utf8
content-length: 203
x-trace-id: d589a5a014ac2478413f6fba544d75eb
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
set-cookie: OAID=2a0c2932fd0c4f45b5bbe1335bf4158e; expires=Sun, 14 Aug 2022 04:27:58 GMT; path=/; secure; SameSite=None oaidts=1628915278; expires=Sun, 14 Aug 2022 04:27:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff

POST
H3-29 200 get-paste Show response
paste.co.id/ 4 KB
4 KB 1972ms
1971ms XHR
application/json 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/get-paste
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: c8357fc0dabde282a40f3726ae350efd8d572c9d92b9410c4e625668cae224e4

Request headers

sec-fetch-mode: cors
origin: https://paste.co.id
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: XSRF-TOKEN=eyJpdiI6IjFWZ2NiU3lEdHhDZVJUTk1ENTlFd3c9PSIsInZhbHVlIjoiU1JUMG1cL1pwdk9GeklxTXU2MzZRWVRpS0lzSzZ6NFpMTm5zNlwvNE81aXN5eHhpVGtnNE52SHhxeVpxSDMrMjVyIiwibWFjIjoiMmQwYjU5M2RmZDcxY2E0Y2M3MWM4NzhiYjJkODhlZDM2YTIyZTkxOGU3MDQ5ZTAyOWVjOTkxY2E5ODUwODYzYSJ9; pasteshr_session=eyJpdiI6Im1sOXNsWmZkaHZBQWFXTDZ2OXp5RFE9PSIsInZhbHVlIjoiVzJ5YW5uV2Jjc1hEaTUrU3REUHZxME51M2tBRFN5WHk4NGRwNFZRekEwNzByYm9zK2Q2c3VGVE9JSmV0VnJrYSIsIm1hYyI6IjQ0MDkwZGFhOWQ4OGU4MGIzZTc3ODFkNTAxZWM5ZGFiNjNiZTJiOWE2YjA5YzI0NDM2NDBhNjUzMjU4NDM3MjUifQ%3D%3D; __PPU_BACKCLCK_3724584=true
content-length: 63
:path: /get-paste
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: paste.co.id
referer: https://paste.co.id/bWKv9ztFz8
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://paste.co.id/bWKv9ztFz8
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 14 Aug 2021 04:28:00 GMT
server: LiteSpeed
x-ratelimit-remaining: 58
content-type: application/json
cache-control: no-cache, private
x-ratelimit-limit: 60
set-cookie: XSRF-TOKEN=eyJpdiI6InE0UFlhYkNxMjJ0VDAxZ1hvVldMY2c9PSIsInZhbHVlIjoiK2hKeExMcm1UaGpPbTRqQUNkRzk0VU5mdUhmdk5OdkpLTUd1dXlNRmdTRWtaVStOYzZDRURkSGI4M1Y4RFZMZyIsIm1hYyI6Ijg0ZDliZGU4OTZmMDYzMzM1NDBhYzk5OWE2NjhkZGJjNWFkYzkxYmE2YTEwNTg0N2FhNDAzZmFkNGI1ZDI0MDcifQ%3D%3D; expires=Sat, 14-Aug-2021 06:28:00 GMT; Max-Age=7200; path=/ pasteshr_session=eyJpdiI6IkVBQ0hLekJqM3Q4R2w5WXp2OWtzZFE9PSIsInZhbHVlIjoid3VvTlROcUtOU2JOK3FEOU5IVnkwQ2tjT293MEg3V1NSREl1QzJMckkrR3FwVHJiRTdVS1Vub3U2VzFGTjBqeSIsIm1hYyI6ImUwN2MzMTdhOGQwNGIxZTM3Mzg0Y2Y0NjEyYTVkN2M5MWI2NjI0NGQ3M2U0NDk2ODE5YWVjNGQxZThjZjc2NTcifQ%3D%3D; expires=Sat, 14-Aug-2021 06:28:00 GMT; Max-Age=7200; path=/; httponly
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3757

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
656 B 101ms
37ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=paste.co.id&callback=_gfp_s_&client=ca-pub-4712388827405335

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4712388827405335&plah=paste.co.id

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

6b516b5d98e7b3dffe572eb09e2dd2d07745168463c9d9066d11fa1fb612cedf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 36ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=paste.co.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 36ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paste.co.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2F61 12 KB
4 KB 98ms
85ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1628915278&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628915278104&bpp=2&bdt=310&idt=270&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4378604846523&frm=20&pv=2&ga_vid=352520918.1628915278&ga_sid=1628915278&ga_hid=1217153136&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C31062297&oid=3&pvsid=2855949837188812&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=281

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1e869b14b92650079313659af5a7694609d87361655bc63fee03c93cf60918b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1628915278&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628915278104&bpp=2&bdt=310&idt=270&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4378604846523&frm=20&pv=2&ga_vid=352520918.1628915278&ga_sid=1628915278&ga_hid=1217153136&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C31062297&oid=3&pvsid=2855949837188812&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=281
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 14 Aug 2021 04:27:58 GMT
server: cafe
content-length: 4581
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 14-Aug-2021 04:42:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 14 Aug 2021 04:27:58 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7761979199bf20d25fe4726392f9e6c268295e5d179b2bb5a683cb10fb6ad0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628854342869989"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27733
x-xss-protection: 0
expires: Sat, 14 Aug 2021 04:27:58 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 48ms
33ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137362802-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-174907544-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b830d0dadcba5e1c65ba915eea0be312fc4aece1c43627cc6e109bbe6c252ba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40930
x-xss-protection: 0
last-modified: Sat, 14 Aug 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 14 Aug 2021 04:27:58 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 96ms
32ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ef948a40ebec2139fb14c246e85c06c01b4cb4f0afe36403e1106772b41feb3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

OPTIONS
H2 200 custom
seeptoag.net/ Frame 0
0 32ms
32ms Preflight
text/plain 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: H2
Server: 139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 14 Aug 2021 04:27:58 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

POST
H2 200 custom Show response
seeptoag.net/ 39 B
322 B 33ms
32ms Fetch
application/json 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 32ac6b32049f1be5e9a70862375c6c84
date: Sat, 14 Aug 2021 04:27:58 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
540 B 85ms
33ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=75c70e8677d44d129cda10077323f9ef&zoneId=3534037&checkDuplicate=true&ymid=&var=

Requested by

Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4831c01b82e4037c01c51e6936cb0e9b630082a7bb72325086c0a18c83afb317

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137362802-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 4457
date: Sat, 14 Aug 2021 03:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Sat, 14 Aug 2021 05:13:41 GMT

GET
H2 200 e7a959b3ff1528f9d4a38ed63f661a7b Show response
toglooman.com/27/ 362 KB
119 KB 48ms
47ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://toglooman.com/27/e7a959b3ff1528f9d4a38ed63f661a7b

Requested by

Host: toglooman.com
URL: https://toglooman.com/1?z=3724583

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

18da111eb5ece7a9f442894197a95bdc0fe92c7327fcb5a1b4451ed615f9f70f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 30 Jul 2021 07:48:38 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age:290304000, public
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Fri, 29 Aug 2081 07:48:38 GMT

GET
H2 200 38 Show response
toglooman.com/42/ 0
495 B 86ms
85ms Script
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/42/38?z=3724583
Requested by: Host: toglooman.com
URL: https://toglooman.com/1?z=3724583
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:58 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 img.gif
my.rtmark.net/ Frame 81DE 43 B
490 B 39ms
32ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=2a0c2932fd0c4f45b5bbe1335bf4158e

Requested by

Host: onmarshtompor.com
URL: https://onmarshtompor.com/fac.php?OAID=2a0c2932fd0c4f45b5bbe1335bf4158e&oaidts=1628915278

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://onmarshtompor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 zone Show response
pseepsie.com/ 665 B
949 B 33ms
32ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pseepsie.com/zone?pub=0&zone_id=4022315&is_mobile=false&domain=paste.co.id&var=&ymid=&var_3=

Requested by

Host: pseepsie.com
URL: https://pseepsie.com/pfe/current/tag.min.js?z=4022315

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d4d288693ec77b1dfe91b78d205bb03ed3098d09c59e12e739ba78c5748790f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 3cc9417729629d5c4dc2a8dc23fdc019
date: Sat, 14 Aug 2021 04:27:58 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 665

GET
H2 200 universal.min.js Show response
pseepsie.com/pfe/current/ 106 KB
38 KB 92ms
30ms Fetch
application/javascript 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pseepsie.com/pfe/current/universal.min.js?v=3.1.309
Requested by: Host: pseepsie.com
URL: https://pseepsie.com/pfe/current/tag.min.js?z=4022315
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 35751fd45cc96fc57e090b12cb1e4be8c29c99c930cc679874c6a9009c64b2f1

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:52 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 13:13:52 GMT
server: nginx
etag: W/"61127b90-1a71b"
content-type: application/javascript
access-control-allow-origin: https://paste.co.id
cache-control: no-cache
access-control-allow-credentials: true

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 28ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=paste.co.id

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 28ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paste.co.id

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7CD9 436 B
236 B 83ms
83ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=1213588912&adf=2125710545&pi=t.aa~a.2711115096~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1628915278&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628915278505&bpp=2&bdt=711&idt=2&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D352714a05e9f78ce-222e1f8aabc900e4%3AT%3D1628915278%3ART%3D1628915278%3AS%3DALNI_MajRgDZKpYw45-2huuHJSOOG2Mcqw&prev_fmts=0x0&nras=2&correlator=4378604846523&frm=20&pv=1&ga_vid=352520918.1628915278&ga_sid=1628915278&ga_hid=1217153136&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C31062297&oid=3&pvsid=2855949837188812&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7xI1GRBZvX&p=https%3A//paste.co.id&dtd=8

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ca16f19330f12dbffa95b51af2556f3f25a2c2df85e43ca031529e5dc34c002

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=1213588912&adf=2125710545&pi=t.aa~a.2711115096~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1628915278&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628915278505&bpp=2&bdt=711&idt=2&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D352714a05e9f78ce-222e1f8aabc900e4%3AT%3D1628915278%3ART%3D1628915278%3AS%3DALNI_MajRgDZKpYw45-2huuHJSOOG2Mcqw&prev_fmts=0x0&nras=2&correlator=4378604846523&frm=20&pv=1&ga_vid=352520918.1628915278&ga_sid=1628915278&ga_hid=1217153136&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1347&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062182%2C31062297&oid=3&pvsid=2855949837188812&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7xI1GRBZvX&p=https%3A//paste.co.id&dtd=8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 14 Aug 2021 04:27:58 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: IDE=AHWqTUm3TppVA33IHtyB2G4OnG39DaZKZI4UTDU-YMQI7akARDS4i5bTgy9SzTWCeUA; expires=Thu, 08-Sep-2022 04:27:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 14 Aug 2021 04:27:58 GMT
cache-control: private

GET
H2 200 3509488 Show response
inpagepush.com/500/ 5 KB
3 KB 188ms
188ms XHR
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3509488?excludes=&oaid=c9fd0c7102a34a47a803e0f4b615d3c5&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&pl=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3c0060c1fa02b1f606902d3ca10696502913fb2a0ff44015a751b1ea9bba8706

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 28c2e35af54397c5141af80e07c48acf
pragma: no-cache
date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H2 200 3509488
inpagepush.com/500/ Frame 0
0 97ms
32ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 14 Aug 2021 04:27:58 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://paste.co.id
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
14ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1217153136&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&ul=en-us&de=UTF-8&dt=Ryan%20Reynolds%20(Almost)%20Saves%20Free%20Guy%2C%20Believe%20It%20or%20Not%20(2021)%20-%20Paste.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=366351668&gjid=363600718&cid=352520918.1628915278&tid=UA-137362802-1&_gid=770271417.1628915279&_r=1&gtm=2ou8b0&z=1971738501

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 25ms
14ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1217153136&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&ul=en-us&de=UTF-8&dt=Ryan%20Reynolds%20(Almost)%20Saves%20Free%20Guy%2C%20Believe%20It%20or%20Not%20(2021)%20-%20Paste.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAUABAAAAAC~&jid=69129111&gjid=770944284&cid=352520918.1628915278&tid=UA-174907544-1&_gid=770271417.1628915279&_r=1&gtm=2ou8b0&z=402359248

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
onmarshtompor.com/ 2 KB
2 KB 33ms
33ms Fetch
application/json 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/?rb=qAPyIoJY64eGXcEi04p33YXX3YShht1DUirMbaw0MnryTSLL88XP2zVqsyiy3cL3xUohSyFAWrvQq0vhqw1UOPh8ZyOHtFXWr_IuQ58n7hf8UhWMytZ7SIAAxi_hoemU4we6DffIs-2f2G8-IX1INZchjcwaBJpgFxxQXZb_o8M47Oe2pJSZnQdV5hJx2N7h1Z-Uxevs8XmtKGELcdf7ZOYWojbRqcfLZ0zK08iN_2B1l19toK4jlahVbMq6NWA7QBhqKtvIws1HzIyWJaozkw%3D%3D&zoneid=3724584&request_ab2=24103&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&pl=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=1&os=other&os_version=other&m=link

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

a962e0e8562144d287e083b798e4f1d920f5f6772975dd5a44559b5748a08386

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://paste.co.id
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 online.js Show response
static.lalaping.com/ 84 KB
34 KB 42ms
19ms Script
application/javascript 2606:4700:20::ac43:4b21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lalaping.com/online.js?ver=2.0.0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/e7a959b3ff1528f9d4a38ed63f661a7b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 17:10:39 GMT
server: cloudflare
age: 6282
etag: W/"5fbbed0f-14f3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWEXtZpyvXjC096EFTsVaAiHncl9T53Fy0ngI8Th%2B7DlC4YSV89rAIn2C5SeOd467h438easc7822WSQMQwGmHTR821v%2Fnx99Lyd70BLZDhoK011AdQnh%2BLm4OhZwKJzVu0%2FzFh1w2Sd7w0%2BExG%2FWRQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 67e76f0b7ec6dfc7-FRA

POST
H2 204 9 Show response
toglooman.com/ 0
506 B 34ms
33ms XHR
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=3724583&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&sah=1200&drf=&hil=2&ist=0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/e7a959b3ff1528f9d4a38ed63f661a7b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:58 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 9
toglooman.com/ Frame 0
0 97ms
32ms Preflight 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=3724583&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&sah=1200&drf=&hil=2&ist=0
Protocol: H2
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 14 Aug 2021 04:27:58 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://paste.co.id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
431 B 42ms
15ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-137362802-1&cid=352520918.1628915278&jid=366351668&gjid=363600718&_gid=770271417.1628915279&_u=YAhAAUAAAAAAAC~&z=1754838737

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 14 Aug 2021 04:27:58 GMT
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 defaultSkin.min.js Show response
seeptoag.net/pfe/current/ 56 KB
19 KB 37ms
37ms Fetch
application/javascript 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/pfe/current/defaultSkin.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: gzip
last-modified: Tue, 10 Aug 2021 13:13:56 GMT
server: nginx
etag: W/"61127b94-df63"
content-type: application/javascript
access-control-allow-origin: https://paste.co.id
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
254 B 17ms
17ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-137362802-1&cid=352520918.1628915278&jid=366351668&_u=YAhAAUAAAAAAAC~&z=670625973

Requested by

Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 37ms
18ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-137362802-1&cid=352520918.1628915278&jid=366351668&_u=YAhAAUAAAAAAAC~&z=670625973

Requested by

Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 5 KB
5 KB 25ms
22ms Image
image/png 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5087
x-xss-protection: 0
expires: Sat, 14 Aug 2021 04:27:58 GMT

GET
H3-29 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 25ms
23ms Image
image/png 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5969
x-xss-protection: 0
expires: Sat, 14 Aug 2021 04:27:58 GMT

GET
H3-29 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 13 KB
13 KB 27ms
25ms Image
image/png 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13504
x-xss-protection: 0
expires: Sat, 14 Aug 2021 04:27:58 GMT

GET
H3-29 200 googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 7 KB
7 KB 25ms
23ms Image
image/png 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
expires: Sat, 14 Aug 2021 04:27:58 GMT

GET
H3-29 200 googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 4 KB
4 KB 26ms
25ms Image
image/png 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3934
x-xss-protection: 0
expires: Sat, 14 Aug 2021 04:27:58 GMT

GET
DATA 200
OK truncated
/ Frame 627A 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H2 200 custom
seeptoag.net/ Frame 0
0 32ms
32ms Preflight
text/plain 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: H2
Server: 139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 14 Aug 2021 04:27:58 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

POST
H2 200 custom Show response
seeptoag.net/ 39 B
322 B 33ms
33ms Fetch
application/json 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: d2d6e8658ddb016f67b2e2b62dfabd6d
date: Sat, 14 Aug 2021 04:27:58 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

OPTIONS
H2 200 custom
seeptoag.net/ Frame 0
0 32ms
32ms Preflight
text/plain 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: H2
Server: 139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 14 Aug 2021 04:27:58 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba45b9535d8b81f446e72a0f37425bb253fe5a084d71d58830fb19f48d3f3529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49910
x-xss-protection: 0
server: cafe
etag: 16784155829801746734
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 14 Aug 2021 04:27:58 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 31ms
18ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210809&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

472a9a21685222790a3867e8d7c84df9a0e4ac9b39a9ee26853d34c22c94d2e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8514
x-xss-protection: 0

POST
H2 200 custom Show response
seeptoag.net/ 39 B
322 B 33ms
32ms Fetch
application/json 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/bWKv9ztFz8

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: c8afbabb113aa114bfb7feeceb66dc58
date: Sat, 14 Aug 2021 04:27:58 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H2 200 / Show response
c.mgid.com/pv/ 0
281 B 141ms
139ms Script
text/plain 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1628915278744469781408&uniqId=03296&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&lu=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&sessionId=6117464f-09f60&pageView=1&pvid=17b42eaa398821134bf&site=414527&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67e76f0c3f8d3323-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 35ms
31ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 4325
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: B9201827F81D32DC
x-amz-id-2: oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 67e76f0c5f9b3323-CDG
expires: Sun, 15 Aug 2021 04:27:58 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
880 B 29ms
27ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: br
cf-cache-status: HIT
age: 14
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 67e76f0c5f993323-CDG
expires: Sun, 15 Aug 2021 04:27:58 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 50ms
31ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sat, 14 Aug 2021 04:27:58 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 309A 12 KB
5 KB 21ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 13 Aug 2021 20:35:50 GMT
expires: Sat, 13 Aug 2022 20:35:50 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 28328
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 06F5 783 B
533 B 15ms
14ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f66da870a7849af122f5e187a3d09f55cd28992e0b80ac7082e76e1efb74fdae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7UB27YcQG2+to20UJsR3rA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

expires: Sat, 14 Aug 2021 04:27:58 GMT
date: Sat, 14 Aug 2021 04:27:58 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-7UB27YcQG2+to20UJsR3rA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 0738745987824.png
static.cdnativepush.com/contents/s/27/37/a4/8fd12ad9d8597ca0ddca80c749/ 577 B
1 KB 131ms
32ms Image
image/png 139.45.197.156
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/27/37/a4/8fd12ad9d8597ca0ddca80c749/0738745987824.png
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b0e7fadc3bee4745eb7e38e7684dc1ab8ffb8639d16f1ebdc21cbca2f9dbcc0b

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 14 Aug 2021 04:27:58 GMT
Last-Modified: Thu, 21 Feb 2019 14:00:06 GMT
Server: nginx
ETag: "5c6eaee6-241"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 577

GET
H3-29 200 1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js Show response
pagead2.googlesyndication.com/bg/ Frame 309A 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 12 Aug 2021 16:00:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 131256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13373
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 09:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Aug 2022 16:00:22 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 29ms
29ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210809&jk=2855949837188812&bg=!9vWl9bHNAAbOj6irzo87ACkAdvg8Wuav9gBcJTEFyBDI-5mT7ddyOc1rMGtpu_dlvH2I_93EBo4TRwIAAABFUgAAAAtoAQcKACowH0QjQ077QzpwImkOyajaAvCDOEWXYxwvhFvYoPdmb-6opotpsFAjHbyZAoXqF5cHy551KltkU48fS-XLOUwlGl_vHxm-T95pmPd6fGrscD17ElLqYn66fjtEpv_9OGhn2i89P4MUpvQITBsXEr7o3cyJZWJadev23sSAW13slunYNAPqONDMm4KA-VfjIbgjiDSs5UiSiiJpo6daIV-A8ZYxobJ009QtdQwJrKDGpQvRd47tNZv_nuY5YFhD5OadJ04vOoKsi67ECXxyVz8f2JgxhCGIkcCHE1Nnahn2EcpAVa0q9RV-K0vQbb9d4SxNwkgJrS5tzEj5xtMIEyfeLtd0czeCvdUY9Ngu2KnOpKdSVbaCJtie3bINpgoOQMPj8aZnGRwxI-gdi37FlHQLwLXIN38QKCLhRVtf2gN5LVj0Mox3yFrcmFHbWo1aDeT28rsKsDl5kob5nJo8TstnKC01GmAKlJCs7zBdOiJFOApjA6Qy4Gm4krZF01U8QKetz23MF3y6Vn7LJ5XbHd7GVXaDFoOzHFTjGutafv7-E8n7aU4r0UzDc4QKeNuqbwiljKSTfauYJTIEEtcIU3aqhQScop7iCVrc5Qp_VOUfVC4TiMk-j3tzo7ZD8zgUwaEti7Q5WgUejiYHohgpJvdFN7e1W_FpgSSNQH9Zoq7oGJRdn_lIhKa-EU4yYUqRcjGrZAKg98JXN4cikpXCj4wo8baIqbTqQhXlkO6kCyCUgybDCAqxpHLSF5gV2WKrnxyOhFd22E4gqLqwrWAdmAdUgq7Y7_B2YzL4iuUpWAdHzBy2qkdNb3aMGkjQoBvbaSfssXHW9CtG3z2-06LAMsdIwQDhCgSLnfnGwXe7iW0CRFaLwkkbFaPvaWpR_ofbgYmZwYo-uI34-sXbzwPlMD5vlIk

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
2 KB 80ms
78ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?pv=5&cbuster=1628915279022842853223&uniqId=03296&niet=4g&nisd=false&jsv=es6&w=840&h=249&p3_w=201&p3_h=203&maxw_3=201&maxh_3=203&cols=4&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&lu=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&sessionId=6117464f-09f60&pageView=1&pvid=17b42eaa398821134bf&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c378fc1fa0ceb951a53437f20f0576f915f4c6a90403557914faf45fb90deb92

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67e76f0de82b3323-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 91ms
90ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?w=840&h=249&p3_w=201&p3_h=203&maxw_3=201&maxh_3=203&cols=4&pv=5&cbuster=1628915279022345809580&uniqId=11c1f&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&lu=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&sessionId=6117464f-09f60&pageView=0&pvid=17b42eaa398821134bf&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 979309bcc341dd1f7243eebf66bd8686ef9fdc23a8b66e64f6ef0a7e541db659

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67e76f0de82c3323-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 86ms
85ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?w=255&h=441&p3_w=90&p3_h=177&maxw_3=90&maxh_3=177&cols=2&pv=5&cbuster=1628915279022710901734&uniqId=120ec&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&lu=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&sessionId=6117464f-09f60&pageView=0&pvid=17b42eaa398821134bf&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2904678e69e54e7e5a02df9819cde9538ce3087f24efd81d403f21da850054a8

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67e76f0de82d3323-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 26ms
25ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:59 GMT
content-encoding: br
cf-cache-status: HIT
age: 4326
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: B9201827F81D32DC
x-amz-id-2: oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 67e76f0e8d5f0834-CDG
expires: Sun, 15 Aug 2021 04:27:59 GMT

GET
H3-29 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 30ms
29ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:59 GMT
content-encoding: br
cf-cache-status: HIT
age: 15
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 50VWJQBT5W4QYKJG
x-amz-id-2: xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 67e76f0e8d610834-CDG
expires: Sun, 15 Aug 2021 04:27:59 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTItMDgvMTAxOTI0L2RlYTMyMDQ1ZDc5MGYxNWE1ZjZiYzIzOGRmOTNiOTU2LmpwZWc_dD0xNTQ0Mjc4Mzg1Mjk1.webp
s-img.mgid.com/g/8164878/492x328/0x10x1080x720/ 6 KB
7 KB 72ms
28ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164878/492x328/0x10x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTItMDgvMTAxOTI0L2RlYTMyMDQ1ZDc5MGYxNWE1ZjZiYzIzOGRmOTNiOTU2LmpwZWc_dD0xNTQ0Mjc4Mzg1Mjk1.webp?v=1628915279-CQJt9F7NeON2Ms-FuUcMQsV5GcVEaIx8OPrZmbvA3W0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 649093b24b977cb3735861f650f0fb0562fed000987ac695b0350e0eae410806

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:59 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:03:42 GMT
x-mg-request-uuid: 00b46366-80a7-4819-a458-71dcb96cb78d
age: 160934
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67e76f0ece0acdc3-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6124
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2E4NDA5NTEwMTIzMTAwNWVmMTM2YjAzM2UyMDFlNTU5LnBuZw.webp
s-img.mgid.com/g/8164888/492x328/0x82x614x409/ 13 KB
13 KB 75ms
31ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164888/492x328/0x82x614x409/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2E4NDA5NTEwMTIzMTAwNWVmMTM2YjAzM2UyMDFlNTU5LnBuZw.webp?v=1628915279-HWCOo5IZheP0652HPzw8JO8-8vfovaPQvz9RXySKz8g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecea4b30252d5bc011c7f9cafcac4239a9eb11f2dd8cd9dbc073073f875e8af8

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:59 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:36:09 GMT
x-mg-request-uuid: 0774ad67-7d32-42ea-b255-b70e1f5b93b6
age: 174887
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67e76f0ece0ccdc3-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13280
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzQ1YjFhNTc5YzA1MjgzZTMzYTIxODk2ODliN2E0NjFiLmpwZw.webp
s-img.mgid.com/g/8164872/492x328/0x0x492x328/ 9 KB
9 KB 1510ms
1466ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164872/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzQ1YjFhNTc5YzA1MjgzZTMzYTIxODk2ODliN2E0NjFiLmpwZw.webp?v=1628915279-4irfUCSHznEcaPJscEYoftgiLvbFKI2_sxY7sta9yPk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b93d572d605dee6ab33ed3eef8ec6a29a36b6281877184d7b576df6fa952bba

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:28:00 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 10:41:36 GMT
x-mg-request-uuid: 80ef36d8-b8de-4a80-8698-0ffda273f33b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67e76f0eee15cdc3-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9406
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC81ZmJjMTMyYmJjMWZkMGIxM...
s-img.mgid.com/g/8164846/492x328/-/ 23 KB
23 KB 91ms
47ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164846/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC81ZmJjMTMyYmJjMWZkMGIxMWFhNGRiZDdlMjAwZGQ0Ny5qcGc.webp?v=1628915279-TyCofyuSKuLfwRC5ZjXf9JGRnfRyuBe1Mg2UkbXkb0A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 513370f76b04f6db086052f70e68e39f46f309b3fab98b353267f90841d61b16

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:59 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:49:31 GMT
x-mg-request-uuid: 9600afed-9ebf-4482-8c13-61abbe826efd
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67e76f0ece0bcdc3-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 23098
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0Lzc1M2JjNGVkZjQyYjkwNDAzNWE1MDZkMGJlNzNhMzkxLmpwZWc.webp
s-img.mgid.com/g/8164869/492x328/0x0x960x640/ 14 KB
14 KB 1861ms
1825ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164869/492x328/0x0x960x640/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0Lzc1M2JjNGVkZjQyYjkwNDAzNWE1MDZkMGJlNzNhMzkxLmpwZWc.webp?v=1628915279-8YaWc9tXI04uO6T6i_sNUcFa__LK5Q63UV-pASgPNPw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc3881935d50ed0dae6735118f7407a5101e22657cd5481e40ee8ccca422034d

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:28:00 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 10:45:21 GMT
x-mg-request-uuid: 7981a148-294b-427d-933d-269927170bb6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67e76f0ece0dcdc3-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 14260
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC81N2FjZDYwMGU3ODUyY2I1Z...
s-img.mgid.com/g/8193489/492x328/-/ 6 KB
6 KB 104ms
68ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193489/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC81N2FjZDYwMGU3ODUyY2I1ZjMzMGUwMGIwMjYzN2U1My5qcGc.webp?v=1628915279-Gn3poP9oLgLBHjh6Qptn8Rx7dsPln9tCNYXGLo8rBS0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ce5de1bd0747a1cdb37ccc26cb5f135f7b0894bad3214046fcb5cc0d385785b

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:59 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:35:20 GMT
x-mg-request-uuid: 798ba899-c86a-41b1-9172-d779718d31fc
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67e76f0ece0ecdc3-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6082
server: cloudflare

GET
H3-29 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp
s-img.mgid.com/g/8164909/492x328/16x0x492x328/ 10 KB
11 KB 49ms
26ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164909/492x328/16x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDQvMTAxOTI0L2QyODY2NTUxNTI3OGY0ZjM0ZmM4NjhiZWY2MDc5NzYxLmpwZWc.webp?v=1628915279-lGbSgGjY5SyE7zXVxQ3dCTv37RvQ3oynUc_oCHajvxI
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df205e3074c950bfb046901fe741685bfcebbe84986dcf38d06a531796a1aa89

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:59 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:25:56 GMT
x-mg-request-uuid: 367963c6-f677-48a7-92a5-d74d2bb79076
age: 1328859
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67e76f0f197e39b1-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10296
server: cloudflare

GET
H3-29 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTAtMDYvMTAxOTI0LzFmNGE0NmMwN2E1ZTliOTk5NTFhMjVmY2Y2YjhiY2Y3LmpwZWc_dD0xNTM4ODQ3ODI3MzQ2.webp
s-img.mgid.com/g/8164835/492x328/0x91x1080x720/ 15 KB
16 KB 70ms
47ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164835/492x328/0x91x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTAtMDYvMTAxOTI0LzFmNGE0NmMwN2E1ZTliOTk5NTFhMjVmY2Y2YjhiY2Y3LmpwZWc_dD0xNTM4ODQ3ODI3MzQ2.webp?v=1628915279-_pIBajH2ydODFmdkbXr1mEgR7Z1947HF1GDvCFQXh5o
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d047f42c5906039f405b16f31972cc00b9e08cf5a8e2f5ab21eff54422155fe1

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:59 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:26:50 GMT
x-mg-request-uuid: 608f1936-78a3-4e0c-810a-06a98158a44c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67e76f0f197d39b1-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15574
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0L2Q2YmE1MzkwNzUwZmM3ZDY0MGFlMzdlNzNmMWMyMzQ0LkpQRUc.webp
s-img.mgid.com/g/8164831/492x328/0x25x541x360/ 9 KB
9 KB 825ms
799ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164831/492x328/0x25x541x360/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0L2Q2YmE1MzkwNzUwZmM3ZDY0MGFlMzdlNzNmMWMyMzQ0LkpQRUc.webp?v=1628915279-51kqWW_XN7UWbZIsuovbsS9bOBrQ5zwsmo_QCEfD1gk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f8baecffd34e8240c5ef91b2f4fdf14c4beca3222c18821f668c3444c97665d

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:59 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 10:55:15 GMT
x-mg-request-uuid: d1a9f4e5-006f-43e2-98c0-07653f11a32e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67e76f0ece09cdc3-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8872
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp
s-img.mgid.com/g/8193504/492x328/88x0x631x420/ 15 KB
15 KB 84ms
58ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193504/492x328/88x0x631x420/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp?v=1628915279-HLrtQR7FWra2hhkDmfkw-jVqRSkxYA7A_wdZfT9cFiM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe4aa768a275ab1427a036acb14f473bc076b7ed611b4c593528d2eede9e9aaf

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:59 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:52:22 GMT
x-mg-request-uuid: 550d23f3-1db3-4fe4-8abb-788de42a5aaf
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67e76f0ece08cdc3-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 14996
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0Lzk0NzczNWVkNjBlN2Q1M2UyN2U2NTk4ODdjYTFkMzk3LnBuZw.webp
s-img.mgid.com/g/8193529/492x328/0x12x597x398/ 9 KB
9 KB 1347ms
1321ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193529/492x328/0x12x597x398/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0Lzk0NzczNWVkNjBlN2Q1M2UyN2U2NTk4ODdjYTFkMzk3LnBuZw.webp?v=1628915279-daovp3A0chkeI7VJ2nOrOBNrgYbRYou6YJOURcEnnb8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a799406088c69cebbdc571d7c246fc1c85ac3a0d97e3f081698a5d925dbd0c8

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:28:00 GMT
cf-cache-status: MISS
last-modified: Tue, 11 May 2021 10:52:08 GMT
x-mg-request-uuid: f98bc455-e31a-4128-9e0e-d2691047eb21
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67e76f0ece07cdc3-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8942
server: cloudflare

GET
H2 200 i.js Show response
cm.mgid.com/ 2 KB
839 B 85ms
79ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1628915279164366916582
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e87a868f9368fd60decf511b779e60d18ea62c7f4a0e30b00ae7d5f44f2e033

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 9b26933d-dce9-4a10-ab65-1885fd4b3606
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67e76f0ed87e3323-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 8AF7 19 B
164 B 82ms
82ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1628915279175928011779
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: de4b0231-b3a9-44bf-bb4d-603ef4fa62fd
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67e76f0ee8803323-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 96ms
31ms Script
application/javascript 65.9.73.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:25:27 GMT
via: 1.1 4ce5e5162c2d4fc9022ceb290f794ffe.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 153
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: SbhwQekHjeG7S0GCpxkZfobh8EhnZFmTAzzdW0bejJ07Tauy9MMSgA==

GET
H3-29 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTItMDgvMTAxOTI0L2RlYTMyMDQ1ZDc5MGYxNWE1ZjZiYzIzOGRmOTNiOTU2LmpwZWc_dD0xNTQ0Mjc4Mzg1Mjk1.webp
s-img.mgid.com/g/8164878/492x328/0x10x1080x720/ 6 KB
7 KB 29ms
28ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164878/492x328/0x10x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTItMDgvMTAxOTI0L2RlYTMyMDQ1ZDc5MGYxNWE1ZjZiYzIzOGRmOTNiOTU2LmpwZWc_dD0xNTQ0Mjc4Mzg1Mjk1.webp?v=1628915279-CQJt9F7NeON2Ms-FuUcMQsV5GcVEaIx8OPrZmbvA3W0
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 649093b24b977cb3735861f650f0fb0562fed000987ac695b0350e0eae410806

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:59 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:03:42 GMT
x-mg-request-uuid: 00b46366-80a7-4819-a458-71dcb96cb78d
age: 160934
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67e76f0f298c39b1-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6124
server: cloudflare

GET
H3-29 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2E4NDA5NTEwMTIzMTAwNWVmMTM2YjAzM2UyMDFlNTU5LnBuZw.webp
s-img.mgid.com/g/8164888/492x328/0x82x614x409/ 13 KB
14 KB 36ms
36ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164888/492x328/0x82x614x409/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2E4NDA5NTEwMTIzMTAwNWVmMTM2YjAzM2UyMDFlNTU5LnBuZw.webp?v=1628915279-HWCOo5IZheP0652HPzw8JO8-8vfovaPQvz9RXySKz8g
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecea4b30252d5bc011c7f9cafcac4239a9eb11f2dd8cd9dbc073073f875e8af8

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:59 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 11:36:09 GMT
x-mg-request-uuid: 0774ad67-7d32-42ea-b255-b70e1f5b93b6
age: 174887
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67e76f0f298f39b1-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13280
server: cloudflare

GET
H3-29 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC81ZmJjMTMyYmJjMWZkMGIxM...
s-img.mgid.com/g/8164846/492x328/-/ 23 KB
23 KB 36ms
36ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164846/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC81ZmJjMTMyYmJjMWZkMGIxMWFhNGRiZDdlMjAwZGQ0Ny5qcGc.webp?v=1628915279-TyCofyuSKuLfwRC5ZjXf9JGRnfRyuBe1Mg2UkbXkb0A
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 513370f76b04f6db086052f70e68e39f46f309b3fab98b353267f90841d61b16

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:59 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:49:31 GMT
x-mg-request-uuid: 9600afed-9ebf-4482-8c13-61abbe826efd
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67e76f0f299039b1-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 23098
server: cloudflare

GET
H3-29 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp
s-img.mgid.com/g/8193504/492x328/88x0x631x420/ 15 KB
15 KB 46ms
46ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193504/492x328/88x0x631x420/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTEtMTQvMTAxOTI0LzhjZjZjYTM3NjE0MjljYzE4NjgzNWE1NjhhY2ZhZTY1LmpwZWc_dD0xNTEwNjU1NDgxODk1.webp?v=1628915279-HLrtQR7FWra2hhkDmfkw-jVqRSkxYA7A_wdZfT9cFiM
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.es6.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe4aa768a275ab1427a036acb14f473bc076b7ed611b4c593528d2eede9e9aaf

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:59 GMT
cf-cache-status: HIT
last-modified: Tue, 11 May 2021 10:52:22 GMT
x-mg-request-uuid: 550d23f3-1db3-4fe4-8abb-788de42a5aaf
age: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 67e76f0f399c39b1-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 14996
server: cloudflare

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 3949 1 KB
879 B 98ms
23ms Document
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=658327
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1628915279164366916582
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://paste.co.id/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

Server: VertaMedia 1.0
Date: Sat, 14 Aug 2021 04:27:59 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 600
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame A4B5
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

281 B
554 B

87ms
28ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1628915279164366916582
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://paste.co.id/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 14 Aug 2021 04:27:59 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Sat, 14 Aug 2021 04:27:59 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=9f81e39f-9a6a-40f1-90aa-c0864ea44079&ttl=1631507279

43 B
506 B

81ms
81ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=9f81e39f-9a6a-40f1-90aa-c0864ea44079&ttl=1631507279
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:59 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: b8556259-a049-4b23-a15a-fd885133bda6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67e76f106e4a0834-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:59 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=9f81e39f-9a6a-40f1-90aa-c0864ea44079&ttl=1631507279
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=MqYKHMAHdBlHhndO5TcP&pi=mgid&tc=1

43 B
506 B

94ms
94ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=MqYKHMAHdBlHhndO5TcP&pi=mgid&tc=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:59 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 47261ca4-cb81-4653-aa2b-17c14c73594b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67e76f103e320834-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=MqYKHMAHdBlHhndO5TcP&pi=mgid&tc=1
pragma: no-cache
date: Sat, 14 Aug 2021 04:27:59 GMT, Sat, 14 Aug 2021 04:27:59 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
496 B 131ms
83ms Image
image/gif 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l7dWbhG3c2rl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 67e76f0faa2e407b-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H/1.1

204
No Content

sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain

https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=l7dWbhG3c2rl
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=

0
239 B

113ms
28ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Sat, 14 Aug 2021 04:27:59 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=&gdpr_consent=&us_privacy=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H3-29

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDdkV2JoRzNjMnJs&muidn=l7dWbhG3c2rl
https://cm.mgid.com/google?muidn=l7dWbhG3c2rl&google_ula={guid},5&google_gid=CAESEPNBjzSvxnuSgHOiLgUpou0&google_cver=1

0
369 B

76ms
76ms

Image
text/plain

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l7dWbhG3c2rl&google_ula={guid},5&google_gid=CAESEPNBjzSvxnuSgHOiLgUpou0&google_cver=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67e76f100e1a0834-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l7dWbhG3c2rl&google_ula={guid},5&google_gid=CAESEPNBjzSvxnuSgHOiLgUpou0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=a44448ff-eef6-4808-a855-d55a150e73e6

43 B
553 B

80ms
80ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=a44448ff-eef6-4808-a855-d55a150e73e6
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:28:00 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 0de6fe4b-4172-409f-8a53-5a619e0c70fe
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67e76f13dfc50834-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=a44448ff-eef6-4808-a855-d55a150e73e6
date: Sat, 14 Aug 2021 04:27:59 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=423f4cd7-f1d3-4c21-aa44-67dc63322c07
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=423f4cd7-f1d3-4c21-aa44-67dc63322c07
https://cm.mgid.com/m?cdsp=433145&c=423f4cd7-f1d3-4c21-aa44-67dc63322c07&gdpr=&gdpr_consent=&us_privacy=

43 B
522 B

82ms
82ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=423f4cd7-f1d3-4c21-aa44-67dc63322c07&gdpr=&gdpr_consent=&us_privacy=
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:59 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 768a480c-f497-4e05-bb53-a7ff345e03ef
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67e76f112e900834-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=423f4cd7-f1d3-4c21-aa44-67dc63322c07&gdpr=&gdpr_consent=&us_privacy=
date: Sat, 14 Aug 2021 04:27:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
413 B 123ms
75ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l7dWbhG3c2rl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 67e76f0fac640493-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2

200

RX-cd9544c6-f3f9-4524-87d2-1dc826a35b21-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l7dWbhG3c2rl
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l7dWbhG3c2rl
https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/423f4cd7-f1d3-4c21-aa44-67dc63322c07?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/423f4cd7-f1d3-4c21-aa44-67dc63322c07?gdpr=&gdpr_consent=
https://sync.1rx.io/usersync/bidswitch/423f4cd7-f1d3-4c21-aa44-67dc63322c07?zcc=1&dspret=0&cb=1628915279570
https://sync.targeting.unrulymedia.com/csync/RX-cd9544c6-f3f9-4524-87d2-1dc826a35b21-003

43 B
395 B

98ms
29ms

Image
image/gif

213.19.147.45
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-cd9544c6-f3f9-4524-87d2-1dc826a35b21-003
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:59 GMT
server: Tengine
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-cd9544c6-f3f9-4524-87d2-1dc826a35b21-003
pragma: no-cache
date: Sat, 14 Aug 2021 04:27:59 GMT
cache-control: no-store, no-cache, must-revalidate
server: Tengine
content-type: text/html
expires: 0

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1628915279305&ns_c=UTF-8&cv=3.5&c8=Ryan%20Reynolds%20(Almost)%20Saves%20Free%20Guy%2C%20Believe%20It%20or%20Not%20(2021)%20-%20Paste...
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1628915279305&ns_c=UTF-8&cv=3.5&c8=Ryan%20Reynolds%20(Almost)%20Saves%20Free%20Guy%2C%20Believe%20It%20or%20Not%20(2021)%20-%20Past...

64 B
328 B

46ms
46ms

Image
image/gif

65.9.73.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1628915279305&ns_c=UTF-8&cv=3.5&c8=Ryan%20Reynolds%20(Almost)%20Saves%20Free%20Guy%2C%20Believe%20It%20or%20Not%20(2021)%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:59 GMT
via: 1.1 4ce5e5162c2d4fc9022ceb290f794ffe.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: hckD1-Sk_bK-SJk3ZDG1arWsuRJ8sNxdLdFztjlq6L2MjFQnj_qAtA==

Redirect headers

date: Sat, 14 Aug 2021 04:27:59 GMT
via: 1.1 4ce5e5162c2d4fc9022ceb290f794ffe.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1628915279305&ns_c=UTF-8&cv=3.5&c8=Ryan%20Reynolds%20(Almost)%20Saves%20Free%20Guy%2C%20Believe%20It%20or%20Not%20(2021)%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&c9=
content-length: 272
x-amz-cf-id: 9AEP8rFYrjvhg1tSN_UIwHH8pxmZXo75ckuvcaaJptEkyIYKk5IjfA==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1628915279306&ns_c=UTF-8&cv=3.5&c8=Ryan%20Reynolds%20(Almost)%20Saves%20Free%20Guy%2C%20Believe%20It%20or%20Not%20(2021)%20-%20Paste...
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1628915279306&ns_c=UTF-8&cv=3.5&c8=Ryan%20Reynolds%20(Almost)%20Saves%20Free%20Guy%2C%20Believe%20It%20or%20Not%20(2021)%20-%20Past...

64 B
327 B

46ms
45ms

Image
image/gif

65.9.73.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1628915279306&ns_c=UTF-8&cv=3.5&c8=Ryan%20Reynolds%20(Almost)%20Saves%20Free%20Guy%2C%20Believe%20It%20or%20Not%20(2021)%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 14 Aug 2021 04:27:59 GMT
via: 1.1 4ce5e5162c2d4fc9022ceb290f794ffe.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: GBjgLM9chsh-rxoUw1UbnyI7Fc-QjAZYWt5Mzaj78Nzt1twshaaqzg==

Redirect headers

date: Sat, 14 Aug 2021 04:27:59 GMT
via: 1.1 4ce5e5162c2d4fc9022ceb290f794ffe.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1628915279306&ns_c=UTF-8&cv=3.5&c8=Ryan%20Reynolds%20(Almost)%20Saves%20Free%20Guy%2C%20Believe%20It%20or%20Not%20(2021)%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&c9=
content-length: 272
x-amz-cf-id: TKRo7fPzvviYH8pqBVEYn6BA95jPQNCdMiQETsop8ZhQTMsL7m783Q==

GET
H3-29

200

m
cm.mgid.com/ Frame 3949
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
https://cm.mgid.com/m?cdsp=617666&c=97f8ef5b7539f983

43 B
538 B

83ms
83ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=617666&c=97f8ef5b7539f983
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=658327
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:27:59 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 31a70745-a692-47c5-b38e-d8b420ab9d01
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67e76f12ff740834-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

Redirect headers

Location: https://cm.mgid.com/m?cdsp=617666&c=97f8ef5b7539f983
Date: Sat, 14 Aug 2021 04:27:59 GMT
Server: VertaMedia 1.0
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A4B5 31 KB
10 KB 31ms
31ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b0a7438fc8cab82d754146a72ab30a81c3edece242c9e72effdea4128bd212e1

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 14 Aug 2021 04:27:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jul 2021 17:07:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=14308
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9360
Expires: Sat, 14 Aug 2021 08:26:27 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame A4B5 284 B
536 B 123ms
36ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

OPTIONS
H/1.1 200
OK add
o.wowreality.info/api/log/ Frame 0
0 95ms
31ms Preflight 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Protocol: HTTP/1.1
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sat, 14 Aug 2021 04:27:59 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://paste.co.id

POST
H/1.1 200
OK add Show response
o.wowreality.info/api/log/ 0
398 B 120ms
52ms XHR
text/plain 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Requested by: Host: static.lalaping.com
URL: https://static.lalaping.com/online.js?ver=2.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

Date: Sat, 14 Aug 2021 04:28:00 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length: 0

GET
H3-29 200 c
c.mgid.com/ 43 B
433 B 104ms
103ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=202|213|40|vxYVSRg4D7aZaUcZSTU58QqbdI1vFzk6nuK8YD4uKjukJN3XmCNuoximDF0dASdP&fw=1&extjs=66044&v=202|213|8|vxYVSRg4D7aZaUcZSTU58WfxIohKgTQapH5U-J0tRKxyteBbAA2E9evrpJvpLgN9&v=202|213|8|vxYVSRg4D7aZaUcZSTU58eSVgxYRMJJ97wKCS-7Qx9TMZHyJ_CU3XwgiyImiYeKR&cid=997452&h2=osGc9IG8QbaWdv591HpRpQoMGj-7EuUXAy7VongV0jg*&rid=0147af15-fcb8-11eb-8adb-d094662c24f7&tt=Direct&iv=11&pageImp=1&pvid=17b42eaa398821134bf&cbuster=16289152804213020613&tpl=0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Aug 2021 04:28:00 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: fea012a3-ac67-40ef-a3d6-c5d0edf8a51c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 67e76f16a9070834-CDG
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare

GET
H2 200 c-DoJ8Lo7zgPudKuvFfmCYpzOC-CFNGSmcoJrP_6sDLEK0-Vts0b8-2kmCaHZCS4F3T-ctHJx-SQI3IxHMqqdd0L463YbKeM7vVuQw2xKOxJCTMp99C6umdNFjXgEK3s-XFffCSbVgC9-OqkANnldcSMiFjBj438a1hDb8o3KmJpRaaHoXRCEdxHSgNtAljnc5zx9...
itgiblean.com/impression/ 43 B
326 B 109ms
40ms Image
image/gif 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itgiblean.com/impression/c-DoJ8Lo7zgPudKuvFfmCYpzOC-CFNGSmcoJrP_6sDLEK0-Vts0b8-2kmCaHZCS4F3T-ctHJx-SQI3IxHMqqdd0L463YbKeM7vVuQw2xKOxJCTMp99C6umdNFjXgEK3s-XFffCSbVgC9-OqkANnldcSMiFjBj438a1hDb8o3KmJpRaaHoXRCEdxHSgNtAljnc5zx98mDApvmvgnXCpwl4TALBSAODR43NOYFA1FOg2vpXijK1AAYw3V97PUCd5_6bYC10jzglpalZPxXpXIPbdGh8536_2h-EA4vtaHeWJ6rLBtofOVXfwoUZtF8q1Idbh-B_zIEfc7s0YikTqjaAHpN9hxbtX2Pk66z6lZHQ5-PX45s7yU3ecRhkmRDX5AP_ncalJmUX7zsgD4LJIRz5gil0FeeU0cnOsJnSZ_fkFp5bs1_RJtCi_gWY7Ffle9G_QMeh70DzF6EdFANd8z0wTowx9la-qEG1x1vpTNMIJ82f-cmGq-5C08wZUFX5TCt_AWxhY3iGiFzZwWfv4-JC2fkBoVdYd2-ED71Dqf6D2DW_Jyg0pYyHJ-87c8cF7hkqIjbU5K1M_X7-J9B9NjQ9MYXfdUQWqW_LnrSxq0ua53NB8qYPBx9NAq-gzi2wefoSifzkfkOhzDQTy5_IeQ8MEyBtLW9DXbQUIUy5HP66UprgehHO9WoNR7fJ4htKAKlO8um5A==?_z=3509488&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=11&pl=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 37c4b8f56c3fdf2d5fcede9f5bd8f1cb
pragma: no-cache
date: Sat, 14 Aug 2021 04:28:08 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
content-length: 43
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 0738745987824.png
static.cdnativepush.com/contents/s/27/37/a4/8fd12ad9d8597ca0ddca80c749/ Frame E6F5 577 B
1 KB 32ms
32ms Image
image/png 139.45.197.156
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/27/37/a4/8fd12ad9d8597ca0ddca80c749/0738745987824.png
Requested by: Host: inpagepush.com
URL: https://inpagepush.com/400/3509488
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b0e7fadc3bee4745eb7e38e7684dc1ab8ffb8639d16f1ebdc21cbca2f9dbcc0b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 14 Aug 2021 04:28:08 GMT
Last-Modified: Thu, 21 Feb 2019 14:00:06 GMT
Server: nginx
ETag: "5c6eaee6-241"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 577

GET
H2 200 3509488 Show response
inpagepush.com/500/ 1 KB
2 KB 48ms
47ms XHR
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3509488?excludes=9614586&oaid=c9fd0c7102a34a47a803e0f4b615d3c5&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=12&pl=https%3A%2F%2Fpaste.co.id%2FbWKv9ztFz8&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5c54babda893499179681227636c0401823b83d35c2e228bddf424bfed2b6c99

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: e97f215974d87220ad82dee3e84e84fa
pragma: no-cache
date: Sat, 14 Aug 2021 04:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H2 200 3509488
inpagepush.com/500/ Frame 0
0 32ms
32ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 14 Aug 2021 04:28:08 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://paste.co.id
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H/1.1 200
OK 0377052970676.png
static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/ 2 KB
3 KB 32ms
32ms Image
image/png 139.45.197.156
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/fa/09/c3/d0d05f7d01ec388b4373228077/0377052970676.png
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: dfc621aca09ed0c1488b5131d842363a53b81589c81e60fd0de8d639f927acc6

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 14 Aug 2021 04:28:08 GMT
Last-Modified: Thu, 08 Apr 2021 14:22:06 GMT
Server: nginx
ETag: "606f118e-932"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 2354

Verdicts & Comments Add Verdict or Comment

169 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
onmarshtompor.com/	1970-01-20 05:14:11	Name: OAID Value: 2a0c2932fd0c4f45b5bbe1335bf4158e
.paste.co.id/	1970-01-19 20:28:35	Name: _gat_gtag_UA_174907544_1 Value: 1
.doubleclick.net/	1970-01-20 05:50:11	Name: IDE Value: AHWqTUm3TppVA33IHtyB2G4OnG39DaZKZI4UTDU-YMQI7akARDS4i5bTgy9SzTWCeUA
onmarshtompor.com/	1970-01-20 05:14:11	Name: oaidts Value: 1628915278
.paste.co.id/	1970-01-19 20:30:01	Name: _gid Value: GA1.3.770271417.1628915279
paste.co.id/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C997452%22%3A%7B%22page%22%3A1%7D%7D
paste.co.id/	1970-01-19 20:28:35	Name: prefetchAd_3724584 Value: true
.paste.co.id/	1970-01-19 20:28:38	Name: __PPU_BACKCLCK_3724584 Value: true
.paste.co.id/	1970-01-19 20:28:35	Name: _gat_gtag_UA_137362802_1 Value: 1
.paste.co.id/	1970-01-20 13:59:47	Name: _ga Value: GA1.3.352520918.1628915278
.paste.co.id/	1970-01-20 05:50:11	Name: __gads Value: ID=352714a05e9f78ce-222e1f8aabc900e4:T=1628915278:RT=1628915278:S=ALNI_MajRgDZKpYw45-2huuHJSOOG2Mcqw
paste.co.id/	1970-01-19 20:28:42	Name: pasteshr_session Value: eyJpdiI6Im1sOXNsWmZkaHZBQWFXTDZ2OXp5RFE9PSIsInZhbHVlIjoiVzJ5YW5uV2Jjc1hEaTUrU3REUHZxME51M2tBRFN5WHk4NGRwNFZRekEwNzByYm9zK2Q2c3VGVE9JSmV0VnJrYSIsIm1hYyI6IjQ0MDkwZGFhOWQ4OGU4MGIzZTc3ODFkNTAxZWM5ZGFiNjNiZTJiOWE2YjA5YzI0NDM2NDBhNjUzMjU4NDM3MjUifQ%3D%3D
paste.co.id/	1970-01-19 20:28:42	Name: XSRF-TOKEN Value: eyJpdiI6IjFWZ2NiU3lEdHhDZVJUTk1ENTlFd3c9PSIsInZhbHVlIjoiU1JUMG1cL1pwdk9GeklxTXU2MzZRWVRpS0lzSzZ6NFpMTm5zNlwvNE81aXN5eHhpVGtnNE52SHhxeVpxSDMrMjVyIiwibWFjIjoiMmQwYjU5M2RmZDcxY2E0Y2M3MWM4NzhiYjJkODhlZDM2YTIyZTkxOGU3MDQ5ZTAyOWVjOTkxY2E5ODUwODYzYSJ9

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	(Line 1) Message: SDK installer already started
console-api	warning	(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	(Line 1) Message: TypeError: Cannot read property 'setItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bedrapiona.com
bidswitch-eu.splicky.com
c.mgid.com
cdn.mgid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
dozubatan.com
eus.rubiconproject.com
googleads.g.doubleclick.net
iclickcdn.com
inpagepush.com
itgiblean.com
jsc.mgid.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
my.rtmark.net
o.wowreality.info
onmarshtompor.com
pagead2.googlesyndication.com
partner.googleadservices.com
paste.co.id
pixel.rubiconproject.com
pseepsie.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
s.adtelligent.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
seeptoag.net
servicer.mgid.com
static.cdnativepush.com
static.lalaping.com
stats.g.doubleclick.net
sync.1rx.io
sync.adtelligent.com
sync.e-volution.ai
sync.targeting.unrulymedia.com
toglooman.com
token.rubiconproject.com
tpc.googlesyndication.com
usermatch.targeting.unrulymedia.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.qrcoder.co.uk
x.bidswitch.net
104.109.78.125
104.16.199.73
104.19.132.78
104.19.135.78
104.19.217.61
109.203.125.88
109.206.188.82
139.45.195.254
139.45.195.8
139.45.196.145
139.45.197.156
139.45.197.234
139.45.197.237
139.45.197.239
139.45.197.243
139.45.197.250
142.250.186.162
172.217.18.98
18.198.86.30
185.184.8.65
2.19.35.65
213.19.147.44
213.19.147.45
2606:4700:20::681a:d76
2606:4700:20::ac43:4b21
2606:4700::6810:125e
2606:4700::6812:bcf
2a00:1450:4001:802::200e
2a00:1450:4001:803::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:831::2002
2a00:1450:400c:c04::9b
2a0c:5c81:5095:0:225:90ff:fefa:245d
35.212.212.222
49.12.13.182
5.189.137.168
62.149.0.72
65.9.73.82
69.173.144.138
69.173.144.165
76.223.111.131
073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669
140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
18da111eb5ece7a9f442894197a95bdc0fe92c7327fcb5a1b4451ed615f9f70f
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
2904678e69e54e7e5a02df9819cde9538ce3087f24efd81d403f21da850054a8
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
35751fd45cc96fc57e090b12cb1e4be8c29c99c930cc679874c6a9009c64b2f1
36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6
367ea4a2337e669a6eeec1f614332c274bb6bb42706d0676516bd43c0c4ac0f5
3c0060c1fa02b1f606902d3ca10696502913fb2a0ff44015a751b1ea9bba8706
3ccbdd96d449ac73068148c6aee1355929c04a639071892b79a98ea8f710b49b
3d0117695832e89c6c003f7846b90435283e192220600b2800d9c653f6a68180
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3
472a9a21685222790a3867e8d7c84df9a0e4ac9b39a9ee26853d34c22c94d2e3
4831c01b82e4037c01c51e6936cb0e9b630082a7bb72325086c0a18c83afb317
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f8baecffd34e8240c5ef91b2f4fdf14c4beca3222c18821f668c3444c97665d
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
503a5e90dfb6d6465fc14e26be82d59b7f67d45a538f64d480297db30406db79
513370f76b04f6db086052f70e68e39f46f309b3fab98b353267f90841d61b16
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5722a26c28955f49b4f7e69f45c192bc8b4127a4323390e149f6c1835e957869
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
5b93d572d605dee6ab33ed3eef8ec6a29a36b6281877184d7b576df6fa952bba
5c54babda893499179681227636c0401823b83d35c2e228bddf424bfed2b6c99
649093b24b977cb3735861f650f0fb0562fed000987ac695b0350e0eae410806
6b516b5d98e7b3dffe572eb09e2dd2d07745168463c9d9066d11fa1fb612cedf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ce5de1bd0747a1cdb37ccc26cb5f135f7b0894bad3214046fcb5cc0d385785b
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
7761979199bf20d25fe4726392f9e6c268295e5d179b2bb5a683cb10fb6ad0d2
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a60efa64737080679b01847ab127ed07a7cbfd541ec5c693caf2b7cc06f2417
7a799406088c69cebbdc571d7c246fc1c85ac3a0d97e3f081698a5d925dbd0c8
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5
8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045
8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716
8dfc258187db25a77b8760110cb1dfbd9b13ed139c27b66ea7aa7fffb6055476
8e87a868f9368fd60decf511b779e60d18ea62c7f4a0e30b00ae7d5f44f2e033
900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93
94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75
979309bcc341dd1f7243eebf66bd8686ef9fdc23a8b66e64f6ef0a7e541db659
98c6714c552faeabfd6762b7d4293ae20071e173f970c99377e1d2c3afde0429
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
9ca16f19330f12dbffa95b51af2556f3f25a2c2df85e43ca031529e5dc34c002
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a41c200ffb948f513a819c6de0b7dbfa82597bfcc6ea8f00cf919bc19f5fd0f7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a962e0e8562144d287e083b798e4f1d920f5f6772975dd5a44559b5748a08386
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa7b6d5b770a73bfa79bb530f6549221a559d0e366daa55005255ec66ae752db
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a
b0a7438fc8cab82d754146a72ab30a81c3edece242c9e72effdea4128bd212e1
b0e7fadc3bee4745eb7e38e7684dc1ab8ffb8639d16f1ebdc21cbca2f9dbcc0b
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
b830d0dadcba5e1c65ba915eea0be312fc4aece1c43627cc6e109bbe6c252ba3
ba45b9535d8b81f446e72a0f37425bb253fe5a084d71d58830fb19f48d3f3529
bc3881935d50ed0dae6735118f7407a5101e22657cd5481e40ee8ccca422034d
c378fc1fa0ceb951a53437f20f0576f915f4c6a90403557914faf45fb90deb92
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
c8357fc0dabde282a40f3726ae350efd8d572c9d92b9410c4e625668cae224e4
d047f42c5906039f405b16f31972cc00b9e08cf5a8e2f5ab21eff54422155fe1
d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9
d155915dc255556fb696d51d847d0070941c6fc2f9ce03d869681b30b9222b24
d4d288693ec77b1dfe91b78d205bb03ed3098d09c59e12e739ba78c5748790f0
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517
d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85
d801a7aee4bfe2c958fd643f0cbeec4594298233004ada814fbff90eeb0b1c0b
dbe66044132217047e9a50fa99575a80d0c6707b7a8aeb9577b1ceab7cc3f36a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df205e3074c950bfb046901fe741685bfcebbe84986dcf38d06a531796a1aa89
dfc621aca09ed0c1488b5131d842363a53b81589c81e60fd0de8d639f927acc6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ecea4b30252d5bc011c7f9cafcac4239a9eb11f2dd8cd9dbc073073f875e8af8
eeaa0cd3b78f62abc84aafe6001c7df531b4fd569ad3e8df7939ad8d757ebbaf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef948a40ebec2139fb14c246e85c06c01b4cb4f0afe36403e1106772b41feb3e
f1e869b14b92650079313659af5a7694609d87361655bc63fee03c93cf60918b
f66da870a7849af122f5e187a3d09f55cd28992e0b80ac7082e76e1efb74fdae
fe4aa768a275ab1427a036acb14f473bc076b7ed611b4c593528d2eede9e9aaf
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

paste.co.id Open in urlscan Pro 5.189.137.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

137 Requests

100 %HTTPS

34 %IPv6

39 Domains

54 Subdomains

38 IPs

6 Countries

1596 kBTransfer

3929 kBSize

13 Cookies

40 Outgoing links

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paste.co.id Open in urlscan Pro
5.189.137.168 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

100 %
HTTPS

34 %
IPv6

39
Domains

54
Subdomains

38
IPs

6
Countries

1596 kB
Transfer

3929 kB
Size

13
Cookies

137 HTTP transactions
1 data transactions