paste.co.id Open in urlscan Pro
2606:4700:3037::ac43:ae34 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paste.co.id/CGkGxTToTR
Submission: On September 04 via api (September 4th 2020, 6:25:30 pm UTC) from US

Summary HTTP 115 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 26 IPs in 9 countries across 29 domains to perform 115 HTTP transactions. The main IP is 2606:4700:3037::ac43:ae34, located in United States and belongs to CLOUDFLARENET, US. The main domain is paste.co.id.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 10th 2020. Valid for: a year.

This is the only time paste.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2606:4700:303... 2606:4700:3037::ac43:ae34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2606:4700::68... 2606:4700::6811:4e6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
3	139.45.196.10 139.45.196.10	9002 (RETN-AS) (RETN-AS)
10	139.45.196.145 139.45.196.145	9002 (RETN-AS) (RETN-AS)
1 39	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	109.203.125.88 109.203.125.88	31727 (NODE4-AS) (NODE4-AS)
1	173.249.18.21 173.249.18.21	51167 (CONTABO) (CONTABO)
2	35.190.91.111 35.190.91.111	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	139.45.195.41 139.45.195.41	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.22.38 172.217.22.38	15169 (GOOGLE) (GOOGLE)
1 2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	52.29.176.117 52.29.176.117	16509 (AMAZON-02) (AMAZON-02)
1 1	67.231.251.190 67.231.251.190	40244 (TURNKEY-I...) (TURNKEY-INTERNET)
1	204.44.79.1 204.44.79.1	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	178.63.52.94 178.63.52.94	24940 (HETZNER-AS) (HETZNER-AS)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	34.255.148.227 34.255.148.227	16509 (AMAZON-02) (AMAZON-02)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
1 1	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE)
1 10	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	23.105.245.4 23.105.245.4	7979 (SERVERS-COM) (SERVERS-COM)
3	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
115	26

18 2606:4700:3037::ac43:ae34 (United States)

ASN13335 (CLOUDFLARENET, US)

paste.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:4e6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.196.10 (Ascension Island)

ASN9002 (RETN-AS, EU)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.196.145 (Ascension Island)

ASN9002 (RETN-AS, EU)

seeptoag.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 104.19.135.78 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.203.125.88 (Salford, United Kingdom)

ASN31727 (NODE4-AS, GB)
PTR: server.switchtowood.co.uk

www.qrcoder.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.249.18.21 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: berkas.co

berkas.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.111 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 111.91.190.35.bc.googleusercontent.com

lovelydrum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.41 (Ascension Island)

ASN9002 (RETN-AS, EU)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.29.176.117 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-176-117.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.231.251.190 (Latham, United States) 1 redirects

ASN40244 (TURNKEY-INTERNET, US)
PTR: 67-231-251-190.static.as40244.net

pixel.s3xified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.44.79.1 (Los Angeles, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 204.44.79.1.static.quadranet.com

b.admedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.63.52.94 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.94.52.63.178.clients.your-server.de

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.148.227 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-148-227.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.245.4 (Russian Federation)

ASN7979 (SERVERS-COM, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	mgid.com 1 redirects jsc.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com c.mgid.com	671 KB
18	paste.co.id paste.co.id	454 KB
10	seeptoag.net seeptoag.net	78 KB
7	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	144 KB
6	doubleclick.net 2 redirects stats.g.doubleclick.net ad.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net	3 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	gstatic.com fonts.gstatic.com	48 KB
4	cloudflare.com cdnjs.cloudflare.com	50 KB
3	google-analytics.com www.google-analytics.com	18 KB
3	inpagepush.com inpagepush.com	26 KB
3	googletagmanager.com www.googletagmanager.com	105 KB
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	822 B
2	adsrvr.org 2 redirects match.adsrvr.org	902 B
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	279 B
2	google.de www.google.de adservice.google.de	996 B
2	google.com www.google.com adservice.google.com	996 B
2	rtmark.net my.rtmark.net	2 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	lovelydrum.com lovelydrum.com	30 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	lentainform.com cm.lentainform.com	328 B
1	idealmedia.io cm.idealmedia.io	555 B
1	splicky.com 1 redirects bidswitch-eu.splicky.com	229 B
1	admedia.com b.admedia.com	317 B
1	s3xified.com 1 redirects pixel.s3xified.com	372 B
1	berkas.co berkas.co	4 KB
1	qrcoder.co.uk www.qrcoder.co.uk	555 B
115	29

	Domain	Requested by
18	s-img.mgid.com	paste.co.id
18	paste.co.id	paste.co.id cdnjs.cloudflare.com
10	seeptoag.net	paste.co.id seeptoag.net
7	cm.mgid.com	jsc.mgid.com paste.co.id
5	x.bidswitch.net	5 redirects
5	c.mgid.com	1 redirects paste.co.id
5	fonts.gstatic.com	fonts.googleapis.com
4	pagead2.googlesyndication.com	paste.co.id pagead2.googlesyndication.com
4	servicer.mgid.com	jsc.mgid.com
4	jsc.mgid.com	paste.co.id
4	cdnjs.cloudflare.com	paste.co.id
3	tpc.googlesyndication.com	lovelydrum.com pagead2.googlesyndication.com tpc.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	inpagepush.com	paste.co.id inpagepush.com
3	www.googletagmanager.com	paste.co.id www.googletagmanager.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	cm.g.doubleclick.net	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	match.adsrvr.org	2 redirects
2	my.rtmark.net	inpagepush.com paste.co.id
2	fonts.googleapis.com	paste.co.id
2	lovelydrum.com	paste.co.id lovelydrum.com
2	maxcdn.bootstrapcdn.com	paste.co.id maxcdn.bootstrapcdn.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	cm.lentainform.com	paste.co.id
1	cm.idealmedia.io	paste.co.id
1	bidswitch-eu.splicky.com	1 redirects
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	b.admedia.com	paste.co.id
1	pixel.s3xified.com	1 redirects
1	eus.rubiconproject.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	ad.doubleclick.net	lovelydrum.com
1	www.google.de	paste.co.id
1	www.google.com	paste.co.id
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.mgid.com	paste.co.id
1	berkas.co	paste.co.id
1	www.qrcoder.co.uk	paste.co.id
115	42

This site contains links to these domains. Also see Links.

Domain
cookie-consent.app.forthe.top
widgets.mgid.com
www.mgid.com
berkas.co

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-10` - `2021-07-10`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
inpagepush.com Let's Encrypt Authority X3	`2020-08-15` - `2020-11-13`	3 months	crt.sh
seeptoag.net Let's Encrypt Authority X3	`2020-07-07` - `2020-10-05`	3 months	crt.sh
qrcoder.co.uk cPanel, Inc. Certification Authority	`2020-07-29` - `2020-10-27`	3 months	crt.sh
berkas.co Let's Encrypt Authority X3	`2020-07-12` - `2020-10-10`	3 months	crt.sh
lovelydrum.com Let's Encrypt Authority X3	`2020-09-04` - `2020-12-03`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.rtmark.net Let's Encrypt Authority X3	`2020-08-28` - `2020-11-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.admedia.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-27` - `2022-03-02`	2 years	crt.sh
*.lentainform.com Go Daddy Secure Certificate Authority - G2	`2020-01-09` - `2021-01-20`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://paste.co.id/CGkGxTToTR
Frame ID: E65A73757C7B352BE30AC82F0F45D8CA
Requests: 109 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1599243919897121298846
Frame ID: 76183F03503E4EB2C8D11F099C78EF45
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 289691953B3E8FED84A1168A7456D363
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: F19B87696022DCCDF0E0F7062CFF8D1E
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 002B225F0F86A5614C9D52E4F13737CD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200831/r20190131/zrt_lookup.html
Frame ID: 48B4B0706D77DB4C12C45DDC84B2FDF6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1599243921&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&tp=site_kit&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fpaste.co.id%2FCGkGxTToTR&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1599243921043&bpp=10&bdt=2111&idt=46&shv=r20200831&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5560910529387&frm=20&pv=2&ga_vid=1108760184.1599243920&ga_sid=1599243921&ga_hid=1381408023&ga_fc=0&iag=0&icsg=4222127335076850&dssz=43&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723322%2C21066647%2C21066944%2C21067105&oid=3&pvsid=3714611282137937&pem=594&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=57
Frame ID: FE4750AAA49B57EC056B8923AD3E0DDB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: F1317DC8A20F995DFE72277FC87BE8F1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

115
Requests

99 %
HTTPS

41 %
IPv6

29
Domains

42
Subdomains

26
IPs

9
Countries

1744 kB
Transfer

4331 kB
Size

8
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://cookie-consent.app.forthe.top/why-websites-use-cookies/
Title: Learn More

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=paste.co.id&utm_medium=referral&utm_campaign=widgets&utm_content=997452

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3835476/i/57333099/0/pp/1/1?h=_sxm3dWW0Cx3SyMde27RIOOP0X3D-tCRoiIKZWfwg7KidjcWEhIogCP4pVR8oOtR&rid=fd068be4-eedb-11ea-b123-d094662f8ab5&tt=Direct&cpm=1&iv=11&fp=6126ecbf9bb2d0e0c163527479e170fb&muid=k84jmJLAltpb

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3859212/i/57333099/0/pp/2/1?h=_sxm3dWW0Cx3SyMde27RIBIBhbiA5CLe0rwPDynVRqL2LYYSkeILsTMuoIn1D0YW&rid=fd068be4-eedb-11ea-b123-d094662f8ab5&tt=Direct&cpm=1&iv=11&fp=6126ecbf9bb2d0e0c163527479e170fb&muid=k84jmJLAltpb

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/6288128/i/57333099/0/pp/3/1?h=_sxm3dWW0Cx3SyMde27RICWRMIyTNNAUKGA9XE6aD5s8V7ssTLA7CHX4wsDsU3_C&rid=fd068be4-eedb-11ea-b123-d094662f8ab5&tt=Direct&cpm=1&iv=11&fp=6126ecbf9bb2d0e0c163527479e170fb&muid=k84jmJLAltpb

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/4723166/i/57333099/0/pp/4/1?h=_sxm3dWW0Cx3SyMde27RIIKeQJ0lztBu1KudgDjIU2a2GKJt8z3Ube0S2pVFkIlC&rid=fd068be4-eedb-11ea-b123-d094662f8ab5&tt=Direct&cpm=1&iv=11&fp=6126ecbf9bb2d0e0c163527479e170fb&muid=k84jmJLAltpb

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=paste.co.id&utm_medium=referral&utm_campaign=widgets&utm_content=914924

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3948448/i/126987/0/pp/1/1?h=xa1b2nv5CJg9bwOfp4vRXhrsahgtqkNusNFLkwg_v5YHIlFHYm76JWt6YGAAgY_K&rid=fd051158-eedb-11ea-b123-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&iv=11&fp=6126ecbf9bb2d0e0c163527479e170fb&muid=k84j8Z0ni2pb

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/5097658/i/126987/0/pp/2/1?h=xa1b2nv5CJg9bwOfp4vRXl0u_riJ9EgGbLAC-KMFYCH8B5M_q7h9LYgyUHKFSE0B&rid=fd051158-eedb-11ea-b123-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&iv=11&fp=6126ecbf9bb2d0e0c163527479e170fb&muid=k84j8Z0ni2pb

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3944300/i/126987/0/pp/3/1?h=xa1b2nv5CJg9bwOfp4vRXuG4nYNu5rGzRXD-mEBqVwUwY7HE5xazfAHeBVCE7_zT&rid=fd051158-eedb-11ea-b123-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&iv=11&fp=6126ecbf9bb2d0e0c163527479e170fb&muid=k84j8Z0ni2pb

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/5523139/i/126987/0/pp/4/1?h=xa1b2nv5CJg9bwOfp4vRXn8vHJ7iiG0B-alCPuORMvx8nw-0YFfvoECvS2K5fpsq&rid=fd051158-eedb-11ea-b123-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&iv=11&fp=6126ecbf9bb2d0e0c163527479e170fb&muid=k84j8Z0ni2pb

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=paste.co.id&utm_medium=referral&utm_campaign=widgets&utm_content=997454

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3944302/i/57333101/0/pp/1/1?h=9NORY9iDnt_F_dn8P681k8ftmZESXl0LgAcbye4BZAmY7hKJN9KfxN7wh7z5CCzG&rid=fcfc40e7-eedb-11ea-b123-d094662f8ab5&tt=Direct&cpm=1&iv=11&fp=6126ecbf9bb2d0e0c163527479e170fb

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805664/i/57333101/0/pp/2/1?h=9NORY9iDnt_F_dn8P681k1rQ5HBS4pHoFTALzNGeLwA3Nzm_1wZnSqUdgoKyiRr9&rid=fcfc40e7-eedb-11ea-b123-d094662f8ab5&tt=Direct&cpm=1&iv=11&fp=6126ecbf9bb2d0e0c163527479e170fb

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805477/i/57333101/0/pp/3/1?h=9NORY9iDnt_F_dn8P681k61g5tlcrnWl_HFXG4oYdsnVi4OTnfGW1XVGNFxf0xov&rid=fcfc40e7-eedb-11ea-b123-d094662f8ab5&tt=Direct&cpm=1&iv=11&fp=6126ecbf9bb2d0e0c163527479e170fb

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/5097644/i/57333101/0/pp/4/1?h=9NORY9iDnt_F_dn8P681kz8QVTxtJW7yobEPDNCNhji61FSmI-rcP2A0hNQo3b5T&rid=fcfc40e7-eedb-11ea-b123-d094662f8ab5&tt=Direct&cpm=1&iv=11&fp=6126ecbf9bb2d0e0c163527479e170fb

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/5097656/i/57333101/0/pp/5/1?h=9NORY9iDnt_F_dn8P681k5dP6njUOTVjRZ8OIbhv2cRwPi422LZVQeFlrWtaBgDb&rid=fcfc40e7-eedb-11ea-b123-d094662f8ab5&tt=Direct&cpm=1&iv=11&fp=6126ecbf9bb2d0e0c163527479e170fb

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3859212/i/57333101/0/pp/6/1?h=9NORY9iDnt_F_dn8P681kxIBhbiA5CLe0rwPDynVRqKkiyndzQCXneAvrr6mpfnQ&rid=fcfc40e7-eedb-11ea-b123-d094662f8ab5&tt=Direct&cpm=1&iv=11&fp=6126ecbf9bb2d0e0c163527479e170fb

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=paste.co.id&utm_medium=referral&utm_campaign=widgets&utm_content=997457

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3887977/i/57333104/0/pp/1/1?h=Pvw_0VVHf4SY8NZR1ioX5IZN1UtS_fzuPLvenjuT3OeWhs6IaJ3zbhjYrRvtAthK&rid=fd0162ae-eedb-11ea-a4aa-d09466576dad&tt=Direct&cpm=1&iv=11&fp=6126ecbf9bb2d0e0c163527479e170fb&muid=k84j4HhDdupb

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/4023145/i/57333104/0/pp/2/1?h=Pvw_0VVHf4SY8NZR1ioX5Kf5pg_m0ZvG0YqNh837WHYxQ4R2UHpUxAmQ5UnX4I4l&rid=fd0162ae-eedb-11ea-a4aa-d09466576dad&tt=Direct&cpm=1&iv=11&fp=6126ecbf9bb2d0e0c163527479e170fb&muid=k84j4HhDdupb

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/5097645/i/57333104/0/pp/3/1?h=Pvw_0VVHf4SY8NZR1ioX5EYyYG2uFZnmjteX4AOiTclqoXLydqI8Y0jx65uARhPU&rid=fd0162ae-eedb-11ea-a4aa-d09466576dad&tt=Direct&cpm=1&iv=11&fp=6126ecbf9bb2d0e0c163527479e170fb&muid=k84j4HhDdupb

Search URL Search Domain Scan URL

URL: https://berkas.co/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 85

https://x.bidswitch.net/sync?dsp_id=303&user_id=k84jmJLAltpb HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k84jmJLAltpb HTTP 302
https://pixel.s3xified.com/dspsync/?pid=bidswitch&buid=d47b013a-5c06-447d-b4ec-4b1259b42eb6 HTTP 302
https://b.admedia.com/sync/uid/?uid=ce1083b7b1e0c3bbc7688ced79e1bc08

Request Chain 86

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=cAqTbERC4ijrpd2JDtfb&pi=mgid&tc=1

Request Chain 87

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=d47b013a-5c06-447d-b4ec-4b1259b42eb6 HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=d47b013a-5c06-447d-b4ec-4b1259b42eb6 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=d47b013a-5c06-447d-b4ec-4b1259b42eb6&gdpr=&gdpr_consent=&us_privacy=

Request Chain 89

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=bb7ca047-6bc8-44f3-adcb-5aab8f1d4b0a&ttl=1601835920

Request Chain 90

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=2bd0f0e1-5597-4f4a-b275-ad36029fe8a4

Request Chain 91

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azg0am1KTEFsdHBi&muidn=k84jmJLAltpb HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azg0am1KTEFsdHBi&muidn=k84jmJLAltpb&google_tc= HTTP 302
https://cm.mgid.com/google?muidn=k84jmJLAltpb&google_ula={guid},5&google_gid=CAESEB8cPRJ7uoa7KSwskABQHmk&google_cver=1

Request Chain 101

https://c.mgid.com/c?pv=2&v=0|0|0|YydILjwNO5aK5VDcka1ka3OJJnpqirYfja0u2ApLLkiS2X8pWomaWjHdVP1rS6vC&cid=756446&f=1&h2=QQqqtV8iIRJbOIlEsWXet3iIRCw5aJaSpM4M_SpA4o4*&rid=z3509488zb5920476bcDEcp2ph2020090413h&psid=1_3509488&cp=154&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzM4Mzk0MTQvMzI4eDMyOC84NHgweDc1OHg1MDUvYUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MEx6SXdNVGt0TURjdk1UQXhPVEkwTHpJNE1HVXdaVEl5WVRrME5EZzROVEEzWmpNME16QTJZV001TTJKbE9XTTFMbXB3WldjKi53ZWJw HTTP 301
https://s-img.mgid.com/g/3839414/328x328/84x0x758x505/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzI4MGUwZTIyYTk0NDg4NTA3ZjM0MzA2YWM5M2JlOWM1LmpwZWc%2A.webp

115 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request CGkGxTToTR Show response
paste.co.id/ 80 KB
23 KB 25112ms
24980ms Document
text/html 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.21 PleskLin
Resource Hash: 5faa5a18920800f81775999b3f595c4866880d52d75c05af4561f722ba8daa9c

Request headers

:method: GET
:authority: paste.co.id
:scheme: https
:path: /CGkGxTToTR
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 04 Sep 2020 18:25:18 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=da8fcef12b3ba0dd45c214a5da3b63b761599243893; expires=Sun, 04-Oct-20 18:24:53 GMT; path=/; domain=.paste.co.id; HttpOnly; SameSite=Lax XSRF-TOKEN=eyJpdiI6ImFPVDVXdmxtSWhKWWpFZk56NHh0MFE9PSIsInZhbHVlIjoiREEycW5xVmVtMlE1akxoa013eGtGTkdUNGRSaGtvcDFDVnh5NUpUM2JcL2JqaVR0UVgyT1pCQzM5emRqMThKckEiLCJtYWMiOiI0NmUyODQzMzlhMDljMWRmMTU5OGU2OTg3YmViY2MwYjA3ZjQ1Y2JkM2QzNTQ4NWY2ZWJkZWE0MjAyNTEyMWQ0In0%3D; expires=Fri, 04-Sep-2020 20:25:18 GMT; Max-Age=7200; path=/ pasteshr_session=eyJpdiI6IkxPWE1JNnNLd1wvN1lyVjFZMzRQSEh3PT0iLCJ2YWx1ZSI6IklOc1NJZzVwREhZWTRvYVFOMXI2ellRZ1JZVFFnUTVwNDFDUXdJQkJoMHQzYzV6ZXNpZEJ3ZlJuTVBacjlrS3IiLCJtYWMiOiJjM2VmOWMyNDI4OTFlNWI4ODUzNGMyODAyYzE5ZWNmZWUyYmVmMjE3MDM0YzJmNWUyNTZlN2VkODg5YWRjODdjIn0%3D; expires=Fri, 04-Sep-2020 20:25:18 GMT; Max-Age=7200; path=/; httponly
vary: Accept-Encoding
x-powered-by: PHP/7.3.21 PleskLin
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
cf-cache-status: DYNAMIC
cf-request-id: 04fbf654bd0000c2e59b9ee200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5cd9c0012d3bc2e5-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 2yqJvyfZ1Uh-2lN7LZ_VejZFsEM.js Show response
paste.co.id/cdn-cgi/apps/head/ 15 KB
5 KB 19ms
16ms Script
application/javascript 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/cdn-cgi/apps/head/2yqJvyfZ1Uh-2lN7LZ_VejZFsEM.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 748851c4d2e38c4f7587afb6b6e54dfc26e7329018d27911115f1840e251d4a8

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 5275
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: D0911C5B4E041A66
x-amz-id-2: YMin1C46vzlNUrrfaP6DrYT+OlTNcAKNH9nhUHsuFozpdXeSXEjuqC+jcFccDsXzGTZe5rKsZtI=
last-modified: Thu, 09 Apr 2020 07:01:53 GMT
server: cloudflare
etag: W/"b41983019dc124823e0cbe364e0a102d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: FzzEO.YKJ_vU2aF7romPpg.vx2TIcrhF
cf-request-id: 04fbf6b65c0000c2e59bbf5200000001
cf-ray: 5cd9c09d6c44c2e5-FRA

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 28ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
status: 200
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 bootstrap.min.css
paste.co.id/css/ 138 KB
19 KB 32ms
29ms Stylesheet
text/css 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/bootstrap.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 09 Aug 2020 16:39:12 GMT
server: cloudflare
age: 5276
x-powered-by: PleskLin
etag: W/"22688-5ac747a546840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-ray: 5cd9c09d6c38c2e5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04fbf6b65c0000c2e59bbf0200000001

GET
H2 200 mdb.min.css
paste.co.id/css/ 226 KB
23 KB 28ms
26ms Stylesheet
text/css 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/mdb.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 09 Aug 2020 16:39:12 GMT
server: cloudflare
age: 5275
x-powered-by: PleskLin
etag: W/"38940-5ac747a548780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-ray: 5cd9c09d6c3bc2e5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04fbf6b65c0000c2e59bbf1200000001

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/ 15 KB
2 KB 15ms
13ms Stylesheet
text/css 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/select2.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:18 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 156370
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1624
cf-request-id: 04fbf6b65c0000dfd360a4b200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
etag: "5eb03fcb-3b5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5cd9c09d6cacdfd3-FRA
expires: Wed, 25 Aug 2021 18:25:18 GMT

GET
H2 200 special.min.css
paste.co.id/css/skins/ 3 KB
902 B 16ms
14ms Stylesheet
text/css 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/skins/special.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d801a7aee4bfe2c958fd643f0cbeec4594298233004ada814fbff90eeb0b1c0b

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 09 Aug 2020 16:39:12 GMT
server: cloudflare
age: 5275
x-powered-by: PleskLin
etag: W/"bab-5ac747a548f50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-ray: 5cd9c09d6c3dc2e5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04fbf6b65c0000c2e59bbf2200000001

GET
H2 200 app.min.css
paste.co.id/css/ 648 B
359 B 51ms
50ms Stylesheet
text/css 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/app.min.css?v=1.2
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 09 Aug 2020 16:39:12 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"288-5ac747a548f50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-ray: 5cd9c09d6c40c2e5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04fbf6b65c0000c2e59bbf3200000001

GET
H2 200 prism-okadia.css
paste.co.id/plugins/prismjs/ 9 KB
2 KB 15ms
14ms Stylesheet
text/css 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism-okadia.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 56e69505309ad13371b84dc4c0b215e3ec23919f59c5e61b6ed1add33d28a74b

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 5275
x-powered-by: PleskLin
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04fbf6b65c0000c2e59bbf4200000001
last-modified: Sun, 09 Aug 2020 16:39:13 GMT
server: cloudflare
etag: W/"326d-5ac747a631614"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-polished: origSize=12909
cf-ray: 5cd9c09d6c42c2e5-FRA
cf-bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 34ms
30ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137362802-1

Requested by

Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f56c925bf8086fb43d9399c2ab521c74af90e726a1d5e6eb03d9c431cbc2f8aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35610
x-xss-protection: 0
last-modified: Fri, 04 Sep 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Sep 2020 18:25:19 GMT

GET
H/1.1 200
OK 3509488 Show response
inpagepush.com/400/ 65 KB
24 KB 76ms
24ms Script
application/javascript 139.45.196.10
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3509488

Requested by

Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.10 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

b02a949098843b133472f71077168d06e3d8ac3d45c73ef498325e33e153e4d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 24e5ded97992982b44a34ac8c2939e51
Pragma: no-cache
Date: Fri, 04 Sep 2020 18:25:19 GMT
Content-Encoding: gzip
Vary: Origin
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK ntfc.php Show response
seeptoag.net/ 42 KB
13 KB 55ms
19ms Script
application/javascript 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/ntfc.php?p=3534037
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.145 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: c18b5a5d82547778d1e4a2e0030b223e45891cb9fe4724c59b042b538e731aab

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Sep 2020 18:25:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Sep 2020 08:37:13 GMT
Server: nginx
ETag: W/"5f50ab39-a750"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 default-avatar.png
paste.co.id/img/ 7 KB
7 KB 41ms
38ms Image
image/png 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paste.co.id/img/default-avatar.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
cf-cache-status: HIT
age: 5271
x-powered-by: PleskLin
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6957
cf-request-id: 04fbf6b6bd0000c2e59bbff200000001
last-modified: Sun, 09 Aug 2020 16:39:12 GMT
server: cloudflare
etag: "1b2d-5ac747a5eb4fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 5cd9c09dfd39c2e5-FRA

GET
H2 200 paste.co.id.997452.js Show response
jsc.mgid.com/p/a/ 269 KB
75 KB 75ms
53ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88e4186e955f762fd2c67e13cbd4a749754ae3f473808812f82f57bdb3b7f398

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
content-encoding: br
cf-cache-status: HIT
age: 6149
cf-polished: origSize=275913
status: 200
last-modified: Fri, 04 Sep 2020 04:52:05 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 50698699BE26CD13
x-amz-id-2: o5n73pRzNtOaTbNXcEEZRR4/IfwvGp3EJBUtTxDkFPHcZgyyGVyphQYjQlSi1CHGICLpmX5ucWY=
cf-bgj: minify
server: cloudflare
etag: W/"fb0ad602f6833ee02e491811a48de26c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 04fbf6b6d000000eb31cb5f200000001
cf-ray: 5cd9c09e1d0c0eb3-FRA
expires: Fri, 04 Sep 2020 19:25:19 GMT

GET
H2 200 paste.co.id.914924.js Show response
jsc.mgid.com/p/a/ 269 KB
75 KB 64ms
57ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0af546c3ab1fa9743a046cc27b5c9487afffe61b31f3eb9a8e1e0b3a96d4aed7

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
content-encoding: br
cf-cache-status: HIT
age: 1744
cf-polished: origSize=274994
status: 200
last-modified: Fri, 04 Sep 2020 10:15:30 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 51F1CACAEA482DFA
x-amz-id-2: w48e6sAQ1u6rLLq07yJaoVJhNX3yp5GOjD0JPF+JHCU9cjQm5HbCfd4Q49b3WaBWE0iOUIIiN0o=
cf-bgj: minify
server: cloudflare
etag: W/"3f8feec9c225e535eb81e8cd0e72e56e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 04fbf6b6d000000eb31cb60200000001
cf-ray: 5cd9c09e1d100eb3-FRA
expires: Fri, 04 Sep 2020 19:25:19 GMT

GET
H2 200 paste.co.id.997454.js Show response
jsc.mgid.com/p/a/ 270 KB
76 KB 34ms
32ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.997454.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a32b2ac26cb8ece117c2980fe6f681125cc37c2a3ca792b706075654111e7d3

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
content-encoding: br
cf-cache-status: HIT
age: 6148
cf-polished: origSize=276585
status: 200
last-modified: Fri, 04 Sep 2020 04:55:57 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: D414D5C10EB50EA7
x-amz-id-2: zl6gIzlFgQO2u8de/o0G2UTSU/2u+exI8BiAxa/qr1exSmrG0U1nnbpBPdem6e86KlXdqhW19fc=
cf-bgj: minify
server: cloudflare
etag: W/"c2acb6305b7db42eab7bf6eebdbf4e90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 04fbf6b6d000000eb31cb61200000001
cf-ray: 5cd9c09e1d110eb3-FRA
expires: Fri, 04 Sep 2020 19:25:19 GMT

GET
H2 200 paste.co.id.997457.js Show response
jsc.mgid.com/p/a/ 270 KB
75 KB 47ms
46ms Script
text/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.997457.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3f41ee54a73e18b7c7823ee79e1cd09473d2235c80b1c6b540643b1565ccd7b

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
content-encoding: br
cf-cache-status: HIT
age: 6149
cf-polished: origSize=276553
status: 200
last-modified: Fri, 04 Sep 2020 04:59:04 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: A34B9B7EB30BCE8D
x-amz-id-2: FewlCueTwVJ5lVeFCEpH1V00LVbJRIbp85mPCHpUcV1Gr/FFE8fFiq9BcRecVGPkE3HokslT43U=
cf-bgj: minify
server: cloudflare
etag: W/"57a72be798e8389d6b0fe4e09a57bc0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 04fbf6b6d200000eb31cb62200000001
cf-ray: 5cd9c09e1d190eb3-FRA
expires: Fri, 04 Sep 2020 19:25:19 GMT

GET
H/1.1 200
OK /
www.qrcoder.co.uk/api/v1/ 280 B
555 B 187ms
93ms Image
image/png 109.203.125.88
NODE4-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.qrcoder.co.uk/api/v1/?size=4&text=https%3A%2F%2Fpaste.co.id%2FCGkGxTToTR
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 109.203.125.88 Salford, United Kingdom, ASN31727 (NODE4-AS, GB),
Reverse DNS: server.switchtowood.co.uk
Software: Apache /
Resource Hash: 952a3a45beb94ba95a3db898dfad7225dfe536854f27e0791d279e334c4c8aa4

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Sep 2020 18:25:17 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: 0

GET
H/1.1 200
OK logo.png
berkas.co/ds1/img/ 4 KB
4 KB 162ms
83ms Image
image/png 173.249.18.21
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://berkas.co/ds1/img/logo.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.249.18.21 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: berkas.co
Software: nginx/1.16.1 / RHZ SECURITY
Resource Hash: 5eb58957336c213965803eb8f38617c70deea70a22470a4e66a0712a870e9c09

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 04 Sep 2020 18:25:19 GMT
ETag: "e5e-5a81d91e86dc0"
Last-Modified: Mon, 15 Jun 2020 11:17:19 GMT
Server: nginx/1.16.1
X-Powered-By: RHZ SECURITY
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3678

GET
H2 200 email-decode.min.js Show response
paste.co.id/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
858 B 9ms
8ms Script
application/javascript 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:18 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 01 Sep 2020 23:31:46 GMT
server: cloudflare
etag: W/"5f4ed9e2-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 5cd9c09dac9ec2e5-FRA
cf-request-id: 04fbf6b6840000c2e59bbf7200000001
expires: Sun, 06 Sep 2020 18:25:18 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
29 KB 26ms
26ms Script
application/javascript 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":31536000,"success_fraction":0.01,"include_subdomains":true,"response_headers":["cf-ray"]}
age: 943450
cf-ray: 5cd9c09dbd71dfd3-FRA
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04fbf6b6900000dfd360a4e200000001
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
etag: W/"5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"group":"cf-nel","max_age":31536000,"endpoints":[{"url":"https://www.cloudflare.com/cdn-cgi/beacon/nel-inserter-prod?req_id=pseudo-uid&lkg-colo=fra&lkg-time=1599243919&lkg-ip=2a01:4f8:121:131a::2","weight":90},{"url":"https://gcp.nel.cloudflare.com/report?lkg-colo=fra&lkg-time=1599243919&lkg-ip=2a01:4f8:121:131a::2","weight":10}],"include_subdomains":true}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
timing-allow-origin: *
expires: Wed, 25 Aug 2021 18:25:19 GMT

GET
H2 200 bootstrap.min.js Show response
paste.co.id/js/ 50 KB
13 KB 21ms
21ms Script
application/javascript 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/bootstrap.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 09 Aug 2020 16:39:12 GMT
server: cloudflare
age: 5275
x-powered-by: PleskLin
etag: W/"c75f-5ac747a6131b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-ray: 5cd9c09dbccec2e5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04fbf6b68f0000c2e59bbf8200000001

GET
H2 200 mdb.min.js Show response
paste.co.id/js/ 204 KB
60 KB 59ms
55ms Script
application/javascript 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/mdb.min.js?v=2
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 09 Aug 2020 16:39:12 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"331d6-5ac747a612dcb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-ray: 5cd9c09dfd30c2e5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04fbf6b6bd0000c2e59bbfb200000001

GET
H2 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/ 65 KB
15 KB 19ms
15ms Script
application/javascript 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/select2.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 770056
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15668
cf-request-id: 04fbf6b6bd0000dfd360a5a200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
etag: "5eb03fcb-1042e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5cd9c09dfe17dfd3-FRA
expires: Wed, 25 Aug 2021 18:25:19 GMT

GET
H2 200 ads.js Show response
paste.co.id/js/ 22 B
131 B 15ms
10ms Script
application/javascript 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/ads.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
content-encoding: br
cf-cache-status: HIT
age: 5274
x-powered-by: PleskLin
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04fbf6b6bd0000c2e59bbfc200000001
last-modified: Sun, 09 Aug 2020 16:39:12 GMT
server: cloudflare
etag: W/"16-5ac747a6131b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 5cd9c09dfd34c2e5-FRA
cf-bgj: minify

GET
H2 200 app.min.js Show response
paste.co.id/js/ 1 KB
744 B 64ms
60ms Script
application/javascript 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/app.min.js?v=1.5
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 09 Aug 2020 16:39:12 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"5b0-5ac747a6125fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-ray: 5cd9c09dfd36c2e5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04fbf6b6bd0000c2e59bbfd200000001

GET
H2 200 prism.js Show response
paste.co.id/plugins/prismjs/ 327 KB
113 KB 59ms
55ms Script
application/javascript 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7fb176a5a03a77422ae9f0180501ff1def1dbb2d80888d72f86642d9b575437f

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
content-encoding: br
cf-cache-status: HIT
age: 5274
x-powered-by: PleskLin
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04fbf6b6bd0000c2e59bbfe200000001
last-modified: Sun, 09 Aug 2020 16:39:13 GMT
server: cloudflare
etag: W/"521a1-5ac747a630e44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-polished: origSize=336289
cf-ray: 5cd9c09dfd38c2e5-FRA
cf-bgj: minify

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 43ms
28ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-174907544-1

Requested by

Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

12c584766b6e3d95137e843e8f07b6c4c75a130d016308c906197ef754e886d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35611
x-xss-protection: 0
last-modified: Fri, 04 Sep 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Sep 2020 18:25:19 GMT

GET
H2 200 99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add Show response
lovelydrum.com/ 94 KB
29 KB 318ms
288ms Script
text/javascript 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lovelydrum.com/99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add

Requested by

Host: paste.co.id
URL: https://paste.co.id/cdn-cgi/apps/head/2yqJvyfZ1Uh-2lN7LZ_VejZFsEM.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

111.91.190.35.bc.googleusercontent.com

Software

Resource Hash

bb7b288b4b105bd832d74df2e5e80e99640b7f4d8ab88e979b0e2e9f69f72f5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "b276d3f7f72725e564fa6107001dc8a64e65a0d7af1286e17c06bd54717e8d7e"
vary: Accept-Encoding, Accept-Language
x-hostname: neal
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, must-revalidate, max-age=21600
date: Fri, 04 Sep 2020 18:25:19 GMT
timing-allow-origin: *

GET
H2 200 ODDUj0AVpwTFCkac0C-t0V4Mg-4.js Show response
paste.co.id/cdn-cgi/apps/body/ 150 KB
42 KB 25ms
23ms Script
application/javascript 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/cdn-cgi/apps/body/ODDUj0AVpwTFCkac0C-t0V4Mg-4.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/cdn-cgi/apps/head/2yqJvyfZ1Uh-2lN7LZ_VejZFsEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c84459f0c92349eac14ab94fa19f3dace511b376e32e84cf3b41e96a67730ff

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
content-encoding: br
cf-cache-status: HIT
age: 366740
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8E1693FA779BC9AE
x-amz-id-2: 619oY5EiMWnIH+3ctv2P6OjgUDUSOI3p+Xbg8bokkX+5v8aEF2XW+HRvQDXYNaEXOzk8Nd/4gcc=
last-modified: Thu, 09 Apr 2020 07:01:53 GMT
server: cloudflare
etag: W/"a204e0ca2fbab92074b1b60e5111cc70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: jjfCmrRnJA2UeSB7s0B3k.91AXU7Ac5O
cf-request-id: 04fbf6b6fc0000c2e59b805200000001
cf-ray: 5cd9c09e6debc2e5-FRA

GET
H2 200 Roboto-Light.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 19ms
17ms Font
application/octet-stream 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Light.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
cf-cache-status: HIT
last-modified: Sun, 09 Aug 2020 16:39:12 GMT
server: cloudflare
age: 5273
x-powered-by: PleskLin
etag: "c0e4-5ac747a5a2501"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
status: 200
accept-ranges: bytes
cf-ray: 5cd9c09dfd3bc2e5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49380
cf-request-id: 04fbf6b6be0000c2e59b800200000001

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 277ms
11ms Font
font/woff2 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://paste.co.id
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
status: 200
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 77171

GET
H2 200 Roboto-Regular.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 21ms
20ms Font
application/octet-stream 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Regular.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
cf-cache-status: HIT
last-modified: Sun, 09 Aug 2020 16:39:12 GMT
server: cloudflare
age: 5273
x-powered-by: PleskLin
etag: "c054-5ac747a5a05c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
status: 200
accept-ranges: bytes
cf-ray: 5cd9c09dfd3dc2e5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49236
cf-request-id: 04fbf6b6be0000c2e59b801200000001

GET
H2 200 Roboto-Bold.woff2
paste.co.id/font/roboto/ 49 KB
49 KB 18ms
18ms Font
application/octet-stream 2606:4700:3037::ac43:ae34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Bold.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
cf-cache-status: HIT
last-modified: Sun, 09 Aug 2020 16:39:12 GMT
server: cloudflare
age: 5271
x-powered-by: PleskLin
etag: "c338-5ac747a5a09a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
status: 200
accept-ranges: bytes
cf-ray: 5cd9c09e3da8c2e5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49976
cf-request-id: 04fbf6b6e60000c2e59b804200000001

GET
H2 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/ 10 KB
3 KB 15ms
15ms Script
application/javascript 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/plugins/prismjs/prism.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 769520
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2905
cf-request-id: 04fbf6b8010000dfd360a9c200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
etag: "5eb03e29-29a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5cd9c0a00a2ddfd3-FRA
expires: Wed, 25 Aug 2021 18:25:19 GMT

GET
H/1.1 200
OK zone Show response
seeptoag.net/ 695 B
1 KB 16ms
16ms Fetch
application/json 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/zone?pub=0&zone_id=3534037&is_mobile=false&domain=paste.co.id&var=&ymid=&var_3=

Requested by

Host: seeptoag.net
URL: https://seeptoag.net/ntfc.php?p=3534037

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.145 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

051a0d7cd2f20d6c69537e9f318d4e73081c840bcdbf9d7b46b9b73b02437d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 75d4733276859baeda8f9ca91ddd5942
Date: Fri, 04 Sep 2020 18:25:19 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 695

GET
H/1.1 200
OK universal.min.js Show response
seeptoag.net/pfe/current/ 143 KB
43 KB 46ms
21ms Fetch
application/javascript 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/pfe/current/universal.min.js?v=3.1.259
Requested by: Host: seeptoag.net
URL: https://seeptoag.net/ntfc.php?p=3534037
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.145 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: 78c49b5b6c2475dac10ef696450901f564c076a0ad7ec63aff88f2e21fe51a87

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Sep 2020 18:25:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Sep 2020 08:37:13 GMT
Server: nginx
ETag: W/"5f50ab39-23d8d"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 16ms
14ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a20070fc475f7befb15e531f7212f19fa7502ee9a53fcabf36d42a09ac9260b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Sep 2020 16:36:09 GMT
server: ESF
date: Fri, 04 Sep 2020 18:25:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Sep 2020 18:25:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
647 B 23ms
21ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Sep 2020 17:09:14 GMT
server: ESF
date: Fri, 04 Sep 2020 18:25:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Sep 2020 18:25:19 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 16ms
15ms Image
image/svg+xml 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
content-encoding: br
cf-cache-status: HIT
age: 1294
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 04fbf6b87900000eb31cb81200000001
cf-ray: 5cd9c0a0cb700eb3-FRA

GET
DATA 200
OK truncated
/ 575 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 400cf46f4296c8d1aae202531b893401d905ddd7f9aaaf7aaf52261f0621b24b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

POST get-paste
paste.co.id/ 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137362802-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:46:40 GMT
server: Golfe2
age: 4179
date: Fri, 04 Sep 2020 17:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18323
expires: Fri, 04 Sep 2020 19:15:40 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-174907544-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137362802-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1809608c8bed1d74037ab70a713e9d9abbbd86554db1ebdad4f91a5b936590ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35615
x-xss-protection: 0
last-modified: Fri, 04 Sep 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Sep 2020 18:25:19 GMT

GET
DATA 200
OK truncated
/ 418 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f96c53b9b03f4b4ab67841c2ffd39ec588c945206edb5d8f6e7725859e29f69d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 632 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 09:03:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 379283
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 31 Aug 2021 09:03:56 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/css?family=Open+Sans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 11:04:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 372079
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 31 Aug 2021 11:04:00 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 11:04:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 372077
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Tue, 31 Aug 2021 11:04:02 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 11:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 372079
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Tue, 31 Aug 2021 11:04:00 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 7 KB
7 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 11:04:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:40 GMT
server: sffe
age: 372074
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6720
x-xss-protection: 0
expires: Tue, 31 Aug 2021 11:04:05 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13f49578079ce90bfc63c1d271af36739f07745ff0b709361ad2c1e43e53a39b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 1 Show response
servicer.mgid.com/997454/ 4 KB
2 KB 61ms
60ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997454/1?w=840&h=513&p3_w=271&p3_h=217&cols=3&pv=5&cbuster=1599243919750481728400&uniqId=125d2&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fpaste.co.id%2FCGkGxTToTR&pageView=1&pvid=1745a5da187a5e1bd5b&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997454.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cec490c83327b9bf22796f2f35fad4ee9a4ab75ac264465c3ca9d87a510de05

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Sep 2020 18:25:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5cd9c0a27f6b0eb3-FRA
content-type: application/x-javascript; charset=utf-8
cf-request-id: 04fbf6b98d00000eb31cba3200000001

GET
H2 200 1 Show response
servicer.mgid.com/997457/ 2 KB
1 KB 61ms
60ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997457/1?w=255&h=714&p3_w=252&p3_h=210&cols=1&pv=5&cbuster=1599243919787830382473&uniqId=03114&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fpaste.co.id%2FCGkGxTToTR&pageView=0&pvid=1745a5da1ab9185020e&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997457.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cca5ea0b0ab6dfc5af4b05c1ed939b368a30265963111d2e327d3414592bfc56

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Sep 2020 18:25:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5cd9c0a2bfec0eb3-FRA
content-type: application/x-javascript; charset=utf-8
cf-request-id: 04fbf6b9af00000eb31cba8200000001

GET
H2 200 1 Show response
servicer.mgid.com/914924/ 3 KB
1 KB 61ms
60ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/914924/1?w=844&h=242&cols=2&pv=5&cbuster=1599243919809792931597&uniqId=03516&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fpaste.co.id%2FCGkGxTToTR&pageView=0&pvid=1745a5da1c186e1a9ca&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 059f0145d15c8134718821dbd28d3ee99665d3c01e9ed74c938b28147ec53b36

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Sep 2020 18:25:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5cd9c0a2d8570eb3-FRA
content-type: application/x-javascript; charset=utf-8
cf-request-id: 04fbf6b9c400000eb31cbaf200000001

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 58ms
57ms Script
application/x-javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?w=840&h=233&p3_w=201&p3_h=189&cols=4&pv=5&cbuster=1599243919821844166048&uniqId=0e4cb&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fpaste.co.id%2FCGkGxTToTR&pageView=0&pvid=1745a5da1cda9abb271&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 268df04b4a2afd38f5f5ff35f4136a5f9c564f11581b36541276b5356f861966

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Sep 2020 18:25:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5cd9c0a2e88c0eb3-FRA
content-type: application/x-javascript; charset=utf-8
cf-request-id: 04fbf6b9d100000eb31cbb4200000001

GET
H/1.1 200
OK gid.js Show response
my.rtmark.net/ 65 B
769 B 54ms
12ms XHR
application/json 139.45.195.41
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.41 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

9f8491a686cb13a6697b61d123639392d9702c3c98cf5e1fd6b211c9b4031fe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 04 Sep 2020 18:25:19 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 65

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
62 B 13ms
13ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&a=1381408023&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2FCGkGxTToTR&ul=en-us&de=UTF-8&dt=Untitled%20-%20Paste.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1392693300&gjid=782806880&cid=1108760184.1599243920&tid=UA-137362802-1&_gid=469310311.1599243920&_r=1&gtm=2ou8q1&z=1901097364

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Sep 2020 18:25:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
23 B 13ms
13ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&a=1381408023&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2FCGkGxTToTR&ul=en-us&de=UTF-8&dt=Untitled%20-%20Paste.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUABAAAAAC~&jid=1321049042&gjid=376768414&cid=1108760184.1599243920&tid=UA-174907544-1&_gid=469310311.1599243920&_r=1&gtm=2ou8q1&z=1047528444

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Sep 2020 18:25:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK 3509488
inpagepush.com/500/ Frame 0
0 54ms
13ms Other 139.45.196.10
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3509488?excludes=&oaid=c6156819ed5b4bd0acd1124e34370a31&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fpaste.co.id%2FCGkGxTToTR&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

HTTP/1.1

Server

139.45.196.10 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Fri, 04 Sep 2020 18:25:19 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Max-Age: 300
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *

GET
H/1.1 200
OK 3509488 Show response
inpagepush.com/500/ 2 KB
2 KB 182ms
182ms XHR
application/javascript 139.45.196.10
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.10 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

02ca433dd55527dba12a0615f2b5d789b7a99c6847d827cd2dd47c365fa12910

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 04 Sep 2020 18:25:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 70151bdea68526881aa61e8502baa557
Pragma: no-cache
Server: nginx
Vary: Origin
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
967 B 78ms
77ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1599243919891146647973
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997454.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78674fa5d343d5e6400deecd78f58de346a22a82b6b95e602f3b2ed191b915cb

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 18172c6f-8218-4f4b-98bf-852ad7e301b2
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04fbf6ba1600000eb31cbbc200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5cd9c0a3598e0eb3-FRA

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 7618 19 B
469 B 71ms
71ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1599243919897121298846
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997454.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 92e1a6bb-9d9e-47a8-9f98-5d8dab9fd92a
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04fbf6ba1c00000eb31cbbd200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5cd9c0a369b80eb3-FRA

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzBmYjljY2MzODFkZGQxN2ZkNjNkYjY1MzVhMDlmN2ZlLmpwZWc*.webp
s-img.mgid.com/g/3944302/492x277/0x32x960x640/ 22 KB
22 KB 19ms
15ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3944302/492x277/0x32x960x640/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzBmYjljY2MzODFkZGQxN2ZkNjNkYjY1MzVhMDlmN2ZlLmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd09f215a9fad075a41bc52634b9713c8a17089e68f05704d8a14f235fe56488

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
cf-cache-status: HIT
age: 5109545
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22308
cf-request-id: 04fbf6ba2900000eb31cbc1200000001
last-modified: Tue, 07 Jul 2020 14:11:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5cd9c0a379e80eb3-FRA

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp
s-img.mgid.com/g/3805664/492x277/0x0x640x426/ 20 KB
20 KB 21ms
18ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805664/492x277/0x0x640x426/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65929752eb8a28b0c4ea1f3410a1dacbdf0f5371295cbb95774956a2bfc0d867

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
cf-cache-status: HIT
x-mg-request-uuid: 55f2d84f-8be8-4d4d-97fa-6a88b5a0ba47
age: 4356240
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20486
cf-request-id: 04fbf6ba2900000eb31cbc3200000001
last-modified: Wed, 15 Jul 2020 08:04:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5cd9c0a379ec0eb3-FRA

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE3MzIyNDdmN2U2MzM1YTA3OWUxYzVkNGZiYjE1OGYxLmpwZz90PTE0OTc5ODEzMDQ3OTE*.webp
s-img.mgid.com/g/3805477/492x277/0x25x1024x682/ 31 KB
31 KB 20ms
16ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805477/492x277/0x25x1024x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE3MzIyNDdmN2U2MzM1YTA3OWUxYzVkNGZiYjE1OGYxLmpwZz90PTE0OTc5ODEzMDQ3OTE*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3189fc8f89dceca8e0beea9485d5c88f24c07ab8368ca8d5f69881face3f6af

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
cf-cache-status: HIT
age: 5109825
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31674
cf-request-id: 04fbf6ba2900000eb31cbc4200000001
last-modified: Tue, 07 Jul 2020 15:01:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5cd9c0a379ee0eb3-FRA

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc*.webp
s-img.mgid.com/g/5097644/492x277/98x0x926x617/ 28 KB
28 KB 22ms
19ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097644/492x277/98x0x926x617/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33586aca39bc21fa9ecfc3d422c8896796493e9d3194a0b44acac66135ef30fb

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
cf-cache-status: HIT
age: 5110631
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28440
cf-request-id: 04fbf6ba2900000eb31cbc2200000001
last-modified: Tue, 07 Jul 2020 14:45:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5cd9c0a379ea0eb3-FRA

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2Q2YTk3ODEwNjRkMTRlMWI3ZWQ0YTM4ZTM0NTliNGQwLmpwZWc*.webp
s-img.mgid.com/g/5097656/492x277/12x0x974x649/ 13 KB
13 KB 20ms
17ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097656/492x277/12x0x974x649/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2Q2YTk3ODEwNjRkMTRlMWI3ZWQ0YTM4ZTM0NTliNGQwLmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb8a23205940d802b7d753d5ed0fd9882dd82497faf13ab88b97e1456c8cde61

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
cf-cache-status: HIT
x-mg-request-uuid: 3392a77c-fc2d-4cb8-a1ec-aa1f946219e4
age: 4335508
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12956
cf-request-id: 04fbf6ba2900000eb31cbc5200000001
last-modified: Tue, 14 Jul 2020 07:29:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5cd9c0a379ef0eb3-FRA

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2YxMzYwMmJkNzdjYzk1ZTlkMDM0Mjg0ZGUzMGM2NGI3LmpwZWc*.webp
s-img.mgid.com/g/3859212/492x277/0x0x1001x667/ 30 KB
31 KB 28ms
26ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3859212/492x277/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2YxMzYwMmJkNzdjYzk1ZTlkMDM0Mjg0ZGUzMGM2NGI3LmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d9872802fb3827c82e49a61b9059876ff1ae2d55dbde99dfbfd738798e35a56

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
cf-cache-status: HIT
age: 5110693
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31216
cf-request-id: 04fbf6ba2900000eb31cbc0200000001
last-modified: Tue, 07 Jul 2020 14:12:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5cd9c0a379e60eb3-FRA

GET
H2 200 widget-ssp-performance
c.mgid.com/ 43 B
157 B 141ms
138ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/widget-ssp-performance?time=63
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Sep 2020 18:25:20 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5cd9c0a379f10eb3-FRA
content-type: image/gif
cf-request-id: 04fbf6ba2900000eb31cbc6200000001

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzFhOWQzMDlmMGFiMDMxMzNkZjA0ZjIwNjBhMjkzOWMxLmpwZWc*.webp
s-img.mgid.com/g/3887977/492x277/0x0x857x571/ 34 KB
34 KB 16ms
13ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3887977/492x277/0x0x857x571/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzFhOWQzMDlmMGFiMDMxMzNkZjA0ZjIwNjBhMjkzOWMxLmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0d25d2b35292e46461a69b23109412ee47d611bc2d4bddb7a4b818e421776a4

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
cf-cache-status: HIT
x-mg-request-uuid: 4e7fe75e-819b-4436-a553-70c952232f96
age: 4352046
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35044
cf-request-id: 04fbf6ba3b00000eb31cbc7200000001
last-modified: Thu, 16 Jul 2020 09:31:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5cd9c0a39a280eb3-FRA

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzRjNmE3MjE5NzJlMjRhNWRlNzZlYzM3ODRlODkyMmIxLmpwZWc*.webp
s-img.mgid.com/g/4023145/492x277/0x0x1281x854/ 18 KB
18 KB 19ms
17ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4023145/492x277/0x0x1281x854/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzRjNmE3MjE5NzJlMjRhNWRlNzZlYzM3ODRlODkyMmIxLmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13ef0bf18e275f7f6202e6fd998ddc7931445bdbaf2a51a0c18a9e3c3cffd8a7

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
cf-cache-status: HIT
age: 5109151
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18162
cf-request-id: 04fbf6ba3c00000eb31cbc8200000001
last-modified: Tue, 07 Jul 2020 15:12:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5cd9c0a39a290eb3-FRA

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc*.webp
s-img.mgid.com/g/5097645/492x277/0x0x980x653/ 21 KB
21 KB 20ms
18ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097645/492x277/0x0x980x653/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b92d97989adcd2bca6ee79f570e47c1ac045b1d4fe324470a780d14785e3862

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
cf-cache-status: HIT
age: 5109345
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21094
cf-request-id: 04fbf6ba3c00000eb31cbc9200000001
last-modified: Tue, 07 Jul 2020 15:09:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5cd9c0a39a2a0eb3-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
84 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j85&tid=UA-137362802-1&cid=1108760184.1599243920&jid=1392693300&gjid=782806880&_gid=469310311.1599243920&_u=IEBAAUAAAAAAAC~&z=835885209

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 04 Sep 2020 18:25:19 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzZmNDBhMzZlNGJjMzgzNGY4ZTI3N2QyYTU3NGJlYzdkLmpwZWc*.webp
s-img.mgid.com/g/3948448/370x200/0x28x600x400/ 7 KB
7 KB 20ms
19ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3948448/370x200/0x28x600x400/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzZmNDBhMzZlNGJjMzgzNGY4ZTI3N2QyYTU3NGJlYzdkLmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbf8d7df1ce4926456802966ff69d91d598fa67989d2015f69e6eba4dd0b2992

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
cf-cache-status: HIT
age: 11532229
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7502
cf-request-id: 04fbf6ba4500000eb31cbd3200000001
last-modified: Wed, 22 Apr 2020 10:48:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5cd9c0a3aa680eb3-FRA
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzZkNjRkNGQ2NDhhMWFiMDFlYzk0YWYyZDgzNjBiM2NmLnBuZw**.webp
s-img.mgid.com/g/5097658/370x200/0x105x650x433/ 8 KB
8 KB 15ms
14ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097658/370x200/0x105x650x433/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzZkNjRkNGQ2NDhhMWFiMDFlYzk0YWYyZDgzNjBiM2NmLnBuZw**.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37bc205e95cbc93ad5b75fb2de5e0c9ac025155ce1618de86ace9692265565d7

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
cf-cache-status: HIT
age: 17815753
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7692
cf-request-id: 04fbf6ba4500000eb31cbd4200000001
last-modified: Tue, 11 Feb 2020 13:36:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5cd9c0a3aa6b0eb3-FRA
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzQ4OGE2ZmQwOWE1MWNjNzViM2I5MzAzMDZiNTQ5ODRkLmpwZWc*.webp
s-img.mgid.com/g/3944300/370x200/0x0x900x600/ 8 KB
8 KB 14ms
13ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3944300/370x200/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzQ4OGE2ZmQwOWE1MWNjNzViM2I5MzAzMDZiNTQ5ODRkLmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bc99f657ddd0c8646e53561f87e16ed1ef01f4791a022168ea12f7238a3a9e2

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
cf-cache-status: HIT
age: 26737267
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7768
cf-request-id: 04fbf6ba4500000eb31cbd5200000001
last-modified: Thu, 31 Oct 2019 07:24:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5cd9c0a3aa6d0eb3-FRA
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc*.webp
s-img.mgid.com/g/5523139/370x200/135x0x1062x708/ 11 KB
11 KB 18ms
18ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5523139/370x200/135x0x1062x708/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dab6296896d324a3cda9b0dab28f28bad911c784edca7931c6c32316e2ebdebd

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
cf-cache-status: HIT
age: 12969078
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10904
cf-request-id: 04fbf6ba4a00000eb31cbd6200000001
last-modified: Tue, 07 Apr 2020 15:54:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5cd9c0a3aa7c0eb3-FRA
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzZjOGFhZTg3NzczZjM0MTc4ZDU0N2RiZDI3OTQwYzNhLmpwZWc*.webp
s-img.mgid.com/g/3835476/492x328/248x0x1353x902/ 9 KB
9 KB 13ms
12ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3835476/492x328/248x0x1353x902/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzZjOGFhZTg3NzczZjM0MTc4ZDU0N2RiZDI3OTQwYzNhLmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2104fee084a6ebc2e2e873b48acb96f4693825bd72f382b621537d7c534926dd

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
cf-cache-status: HIT
age: 11051577
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9462
cf-request-id: 04fbf6ba4f00000eb31cbd7200000001
last-modified: Mon, 08 Jul 2019 12:49:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5cd9c0a3ba950eb3-FRA
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2YxMzYwMmJkNzdjYzk1ZTlkMDM0Mjg0ZGUzMGM2NGI3LmpwZWc*.webp
s-img.mgid.com/g/3859212/492x328/0x0x1001x667/ 33 KB
33 KB 15ms
15ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3859212/492x328/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2YxMzYwMmJkNzdjYzk1ZTlkMDM0Mjg0ZGUzMGM2NGI3LmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81c1fe535f45c0f4851a9df546d55e3d7f2186147a61983ed0fd3f7899479b95

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
cf-cache-status: HIT
age: 26812763
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33544
cf-request-id: 04fbf6ba4f00000eb31cbd8200000001
last-modified: Wed, 30 Oct 2019 06:25:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5cd9c0a3ba980eb3-FRA
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc*.webp
s-img.mgid.com/g/6288128/492x328/0x155x900x600/ 7 KB
7 KB 15ms
15ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/6288128/492x328/0x155x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89c715bab749f2438367b405207f80871f7df7d1d429fed4f6d103344759c8ed

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
cf-cache-status: HIT
x-mg-request-uuid: 1361b395-bf9a-488e-bb7c-504b500a6fa7
age: 2290176
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7490
cf-request-id: 04fbf6ba5300000eb31cbd9200000001
last-modified: Thu, 09 Jul 2020 16:55:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5cd9c0a3baaa0eb3-FRA

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzNiZTYwMGM4MzU5ZDliMDJiMWViZmM0Nzk4YjRkMzhkLmpwZWc*.webp
s-img.mgid.com/g/4723166/492x328/0x0x1439x959/ 46 KB
46 KB 13ms
13ms Image
image/webp 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4723166/492x328/0x0x1439x959/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzNiZTYwMGM4MzU5ZDliMDJiMWViZmM0Nzk4YjRkMzhkLmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bc26ffbbdab37451a24e6feccf6bcb434aef96ea721f502555eb02fe00f7255

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:19 GMT
cf-cache-status: HIT
age: 22786929
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46770
cf-request-id: 04fbf6ba5300000eb31cbda200000001
last-modified: Mon, 16 Dec 2019 00:39:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5cd9c0a3baab0eb3-FRA
cf-bgj: h2pri

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 18ms
17ms Image
image/gif 2a00:1450:4001:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j85&tid=UA-137362802-1&cid=1108760184.1599243920&jid=1392693300&_u=IEBAAUAAAAAAAC~&z=372206866

Requested by

Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Sep 2020 18:25:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 19ms
18ms Image
image/gif 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j85&tid=UA-137362802-1&cid=1108760184.1599243920&jid=1392693300&_u=IEBAAUAAAAAAAC~&z=372206866

Requested by

Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Sep 2020 18:25:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Bqfexc Show response
ad.doubleclick.net/ddm/adj/Aafc/ 11 B
653 B 42ms
16ms Script
text/javascript 172.217.22.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/Aafc/Bqfexc

Requested by

Host: lovelydrum.com
URL: https://lovelydrum.com/99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Sep 2020 18:25:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 2896
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

62ms
19ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?cbuster=1599243919891146647973
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://paste.co.id/CGkGxTToTR
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/CGkGxTToTR

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 19 Aug 2020 18:23:01 GMT
Content-Encoding: gzip
Content-Length: 9455
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=75831
Expires: Sat, 05 Sep 2020 15:29:11 GMT
Date: Fri, 04 Sep 2020 18:25:20 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Fri, 04 Sep 2020 18:25:20 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

/
b.admedia.com/sync/uid/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=k84jmJLAltpb
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k84jmJLAltpb
https://pixel.s3xified.com/dspsync/?pid=bidswitch&buid=d47b013a-5c06-447d-b4ec-4b1259b42eb6
https://b.admedia.com/sync/uid/?uid=ce1083b7b1e0c3bbc7688ced79e1bc08

0
317 B

599ms
147ms

Image
text/html

204.44.79.1
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.admedia.com/sync/uid/?uid=ce1083b7b1e0c3bbc7688ced79e1bc08
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.44.79.1 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 204.44.79.1.static.quadranet.com
Software: nginx / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 04 Sep 2020 18:25:20 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.3.3
Transfer-Encoding: chunked
Content-Type: text/html

Redirect headers

Location: //b.admedia.com/sync/uid/?uid=ce1083b7b1e0c3bbc7688ced79e1bc08
Date: Fri, 04 Sep 2020 18:25:20 GMT
Server: openresty
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=cAqTbERC4ijrpd2JDtfb&pi=mgid&tc=1

43 B
395 B

131ms
130ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=cAqTbERC4ijrpd2JDtfb&pi=mgid&tc=1
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Sep 2020 18:25:20 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 65881dbd-b58a-4550-95c2-313a4e503ec8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5cd9c0a48cfa0eb3-FRA
content-type: image/gif
cf-request-id: 04fbf6bad700000eb31cbe1200000001
server: cloudflare

Redirect headers

status: 302
pragma: no-cache
date: Fri, 04 Sep 2020 18:25:20 GMT, Fri, 04 Sep 2020 18:25:20 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://cm.mgid.com/m?cdsp=501037&c=cAqTbERC4ijrpd2JDtfb&pi=mgid&tc=1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=d47b013a-5c06-447d-b4ec-4b1259b42eb6
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=d47b013a-5c06-447d-b4ec-4b1259b42eb6
https://cm.mgid.com/m?cdsp=433145&c=d47b013a-5c06-447d-b4ec-4b1259b42eb6&gdpr=&gdpr_consent=&us_privacy=

43 B
292 B

101ms
100ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=d47b013a-5c06-447d-b4ec-4b1259b42eb6&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Sep 2020 18:25:20 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 417b45bb-1a58-4438-bb29-c1ec176997f6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5cd9c0a50e0f0eb3-FRA
content-type: image/gif
cf-request-id: 04fbf6bb2800000eb31cbeb200000001
server: cloudflare

Redirect headers

status: 302
date: Fri, 04 Sep 2020 18:25:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //cm.mgid.com/m?cdsp=433145&c=d47b013a-5c06-447d-b4ec-4b1259b42eb6&gdpr=&gdpr_consent=&us_privacy=
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
555 B 81ms
60ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=k84jmJLAltpb
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Sep 2020 18:25:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5cd9c0a42de83258-FRA
content-type: image/gif
cf-request-id: 04fbf6ba950000325820014200000001

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=bb7ca047-6bc8-44f3-adcb-5aab8f1d4b0a&ttl=1601835920

43 B
292 B

73ms
72ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=bb7ca047-6bc8-44f3-adcb-5aab8f1d4b0a&ttl=1601835920
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Sep 2020 18:25:20 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: e4e98607-4a0d-436c-ad17-584f07ad9c6d
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5cd9c0a4fdd10eb3-FRA
content-type: image/gif
cf-request-id: 04fbf6bb1700000eb31cbe6200000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Fri, 04 Sep 2020 18:25:20 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=bb7ca047-6bc8-44f3-adcb-5aab8f1d4b0a&ttl=1601835920
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=2bd0f0e1-5597-4f4a-b275-ad36029fe8a4

43 B
606 B

60ms
60ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=2bd0f0e1-5597-4f4a-b275-ad36029fe8a4
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Sep 2020 18:25:20 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 57c090c3-9003-44b9-8264-3fbd0b84634c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5cd9c0a8ae680eb3-FRA
content-type: image/gif
cf-request-id: 04fbf6bd6700000eb31c81c200000001
server: cloudflare

Redirect headers

date: Fri, 04 Sep 2020 18:25:20 GMT
via: 1.1 google
status: 302
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: //cm.mgid.com/m?cdsp=287839&c=2bd0f0e1-5597-4f4a-b275-ad36029fe8a4
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azg0am1KTEFsdHBi&muidn=k84jmJLAltpb
https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azg0am1KTEFsdHBi&muidn=k84jmJLAltpb&google_tc=
https://cm.mgid.com/google?muidn=k84jmJLAltpb&google_ula={guid},5&google_gid=CAESEB8cPRJ7uoa7KSwskABQHmk&google_cver=1

0
108 B

89ms
88ms

Image
text/plain

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=k84jmJLAltpb&google_ula={guid},5&google_gid=CAESEB8cPRJ7uoa7KSwskABQHmk&google_cver=1
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Sep 2020 18:25:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5cd9c0a4edaa0eb3-FRA
content-type: text/plain
cf-request-id: 04fbf6bb0f00000eb31cbe4200000001

Redirect headers

pragma: no-cache
date: Fri, 04 Sep 2020 18:25:20 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=k84jmJLAltpb&google_ula={guid},5&google_gid=CAESEB8cPRJ7uoa7KSwskABQHmk&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
328 B 155ms
47ms Image
image/gif 23.105.245.4
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=k84jmJLAltpb
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.105.245.4 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Sep 2020 18:25:20 GMT
server: nginx/1.19.0
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

OPTIONS
H/1.1 200
OK custom
seeptoag.net/ Frame 0
0 12ms
12ms Other
text/plain 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.145 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Fri, 04 Sep 2020 18:25:20 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
seeptoag.net/ 39 B
486 B 24ms
24ms Fetch
application/json 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.145 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 44216981f57897bc9a6e82e8c89de099
Date: Fri, 04 Sep 2020 18:25:20 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H/1.1 200
OK gid.js Show response
my.rtmark.net/ 65 B
769 B 62ms
13ms Fetch
application/json 139.45.195.41
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=62ff747f98c64af29c77070e46def222&zoneId=3534037&checkDuplicate=true&ymid=&var=

Requested by

Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.41 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

a2ba5765e7abca8c074d9cc48128980054aeb13fe5530774c5413071e52e5847

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 04 Sep 2020 18:25:20 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 65

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame F19B 0
0 26ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: lovelydrum.com
URL: https://lovelydrum.com/99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/CGkGxTToTR
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/CGkGxTToTR

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1479
date: Fri, 28 Aug 2020 20:53:06 GMT
expires: Sat, 28 Aug 2021 20:53:06 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 595934
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK defaultSkin.min.js Show response
seeptoag.net/pfe/current/ 56 KB
19 KB 16ms
15ms Fetch
application/javascript 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/pfe/current/defaultSkin.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.145 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Sep 2020 18:25:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Sep 2020 08:37:13 GMT
Server: nginx
ETag: W/"5f50ab39-de6b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ Frame 002B 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H/1.1 200
OK custom
seeptoag.net/ Frame 0
0 13ms
12ms Other
text/plain 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.145 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Fri, 04 Sep 2020 18:25:20 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
seeptoag.net/ 39 B
486 B 13ms
13ms Fetch
application/json 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.145 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 43c083dfcb4e695dc20da92ae3d2d762
Date: Fri, 04 Sep 2020 18:25:20 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H2

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzI4MGUwZTIyYTk0NDg4NTA3ZjM0MzA2YWM5M2JlOWM1LmpwZWc%2A.webp
s-img.mgid.com/g/3839414/328x328/84x0x758x505/
Redirect Chain

https://c.mgid.com/c?pv=2&v=0|0|0|YydILjwNO5aK5VDcka1ka3OJJnpqirYfja0u2ApLLkiS2X8pWomaWjHdVP1rS6vC&cid=756446&f=1&h2=QQqqtV8iIRJbOIlEsWXet3iIRCw5aJaSpM4M_SpA4o4*&rid=z3509488zb5920476bcDEcp2ph20200...
https://s-img.mgid.com/g/3839414/328x328/84x0x758x505/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzI4MGUwZTIyYTk0NDg4NTA3ZjM0MzA2YWM5M2JlOWM1LmpwZWc%2A.webp

13 KB
13 KB

14ms
13ms

Image
image/webp

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3839414/328x328/84x0x758x505/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzI4MGUwZTIyYTk0NDg4NTA3ZjM0MzA2YWM5M2JlOWM1LmpwZWc%2A.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4eb059f82621ff9c90befd73e75fc63a91a8c3e266ead8f83eceea229418f47d

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:20 GMT
cf-cache-status: HIT
age: 10438637
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13634
cf-request-id: 04fbf6bb9b00000eb31c806200000001
last-modified: Wed, 06 May 2020 16:26:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5cd9c0a5cffb0eb3-FRA

Redirect headers

pragma: no-cache
date: Fri, 04 Sep 2020 18:25:20 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 090aa7f2-726b-47b6-b709-02fedf6fc7b3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 301
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.mgid.com/g/3839414/328x328/84x0x758x505/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzI4MGUwZTIyYTk0NDg4NTA3ZjM0MzA2YWM5M2JlOWM1LmpwZWc%2A.webp
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5cd9c0a4fdce0eb3-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 04fbf6bb1700000eb31cbe5200000001
server: cloudflare

OPTIONS
H/1.1 200
OK custom
seeptoag.net/ Frame 0
0 12ms
12ms Other
text/plain 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.145 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Fri, 04 Sep 2020 18:25:20 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 127 KB
45 KB 43ms
22ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a0f7761790e964223c8299bd3615a2562180ecb15d44bf76c15a71c169af40a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 44921
x-xss-protection: 0
server: cafe
etag: 15793246537056150374
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 04 Sep 2020 18:25:21 GMT

POST
H/1.1 200
OK custom Show response
seeptoag.net/ 39 B
486 B 14ms
14ms Fetch
application/json 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/CGkGxTToTR

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.145 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 0645adc74af9c2b353b7e9adee335911
Date: Fri, 04 Sep 2020 18:25:21 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H2 200 v2iux8jklq7hp3VAXgqD3a1b4nyjZgRkd5QJrgE0kQZvXHYHt8UTmH63r5OHnzacZRIZfcI8 Show response
lovelydrum.com/ 216 B
607 B 56ms
19ms Fetch
application/json 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lovelydrum.com/v2iux8jklq7hp3VAXgqD3a1b4nyjZgRkd5QJrgE0kQZvXHYHt8UTmH63r5OHnzacZRIZfcI8

Requested by

Host: lovelydrum.com
URL: https://lovelydrum.com/99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

111.91.190.35.bc.googleusercontent.com

Software

Resource Hash

c9b13eef8bf431a60a45429656e3017c42f747530377ddd404c46b7bb7b32515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
status: 200
date: Fri, 04 Sep 2020 18:25:21 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: neal
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Fri, 04 Sep 2020 18:25:20 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
890 B 35ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=paste.co.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Sep 2020 18:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
890 B 36ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paste.co.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Sep 2020 18:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200831/r20190131/ 228 KB
86 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200831/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab1bc0fc9d97fbc0dbeb5170601f9e3ec9d35545f900f174bfe9390ac009f6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87707
x-xss-protection: 0
server: cafe
etag: 3465727129889255062
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Sep 2020 18:25:21 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200831/r20190131/ Frame 48B4 0
0 6ms
5ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200831/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200831/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/CGkGxTToTR
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmkdR0nQzowEMpCyt36kXWVr9TZpZKFJAmNPmVseIH4Ojv9ZdHdfD1yW9Sm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/CGkGxTToTR

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 31 Aug 2020 20:11:25 GMT
expires: Mon, 14 Sep 2020 20:11:25 GMT
content-type: text/html; charset=UTF-8
etag: 9704104221650600920
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4744
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 339236
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 c
c.mgid.com/ 43 B
289 B 131ms
131ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=252|142|24|Pvw_0VVHf4SY8NZR1ioX5IZN1UtS_fzuPLvenjuT3OeWhs6IaJ3zbhjYrRvtAthK&fw=1&extjs=66046&imgdim=1&cid=997457&h2=QQqqtV8iIRJbOIlEsWXet3iIRCw5aJaSpM4M_SpA4o4*&rid=fd0162ae-eedb-11ea-a4aa-d09466576dad&tt=Direct&pageImp=1&muid=k84j4HhDdupb&cbuster=1599243921082481829011&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Sep 2020 18:25:21 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 75a0ce4b-5242-432b-982f-f037183795a1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5cd9c0aacbda0eb3-FRA
content-type: image/gif
cf-request-id: 04fbf6bebe00000eb31c834200000001
server: cloudflare

GET
H3-Q050 403 ads
googleads.g.doubleclick.net/pagead/ Frame FE47 0
0 28ms
27ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1599243921&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&tp=site_kit&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fpaste.co.id%2FCGkGxTToTR&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1599243921043&bpp=10&bdt=2111&idt=46&shv=r20200831&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5560910529387&frm=20&pv=2&ga_vid=1108760184.1599243920&ga_sid=1599243921&ga_hid=1381408023&ga_fc=0&iag=0&icsg=4222127335076850&dssz=43&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723322%2C21066647%2C21066944%2C21067105&oid=3&pvsid=3714611282137937&pem=594&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=57

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200831/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1599243921&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&tp=site_kit&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fpaste.co.id%2FCGkGxTToTR&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1599243921043&bpp=10&bdt=2111&idt=46&shv=r20200831&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5560910529387&frm=20&pv=2&ga_vid=1108760184.1599243920&ga_sid=1599243921&ga_hid=1381408023&ga_fc=0&iag=0&icsg=4222127335076850&dssz=43&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723322%2C21066647%2C21066944%2C21067105&oid=3&pvsid=3714611282137937&pem=594&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=57
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/CGkGxTToTR
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmkdR0nQzowEMpCyt36kXWVr9TZpZKFJAmNPmVseIH4Ojv9ZdHdfD1yW9Sm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/CGkGxTToTR

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Sep 2020 18:25:21 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 46ms
32ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200831&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200831/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37b5fbe37b61da6f006c1edf54ed50ad1bd082a2f3862fe016111f6077da8485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Sep 2020 18:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6490
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200831/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

330798625ce3468cc078ba28574ec8651fd742c9f70673c29333f9a9683a2a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1599152861011880"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27492
x-xss-protection: 0
expires: Fri, 04 Sep 2020 18:25:21 GMT

GET
H2 200 c
c.mgid.com/ 43 B
155 B 137ms
137ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=202|134|40|_sxm3dWW0Cx3SyMde27RIOOP0X3D-tCRoiIKZWfwg7KidjcWEhIogCP4pVR8oOtR&fw=1&extjs=66046&v=202|134|8|_sxm3dWW0Cx3SyMde27RIBIBhbiA5CLe0rwPDynVRqL2LYYSkeILsTMuoIn1D0YW&v=202|134|8|_sxm3dWW0Cx3SyMde27RIIKeQJ0lztBu1KudgDjIU2a2GKJt8z3Ube0S2pVFkIlC&v=202|134|8|_sxm3dWW0Cx3SyMde27RICWRMIyTNNAUKGA9XE6aD5s8V7ssTLA7CHX4wsDsU3_C&imgdim=1&cid=997452&h2=QQqqtV8iIRJbOIlEsWXet3iIRCw5aJaSpM4M_SpA4o4*&rid=fd068be4-eedb-11ea-b123-d094662f8ab5&tt=Direct&pageImp=0&muid=k84j4HhDdupb&cbuster=1599243921115974266316&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Sep 2020 18:25:21 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 8c59ce50-c49b-4359-9f33-b9b4991d971e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5cd9c0ab0c660eb3-FRA
content-type: image/gif
cf-request-id: 04fbf6bee200000eb31c839200000001
server: cloudflare

GET
H2 200 c
c.mgid.com/ 43 B
155 B 166ms
166ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=153|83|8|xa1b2nv5CJg9bwOfp4vRXuG4nYNu5rGzRXD-mEBqVwUwY7HE5xazfAHeBVCE7_zT&fw=1&extjs=66046&v=153|83|8|xa1b2nv5CJg9bwOfp4vRXl0u_riJ9EgGbLAC-KMFYCH8B5M_q7h9LYgyUHKFSE0B&v=153|83|8|xa1b2nv5CJg9bwOfp4vRXhrsahgtqkNusNFLkwg_v5YHIlFHYm76JWt6YGAAgY_K&v=153|83|8|xa1b2nv5CJg9bwOfp4vRXn8vHJ7iiG0B-alCPuORMvx8nw-0YFfvoECvS2K5fpsq&imgdim=1&cid=914924&h2=QQqqtV8iIRJbOIlEsWXet3iIRCw5aJaSpM4M_SpA4o4*&rid=fd051158-eedb-11ea-b123-d094662f8ab5&tt=Direct&pageImp=0&muid=k84j4HhDdupb&cbuster=1599243921117447943996&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Sep 2020 18:25:21 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: dfdf37c8-2ce9-4879-9611-d9d4ba2c3fd5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5cd9c0ab0c670eb3-FRA
content-type: image/gif
cf-request-id: 04fbf6bee200000eb31c83a200000001
server: cloudflare

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200831/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Sep 2020 18:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 04 Sep 2020 18:25:21 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame F131 0
0 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/CGkGxTToTR
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/CGkGxTToTR

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 04 Sep 2020 17:24:13 GMT
expires: Sat, 04 Sep 2021 17:24:13 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3668
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
32 B 41ms
40ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200831&jk=3714611282137937&bg=!6eql6vJYAPsJE-NZxCICAAAAPlIAAAAKCgHvWsVU6MjLEI0ipBbP1aWYvPLj1ebstzItuskdi88XuE5ox-JpNL4POSTF-FK_RTrFvxohSNTZ5oZhKgHdzdTJpSHG6VY6m5-f6cINIru-r84lWzsfNJa-aLvDr9At6KpqE3jnbwBM9DB8eZDj2y66JX-B8pWFhTY_MGYRq8sWXR3qYx2n3z0ih2hvwAR7t2xfhntL9fd-BqMFl53vQd52vN-E2Jhc0eGwRCknHYlGqn56D_KC7kazPLad6dARKRovBCVTDpyBNK59xJgR-j1kmxWtIAcE5gH1CUZ5cHQiCmQM4YjtAcXV4S-kRZbZ4OHQ_t3dwszgD2W1Exj9shgA0I55KzlHY2mjWPDJewQqPRwJU7UQYHXARbmSeKNzi1PKXPuonU1UndYSkbQjeDF8CgNgxj8ytWa4Kvt0CdofB2k10fBg2GWhTN-gwQajtT8bhOGvClxFL8R2EPm8osqweuPmGsebW-LIW8pKft6vtdpltxp8kmm_8lMG7JUXBs7rBqs5_j3uhNEsBebfXgpj8WLQN7pp1jnr0b2A3wJG2WtO8_qF-S4CEf4tBj2CjdnkchT4RzV0_JDDkY6CYsW5A9nJhbsCqGFW8ZH8xlJgyROruYf-qUHzqN8PJPzAE09LHdMKbPUZ5XndeHmcBoaGmQGk5bZrp2zm25dLzCkqYOJ-34VOnp2dIcUpnKTPMbjgG_X0hggUXy4fPvWhhL_cTKxQxk_m8D9UhAzGaEu03s6iCAyIdzPqwXZ_IgPb0Myzp0kXUY5C0JrLpcZCP9XLhdipwn3uXl7SJaKFcu1XFgOWuuqKyL0Hm7aZn1-_E_M_K5_F78poAzfvmQd2S_PLT9Pb0KItSNyQrLjTZtIuE4RU3cXHY3CvbP0JrVBbEROb5dmIRewwTLdpNuyYgqxxBFwmQKD99rN2eISYFG5UHQ3RTz7s0cu0KPGzlMIFpDFjRKYAVEd7VzmHENkajRizidVNU55M1vNuOm5VqzKn1S5q9fh6BDJsAiqhe5ukJYmhiOfuYs9vmvIuZhq3XkXr6bYghZS6pDbWYdyhE8Whok7I29_8HCV9uf0ha2khkWLt8BqkE_UAiZjYBsBLtGKs_I04VuWgbzUB-JoLfJL0vvF55AbB8Bma2Kim9VBdoTDmGpF6TsVO808rgwA8EPSQ1lWbkq0ZnJaFPBPDpnDJJEOUtgGEL9OF-vmM4kNiYxsm8cbSxJhG

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/CGkGxTToTR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Sep 2020 18:25:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: paste.co.id
URL: https://paste.co.id/get-paste

Verdicts & Comments Add Verdict or Comment

265 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
paste.co.id/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22gqcjz_ZOI%22%7D%2C%22C997454%22%3A%7B%22page%22%3A1%2C%22time%22%3A1599243919890%7D%2C%22C997457%22%3A%7B%22page%22%3A1%2C%22time%22%3A1599243919912%7D%2C%22C914924%22%3A%7B%22page%22%3A1%2C%22time%22%3A1599243919926%7D%2C%22C997452%22%3A%7B%22page%22%3A1%2C%22time%22%3A1599243919939%7D%7D
.paste.co.id/	1970-01-19 12:14:03	Name: _gat_gtag_UA_137362802_1 Value: 1
.paste.co.id/	1970-01-19 12:14:03	Name: _gat_gtag_UA_174907544_1 Value: 1
.paste.co.id/	1970-01-20 05:45:15	Name: _ga Value: GA1.3.1108760184.1599243920
.paste.co.id/	1970-01-19 12:57:15	Name: __cfduid Value: da8fcef12b3ba0dd45c214a5da3b63b761599243893
paste.co.id/	1970-01-19 12:14:11	Name: pasteshr_session Value: eyJpdiI6IkxPWE1JNnNLd1wvN1lyVjFZMzRQSEh3PT0iLCJ2YWx1ZSI6IklOc1NJZzVwREhZWTRvYVFOMXI2ellRZ1JZVFFnUTVwNDFDUXdJQkJoMHQzYzV6ZXNpZEJ3ZlJuTVBacjlrS3IiLCJtYWMiOiJjM2VmOWMyNDI4OTFlNWI4ODUzNGMyODAyYzE5ZWNmZWUyYmVmMjE3MDM0YzJmNWUyNTZlN2VkODg5YWRjODdjIn0%3D
.paste.co.id/	1970-01-19 12:15:30	Name: _gid Value: GA1.3.469310311.1599243920
paste.co.id/	1970-01-19 12:14:11	Name: XSRF-TOKEN Value: eyJpdiI6ImFPVDVXdmxtSWhKWWpFZk56NHh0MFE9PSIsInZhbHVlIjoiREEycW5xVmVtMlE1akxoa013eGtGTkdUNGRSaGtvcDFDVnh5NUpUM2JcL2JqaVR0UVgyT1pCQzM5emRqMThKckEiLCJtYWMiOiI0NmUyODQzMzlhMDljMWRmMTU5OGU2OTg3YmViY2MwYjA3ZjQ1Y2JkM2QzNTQ4NWY2ZWJkZWE0MjAyNTEyMWQ0In0%3D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.997454.js(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.997457.js(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js(Line 1) Message: [object HTMLImageElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.de
ams.creativecdn.com
b.admedia.com
berkas.co
bidswitch-eu.splicky.com
c.mgid.com
cdn.mgid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
inpagepush.com
jsc.mgid.com
lovelydrum.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
my.rtmark.net
pagead2.googlesyndication.com
paste.co.id
pixel.s3xified.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
secure-assets.rubiconproject.com
seeptoag.net
servicer.mgid.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.qrcoder.co.uk
x.bidswitch.net
paste.co.id
104.111.230.142
104.16.199.73
104.19.135.78
109.203.125.88
139.45.195.41
139.45.196.10
139.45.196.145
172.217.22.38
172.217.22.98
173.249.18.21
178.63.52.94
185.184.8.30
2001:4de0:ac19::1:b:1a
204.44.79.1
23.105.245.4
2606:4700:3037::ac43:ae34
2606:4700::6811:4e6b
2a00:1450:4001:800::2002
2a00:1450:4001:800::2008
2a00:1450:4001:801::200e
2a00:1450:4001:808::2003
2a00:1450:4001:809::2001
2a00:1450:4001:816::2004
2a00:1450:4001:81c::200a
2a00:1450:4001:81e::2003
2a00:1450:4001:821::2003
2a00:1450:400c:c0c::9c
34.255.148.227
35.190.91.111
35.212.212.222
52.29.176.117
67.231.251.190
02ca433dd55527dba12a0615f2b5d789b7a99c6847d827cd2dd47c365fa12910
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
051a0d7cd2f20d6c69537e9f318d4e73081c840bcdbf9d7b46b9b73b02437d16
059f0145d15c8134718821dbd28d3ee99665d3c01e9ed74c938b28147ec53b36
073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0a0f7761790e964223c8299bd3615a2562180ecb15d44bf76c15a71c169af40a
0af546c3ab1fa9743a046cc27b5c9487afffe61b31f3eb9a8e1e0b3a96d4aed7
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
12c584766b6e3d95137e843e8f07b6c4c75a130d016308c906197ef754e886d1
13ef0bf18e275f7f6202e6fd998ddc7931445bdbaf2a51a0c18a9e3c3cffd8a7
13f49578079ce90bfc63c1d271af36739f07745ff0b709361ad2c1e43e53a39b
140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1809608c8bed1d74037ab70a713e9d9abbbd86554db1ebdad4f91a5b936590ab
1a32b2ac26cb8ece117c2980fe6f681125cc37c2a3ca792b706075654111e7d3
1bc26ffbbdab37451a24e6feccf6bcb434aef96ea721f502555eb02fe00f7255
1cec490c83327b9bf22796f2f35fad4ee9a4ab75ac264465c3ca9d87a510de05
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
2104fee084a6ebc2e2e873b48acb96f4693825bd72f382b621537d7c534926dd
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
268df04b4a2afd38f5f5ff35f4136a5f9c564f11581b36541276b5356f861966
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b92d97989adcd2bca6ee79f570e47c1ac045b1d4fe324470a780d14785e3862
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
330798625ce3468cc078ba28574ec8651fd742c9f70673c29333f9a9683a2a21
33586aca39bc21fa9ecfc3d422c8896796493e9d3194a0b44acac66135ef30fb
37b5fbe37b61da6f006c1edf54ed50ad1bd082a2f3862fe016111f6077da8485
37bc205e95cbc93ad5b75fb2de5e0c9ac025155ce1618de86ace9692265565d7
3ab1bc0fc9d97fbc0dbeb5170601f9e3ec9d35545f900f174bfe9390ac009f6b
400cf46f4296c8d1aae202531b893401d905ddd7f9aaaf7aaf52261f0621b24b
4eb059f82621ff9c90befd73e75fc63a91a8c3e266ead8f83eceea229418f47d
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
56e69505309ad13371b84dc4c0b215e3ec23919f59c5e61b6ed1add33d28a74b
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5eb58957336c213965803eb8f38617c70deea70a22470a4e66a0712a870e9c09
5faa5a18920800f81775999b3f595c4866880d52d75c05af4561f722ba8daa9c
65929752eb8a28b0c4ea1f3410a1dacbdf0f5371295cbb95774956a2bfc0d867
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
748851c4d2e38c4f7587afb6b6e54dfc26e7329018d27911115f1840e251d4a8
78674fa5d343d5e6400deecd78f58de346a22a82b6b95e602f3b2ed191b915cb
78c49b5b6c2475dac10ef696450901f564c076a0ad7ec63aff88f2e21fe51a87
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7fb176a5a03a77422ae9f0180501ff1def1dbb2d80888d72f86642d9b575437f
81c1fe535f45c0f4851a9df546d55e3d7f2186147a61983ed0fd3f7899479b95
8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b
83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045
88e4186e955f762fd2c67e13cbd4a749754ae3f473808812f82f57bdb3b7f398
89c715bab749f2438367b405207f80871f7df7d1d429fed4f6d103344759c8ed
8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716
8c84459f0c92349eac14ab94fa19f3dace511b376e32e84cf3b41e96a67730ff
8d9872802fb3827c82e49a61b9059876ff1ae2d55dbde99dfbfd738798e35a56
900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75
952a3a45beb94ba95a3db898dfad7225dfe536854f27e0791d279e334c4c8aa4
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
9bc99f657ddd0c8646e53561f87e16ed1ef01f4791a022168ea12f7238a3a9e2
9f8491a686cb13a6697b61d123639392d9702c3c98cf5e1fd6b211c9b4031fe3
a0d25d2b35292e46461a69b23109412ee47d611bc2d4bddb7a4b818e421776a4
a20070fc475f7befb15e531f7212f19fa7502ee9a53fcabf36d42a09ac9260b2
a2ba5765e7abca8c074d9cc48128980054aeb13fe5530774c5413071e52e5847
a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
b02a949098843b133472f71077168d06e3d8ac3d45c73ef498325e33e153e4d8
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
bb7b288b4b105bd832d74df2e5e80e99640b7f4d8ab88e979b0e2e9f69f72f5d
c18b5a5d82547778d1e4a2e0030b223e45891cb9fe4724c59b042b538e731aab
c3189fc8f89dceca8e0beea9485d5c88f24c07ab8368ca8d5f69881face3f6af
c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488
c3f41ee54a73e18b7c7823ee79e1cd09473d2235c80b1c6b540643b1565ccd7b
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
c9b13eef8bf431a60a45429656e3017c42f747530377ddd404c46b7bb7b32515
cca5ea0b0ab6dfc5af4b05c1ed939b368a30265963111d2e327d3414592bfc56
cd09f215a9fad075a41bc52634b9713c8a17089e68f05704d8a14f235fe56488
d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517
d801a7aee4bfe2c958fd643f0cbeec4594298233004ada814fbff90eeb0b1c0b
dab6296896d324a3cda9b0dab28f28bad911c784edca7931c6c32316e2ebdebd
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
dbf8d7df1ce4926456802966ff69d91d598fa67989d2015f69e6eba4dd0b2992
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb8a23205940d802b7d753d5ed0fd9882dd82497faf13ab88b97e1456c8cde61
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f56c925bf8086fb43d9399c2ab521c74af90e726a1d5e6eb03d9c431cbc2f8aa
f96c53b9b03f4b4ab67841c2ffd39ec588c945206edb5d8f6e7725859e29f69d
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

paste.co.id Open in urlscan Pro 2606:4700:3037::ac43:ae34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

115 Requests

99 %HTTPS

41 %IPv6

29 Domains

42 Subdomains

26 IPs

9 Countries

1744 kBTransfer

4331 kBSize

8 Cookies

23 Outgoing links

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paste.co.id Open in urlscan Pro
2606:4700:3037::ac43:ae34 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

99 %
HTTPS

41 %
IPv6

29
Domains

42
Subdomains

26
IPs

9
Countries

1744 kB
Transfer

4331 kB
Size

8
Cookies

115 HTTP transactions
5 data transactions