paste.co.id Open in urlscan Pro
5.189.137.168 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paste.co.id/Do3ZF1fi8t
Submission: On December 20 via manual (December 20th 2020, 8:53:54 am UTC) from ID

Summary HTTP 138 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 32 IPs in 10 countries across 35 domains to perform 138 HTTP transactions. The main IP is 5.189.137.168, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is paste.co.id.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 20th 2020. Valid for: 3 months.

This is the only time paste.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	5.189.137.168 5.189.137.168	51167 (CONTABO) (CONTABO)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	139.45.195.26 139.45.195.26	9002 (RETN-AS) (RETN-AS)
10	139.45.196.145 139.45.196.145	9002 (RETN-AS) (RETN-AS)
33	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	109.203.125.88 109.203.125.88	31727 (NODE4-AS) (NODE4-AS)
1	173.249.18.21 173.249.18.21	51167 (CONTABO) (CONTABO)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
23	103.16.198.218 103.16.198.218	131775 (IDNIC-JAL...) (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta)
1	2606:4700:20:... 2606:4700:20::681a:c76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3)
1	139.45.196.58 139.45.196.58	9002 (RETN-AS) (RETN-AS)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
5	139.45.195.167 139.45.195.167	9002 (RETN-AS) (RETN-AS)
1	139.45.195.150 139.45.195.150	9002 (RETN-AS) (RETN-AS)
3	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1 1	184.30.212.16 184.30.212.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.108.50.124 104.108.50.124	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	52.57.142.16 52.57.142.16	16509 (AMAZON-02) (AMAZON-02)
1 1	94.130.165.158 94.130.165.158	24940 (HETZNER-AS) (HETZNER-AS)
1 1	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
2 2	35.212.212.222 35.212.212.222	15169 (GOOGLE) (GOOGLE)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.19.217.61 104.19.217.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.210.128.165 52.210.128.165	16509 (AMAZON-02) (AMAZON-02)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	139.45.197.8 139.45.197.8	9002 (RETN-AS) (RETN-AS)
2	2606:4700:10:... 2606:4700:10::6816:1974	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:97b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
2	139.45.197.9 139.45.197.9	9002 (RETN-AS) (RETN-AS)
2	139.45.197.174 139.45.197.174	9002 (RETN-AS) (RETN-AS)
138	32

16 5.189.137.168 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi465240.contaboserver.net

paste.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.195.26 (Ascension Island)

ASN9002 (RETN-AS, GB)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.196.145 (Ascension Island)

ASN9002 (RETN-AS, GB)

seeptoag.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 104.19.133.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.203.125.88 (Salford, United Kingdom)

ASN31727 (NODE4-AS, GB)
PTR: euk-88894.eukservers.com

www.qrcoder.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.249.18.21 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: berkas.co

berkas.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 103.16.198.218 (Indonesia)

ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID)
PTR: ip-103.16.198.218.rhzahra.com

arnalyze.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:c76 (United States)

ASN13335 (CLOUDFLARENET, US)

iclickcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x00f.map2.ssl.hwcdn.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.196.58 (Ascension Island)

ASN9002 (RETN-AS, GB)

bedrapiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.195.167 (Ascension Island)

ASN9002 (RETN-AS, GB)

inabsolor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.150 (Ascension Island)

ASN9002 (RETN-AS, GB)

onmarshtompor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.212.16 (Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.50.124 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-50-124.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.57.142.16 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-142-16.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.165.158 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.2 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.217.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.128.165 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-128-165.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.8 (Ascension Island)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1974 (United States)

ASN13335 (CLOUDFLARENET, US)

littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:97b (United States)

ASN13335 (CLOUDFLARENET, US)

static.lalaping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.254 (Ascension Island)

ASN9002 (RETN-AS, GB)

o.wowreality.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.9 (Ascension Island)

ASN9002 (RETN-AS, GB)

onstunkyr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.174 (Ascension Island)

ASN9002 (RETN-AS, GB)

static.cdnativepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	mgid.com jsc.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com c.mgid.com	342 KB
23	arnalyze.net arnalyze.net	13 KB
16	paste.co.id paste.co.id	432 KB
10	seeptoag.net seeptoag.net	87 KB
6	google.com www.google.com	35 KB
6	inpagepush.com inpagepush.com	59 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	inabsolor.com inabsolor.com	124 KB
4	gstatic.com fonts.gstatic.com	42 KB
4	cloudflare.com cdnjs.cloudflare.com	48 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	cdnativepush.com static.cdnativepush.com	3 KB
2	onstunkyr.com onstunkyr.com	964 B
2	wowreality.info o.wowreality.info	398 B
2	littlecdn.com littlecdn.com	7 KB
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	adsrvr.org 2 redirects match.adsrvr.org	903 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	755 B
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	279 B
2	doubleclick.net 1 redirects stats.g.doubleclick.net cm.g.doubleclick.net	1 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	googletagmanager.com www.googletagmanager.com	77 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
1	lalaping.com static.lalaping.com	33 KB
1	google.de www.google.de	88 B
1	rtmark.net my.rtmark.net	769 B
1	lentainform.com cm.lentainform.com	560 B
1	idealmedia.io cm.idealmedia.io	556 B
1	omnitagjs.com visitor.omnitagjs.com	372 B
1	splicky.com 1 redirects bidswitch-eu.splicky.com	229 B
1	onmarshtompor.com onmarshtompor.com
1	bedrapiona.com bedrapiona.com	2 KB
1	iclickcdn.com iclickcdn.com	23 KB
1	berkas.co berkas.co	4 KB
1	qrcoder.co.uk www.qrcoder.co.uk	672 B
138	35

	Domain	Requested by
23	arnalyze.net	paste.co.id arnalyze.net
16	s-img.mgid.com	paste.co.id
16	paste.co.id	paste.co.id cdnjs.cloudflare.com
10	seeptoag.net	paste.co.id seeptoag.net
7	cm.mgid.com	jsc.mgid.com paste.co.id
6	www.google.com	paste.co.id
6	inpagepush.com	paste.co.id iclickcdn.com inpagepush.com
5	x.bidswitch.net	5 redirects
5	inabsolor.com	iclickcdn.com inabsolor.com
4	servicer.mgid.com	jsc.mgid.com
4	fonts.gstatic.com	fonts.googleapis.com
4	cdnjs.cloudflare.com	paste.co.id
3	c.mgid.com	paste.co.id
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	static.cdnativepush.com	inpagepush.com
2	onstunkyr.com
2	o.wowreality.info	static.lalaping.com
2	littlecdn.com	paste.co.id inpagepush.com
2	match.adsrvr.org	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	fonts.googleapis.com	paste.co.id
2	www.googletagmanager.com	paste.co.id www.googletagmanager.com
2	jsc.mgid.com	paste.co.id
2	maxcdn.bootstrapcdn.com	paste.co.id maxcdn.bootstrapcdn.com
1	static.lalaping.com	inabsolor.com
1	www.google.de	paste.co.id
1	my.rtmark.net	paste.co.id
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	cm.lentainform.com	paste.co.id
1	cm.idealmedia.io	paste.co.id
1	visitor.omnitagjs.com	paste.co.id
1	cm.g.doubleclick.net	1 redirects
1	bidswitch-eu.splicky.com	1 redirects
1	eus.rubiconproject.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	onmarshtompor.com	iclickcdn.com
1	cdn.mgid.com	paste.co.id
1	bedrapiona.com	iclickcdn.com
1	iclickcdn.com	paste.co.id
1	berkas.co	paste.co.id
1	www.qrcoder.co.uk	paste.co.id
138	43

This site contains links to these domains. Also see Links.

Domain
widgets.mgid.com
www.mgid.com
steemit.com
berkas.co

Subject Issuer	Validity	Valid
www.paste.co.id Let's Encrypt Authority X3	`2020-10-20` - `2021-01-18`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
inpagepush.com Let's Encrypt Authority X3	`2020-11-11` - `2021-02-09`	3 months	crt.sh
seeptoag.net R3	`2020-12-14` - `2021-03-14`	3 months	crt.sh
qrcoder.co.uk cPanel, Inc. Certification Authority	`2020-10-13` - `2021-01-11`	3 months	crt.sh
berkas.co Let's Encrypt Authority X3	`2020-10-22` - `2021-01-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.arnalyze.net Let's Encrypt Authority X3	`2020-11-09` - `2021-02-07`	3 months	crt.sh
bedrapiona.com R3	`2020-12-07` - `2021-03-07`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
inabsolor.com Let's Encrypt Authority X3	`2020-11-25` - `2021-02-23`	3 months	crt.sh
onmarshtompor.com Let's Encrypt Authority X3	`2020-10-19` - `2021-01-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2021-06-18`	a year	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
o.wowreality.info Let's Encrypt Authority X3	`2020-11-13` - `2021-02-11`	3 months	crt.sh
*.onstunkyr.com Let's Encrypt Authority X3	`2020-10-12` - `2021-01-10`	3 months	crt.sh
cdnativepush.com Let's Encrypt Authority X3	`2020-11-15` - `2021-02-13`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://paste.co.id/Do3ZF1fi8t
Frame ID: A3C6FBA116C44C30B84659A9E169FE50
Requests: 116 HTTP requests in this frame

Frame: https://onmarshtompor.com/fac.php
Frame ID: CA2E2548C9F0DE530B47051113AAB6EE
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1608454412081382439550
Frame ID: 002704AB13DA71BCB71A511EBAD33460
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 0A63970FB7031D430E2221109C9B56A5
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: B8C29635A55CB8BD373C103A068475C7
Requests: 1 HTTP requests in this frame

Frame: https://littlecdn.com/contents/s/cb/9f/b9/f83edb61067b798e603a72771e/0805408441928.png
Frame ID: AC2DFE27564D5FEE732D5B08C5186224
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

138
Requests

99 %
HTTPS

32 %
IPv6

35
Domains

43
Subdomains

32
IPs

10
Countries

1439 kB
Transfer

3495 kB
Size

7
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.mgid.com/?utm_source=paste.co.id&utm_medium=referral&utm_campaign=widgets&utm_content=997452

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3887987/i/57333099/0/pp/1/1?h=xiQ9WIow1tmnLPAYoIOIRDMB72p873NehmifX3CRLXsXOHzKAqCnw7s1pFRxqABw&rid=d620e8ae-42a0-11eb-a7e4-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805434/i/57333099/0/pp/2/1?h=xiQ9WIow1tmnLPAYoIOIRN2JrM74Txsiv3UoqDnFRNYLnhnx8UQTjhSHIHker5nJ&rid=d620e8ae-42a0-11eb-a7e4-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805669/i/57333099/0/pp/3/1?h=xiQ9WIow1tmnLPAYoIOIRFF4CqnBg5Y6dNUbyyJmJ-G1Oj1SBXq_KAGbfNpM5cvh&rid=d620e8ae-42a0-11eb-a7e4-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805489/i/57333099/0/pp/4/1?h=xiQ9WIow1tmnLPAYoIOIRO3pS0ev-VWxO8dIC-ZHptTS2xyXVI6XitkyviVWE_Vd&rid=d620e8ae-42a0-11eb-a7e4-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11

Search URL Search Domain Scan URL

URL: https://steemit.com/
Title: https://steemit.com/

Search URL Search Domain Scan URL

URL: https://steemit.com/burn/
Title: https://steemit.com/burn/

Search URL Search Domain Scan URL

URL: https://steemit.com/the/
Title: https://steemit.com/the/

Search URL Search Domain Scan URL

URL: https://steemit.com/tenet/
Title: https://steemit.com/tenet/

Search URL Search Domain Scan URL

URL: https://steemit.com/mulan/
Title: https://steemit.com/mulan/

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=paste.co.id&utm_medium=referral&utm_campaign=widgets&utm_content=914924

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805481/i/126987/0/pp/1/1?h=pfqgiXC_rmGSnm2raGCddb_Ygshqqwh9hPXxCqRrcu-cDotMl7yqKj5b63BPAu47&rid=d62d340f-42a0-11eb-a7e4-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&muid=kbkwzWg75mR0

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/6946118/i/126987/0/pp/2/1?h=pfqgiXC_rmGSnm2raGCddbS2uc3YuKegAO1SEZlFKrpNerhfb99v447AfPSZIRKd&rid=d62d340f-42a0-11eb-a7e4-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&muid=kbkwzWg75mR0

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805478/i/126987/0/pp/3/1?h=pfqgiXC_rmGSnm2raGCddamkHnhbsHT3H-clDEAoZUT-nIosf41MvxRuuuziqKE_&rid=d62d340f-42a0-11eb-a7e4-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&muid=kbkwzWg75mR0

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3885439/i/126987/0/pp/4/1?h=pfqgiXC_rmGSnm2raGCddYZ6O-bfcqEU_d_60VpeQj_ydGsaLsdksK_beaXiLYsJ&rid=d62d340f-42a0-11eb-a7e4-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&muid=kbkwzWg75mR0

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/5523139/i/57333099/0/pp/1/1?h=xiQ9WIow1tmnLPAYoIOIRH8vHJ7iiG0B-alCPuORMvxB2XlwuWW6Kjfb3PHyR1VF&rid=d623ba72-42a0-11eb-9c79-d094662c24f7&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&muid=kbkvq71Ma_R0

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/4147880/i/57333099/0/pp/2/1?h=xiQ9WIow1tmnLPAYoIOIRBReAF8W9CtmvnbQMa7D4lySWeDL2WmLZOgCg0evP70P&rid=d623ba72-42a0-11eb-9c79-d094662c24f7&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&muid=kbkvq71Ma_R0

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805610/i/57333099/0/pp/3/1?h=xiQ9WIow1tmnLPAYoIOIRGdTNf-WZopIKvGJZ0JwLgW70QLATdc4lpqCmRGGggqr&rid=d623ba72-42a0-11eb-9c79-d094662c24f7&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&muid=kbkvq71Ma_R0

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/6288128/i/57333099/0/pp/4/1?h=xiQ9WIow1tmnLPAYoIOIRCWRMIyTNNAUKGA9XE6aD5vojmT9Hf73C1kJBh0PPU0J&rid=d623ba72-42a0-11eb-9c79-d094662c24f7&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&muid=kbkvq71Ma_R0

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/5097658/i/57333099/0/pp/1/1?h=RUghjSxP5BOj8Xk3nvRfXl0u_riJ9EgGbLAC-KMFYCFFjLeszY8GTGcRAGquGlaD&rid=d62add15-42a0-11eb-a7e4-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&muid=kbkvgzg2YyR0

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/5097645/i/57333099/0/pp/2/1?h=RUghjSxP5BOj8Xk3nvRfXkYyYG2uFZnmjteX4AOiTcmtRgWd5EuQEkkkRWUNUwMG&rid=d62add15-42a0-11eb-a7e4-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&muid=kbkvgzg2YyR0

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3839414/i/57333099/0/pp/3/1?h=RUghjSxP5BOj8Xk3nvRfXlZhpVOBvEnOWb9BAVcnG1LwxLsKFQpRRJITG-LTaRto&rid=d62add15-42a0-11eb-a7e4-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&muid=kbkvgzg2YyR0

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3944304/i/57333099/0/pp/4/1?h=RUghjSxP5BOj8Xk3nvRfXrIMJ5uTVz5C-XRiTfFhLXQG9g88Od53brY18SjDYadz&rid=d62add15-42a0-11eb-a7e4-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&muid=kbkvgzg2YyR0

Search URL Search Domain Scan URL

URL: https://berkas.co/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 77

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=bb7e3bbc-57a5-470e-b629-bab93fc44dd2 HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=bb7e3bbc-57a5-470e-b629-bab93fc44dd2 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=bb7e3bbc-57a5-470e-b629-bab93fc44dd2&gdpr=&gdpr_consent=&us_privacy=

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=a2Jrd3pXZzc1bVIw&muidn=kbkwzWg75mR0 HTTP 302
https://cm.mgid.com/google?muidn=kbkwzWg75mR0&google_ula={guid},5&google_gid=CAESEBwq1AyVC0P2yd_PdbdKkkI&google_cver=1

Request Chain 79

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=1212a2e8-d060-4882-a7b2-35602fe7dc3a

Request Chain 80

https://x.bidswitch.net/sync?dsp_id=303&user_id=kbkwzWg75mR0 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=kbkwzWg75mR0 HTTP 302
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=bb7e3bbc-57a5-470e-b629-bab93fc44dd2&name=BIDSWITCH

Request Chain 83

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=9caccae1-8a4f-462c-9923-0336f7285f34&ttl=1611046412

Request Chain 84

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=lrtrHaEMRAr3XlJZ3j0Z&pi=mgid&tc=1

138 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request Do3ZF1fi8t Show response
paste.co.id/ 83 KB
25 KB 12983ms
12908ms Document
text/html 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/Do3ZF1fi8t

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi465240.contaboserver.net

Software

nginx / PHP/7.3.24

Resource Hash

1ec4f33a819d2ab1d60083ad39001db95d42d8ac4dcdea6cd04f9596e1f76171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: paste.co.id
:scheme: https
:path: /Do3ZF1fi8t
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Sun, 20 Dec 2020 08:53:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.24
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
set-cookie: XSRF-TOKEN=eyJpdiI6ImhjMWdkbEFqOVpFN2k2UElZTlZ6ZVE9PSIsInZhbHVlIjoidVJMcFgxR25URldnM1c0VnFOSnpUSTduWEp3NGtoVjRNY1wvd3Y0TzFXbFlGZ0djcUNPeks4WWVBdW56ZFwveWE2IiwibWFjIjoiMDIwNWEzYzdmZWYwZGNiYTU3NzI2OWM0ZGZkOTJiNWNhN2I2NTNkZmFlMmVjNTFkMDIzODk3ODU2N2VlOTI3NSJ9; expires=Sun, 20-Dec-2020 10:53:31 GMT; Max-Age=7200; path=/ pasteshr_session=eyJpdiI6ImNEV3VvcnNYRkpKamZSYXNzMWRiZXc9PSIsInZhbHVlIjoiN3ZTdHlSTUJXbHJVVjZJNWRnaHdUdHZMQ1BURWtXc3MzQjhMTmNud1pRSDBUVHhXT3MrMHVOV3FzMk93Zng4USIsIm1hYyI6ImU4NzAwYzUwZmI0YTgxYmVmNjliOTNjYTg4MTQ5YzZlODYzOTg3NjAyMWIzNTYwOWYwYjMxMWYyM2I3NThmNGIifQ%3D%3D; expires=Sun, 20-Dec-2020 10:53:31 GMT; Max-Age=7200; path=/; httponly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 31ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 bootstrap.min.css
paste.co.id/css/ 138 KB
21 KB 45ms
42ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/css/bootstrap.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi465240.contaboserver.net

Software

nginx /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
expires: Tue, 19 Jan 2021 08:53:31 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 mdb.min.css
paste.co.id/css/ 226 KB
25 KB 56ms
53ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/css/mdb.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi465240.contaboserver.net

Software

nginx /

Resource Hash

8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
expires: Tue, 19 Jan 2021 08:53:31 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/ 15 KB
2 KB 13ms
10ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/select2.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 893686
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1624
cf-request-id: 0720f3ab7300004a61d7826000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-3b5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=upXwfZWNKQLiZlp5Oj12RVl2209eZPVAmuGPmpQSEfgiI940KkNhzsPFnBQjhL5giKyYSWq3cT9oXqRcJL7UxleY0bhN1U7XBioGTLDF%2F1bFXGlGjZR0XDQ6RA0cW17aQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 604822258c684a61-FRA
expires: Fri, 10 Dec 2021 08:53:31 GMT

GET
H2 200 special.min.css
paste.co.id/css/skins/ 3 KB
1 KB 62ms
59ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/css/skins/special.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi465240.contaboserver.net

Software

nginx /

Resource Hash

d801a7aee4bfe2c958fd643f0cbeec4594298233004ada814fbff90eeb0b1c0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Apr 2019 12:08:22 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
expires: Tue, 19 Jan 2021 08:53:31 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 app.min.css
paste.co.id/css/ 648 B
561 B 62ms
60ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/css/app.min.css?v=1.2

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi465240.contaboserver.net

Software

nginx /

Resource Hash

8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Jun 2020 17:06:52 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
expires: Tue, 19 Jan 2021 08:53:31 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 prism-okadia.css
paste.co.id/plugins/prismjs/ 13 KB
4 KB 62ms
60ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/plugins/prismjs/prism-okadia.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi465240.contaboserver.net

Software

nginx /

Resource Hash

36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Jan 2019 22:43:52 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
expires: Tue, 19 Jan 2021 08:53:31 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H/1.1 200
OK 3509488 Show response
inpagepush.com/400/ 77 KB
28 KB 144ms
46ms Script
application/javascript 139.45.195.26
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3509488

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.26 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5fc463d4a569ad548983d99f47dcd275745874c31f4e3e453bfabdf59f774ad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 0299d71223832c9875e8e478d3a9c5fc
Pragma: no-cache
Date: Sun, 20 Dec 2020 08:53:31 GMT
Content-Encoding: gzip
Vary: Origin
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK ntfc.php Show response
seeptoag.net/ 39 KB
11 KB 119ms
50ms Script
application/javascript 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/ntfc.php?p=3534037
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.145 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 008d5a9d53c757fadb7b3858ecdaa1f288bf20f9cb8baddc0a4d7babb2169369

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Dec 2020 08:53:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-9b9e"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 default-avatar.png
paste.co.id/img/ 7 KB
7 KB 77ms
76ms Image
image/png 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paste.co.id/img/default-avatar.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi465240.contaboserver.net

Software

nginx /

Resource Hash

d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Nov 2018 16:58:44 GMT
server: nginx
content-type: image/png
expires: Thu, 18 Feb 2021 08:53:31 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 6957
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 paste.co.id.997452.js Show response
jsc.mgid.com/p/a/ 208 KB
55 KB 86ms
43ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23d804e3ff30dbe5814c7efc5138ebea5099cee70b763b7364002ac1f35f7b34

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
content-encoding: br
cf-cache-status: HIT
age: 2415
cf-polished: origSize=213085
last-modified: Mon, 23 Nov 2020 10:54:51 GMT
x-amz-request-id: 9A6F0264D5A2BEC4
x-amz-id-2: Y/SeuiXMjnNjaWmaEuUv+v3xhfZiVWL4AT0nhNJs4GT6/kB4czBGn0pHIFDL0nty6Z0e4+3Ry+I=
cf-bgj: minify
server: cloudflare
etag: W/"51dd4812402780ff8d929039da7ffaaf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 0720f3ac240000049b5981f000000001
cf-ray: 60482226a81d049b-CDG
expires: Sun, 20 Dec 2020 11:53:31 GMT

GET
H2 200 paste.co.id.914924.js Show response
jsc.mgid.com/p/a/ 208 KB
55 KB 127ms
86ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31bef18aa5a9a46783ef5c364f077f44c4d94c5a4eed063fb272bfe80df9f06b

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
content-encoding: br
cf-cache-status: HIT
age: 2415
cf-polished: origSize=212539
last-modified: Mon, 23 Nov 2020 10:42:33 GMT
x-amz-request-id: 78BFFFC3002601CF
x-amz-id-2: NpuIrQtAc5/+sXVZKF84Bz6ToJ4UCyZoLwNw05COBgvn96ButR2P7hnAwKrbASTTMbqawneD2rM=
cf-bgj: minify
server: cloudflare
etag: W/"f52ba88d2ad3d86fd1327111de9a8326"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 0720f3ac250000049b59820000000001
cf-ray: 60482226a81e049b-CDG
expires: Sun, 20 Dec 2020 11:53:31 GMT

GET
H/1.1 200
OK /
www.qrcoder.co.uk/api/v1/ 392 B
672 B 182ms
110ms Image
image/png 109.203.125.88
NODE4-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.qrcoder.co.uk/api/v1/?size=4&text=https%3A%2F%2Fpaste.co.id%2FDo3ZF1fi8t
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 109.203.125.88 Salford, United Kingdom, ASN31727 (NODE4-AS, GB),
Reverse DNS: euk-88894.eukservers.com
Software: Apache /
Resource Hash: f2d2fff7330777865db60662cacd85824bc584202657102ce7f2ee4337f09411

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Dec 2020 08:53:30 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: 0

GET
H/1.1 200
OK logo.png
berkas.co/ds1/img/ 4 KB
4 KB 172ms
73ms Image
image/png 173.249.18.21
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://berkas.co/ds1/img/logo.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.249.18.21 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: berkas.co
Software: nginx/1.16.1 / RHZ SECURITY
Resource Hash: 5eb58957336c213965803eb8f38617c70deea70a22470a4e66a0712a870e9c09

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 20 Dec 2020 08:53:31 GMT
ETag: "e5e-5a81d91e86dc0"
Last-Modified: Mon, 15 Jun 2020 11:17:19 GMT
Server: nginx/1.16.1
X-Powered-By: RHZ SECURITY
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3678

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
27 KB 15ms
12ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 197631
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
cf-request-id: 0720f3abe800004a61e399f000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F7hiMXyy1HjJSx0NjxU0MI6xbsRgKSwXukEio4WyndfDc7meVBLpRNKKklf9G3gT3BCdzpC1K%2FBJcGyNUI0CwvNQdd3NfkXu83C6q8oq0EWoTdz0dD0hz%2BsrLJopwknk0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 604822263e334a61-FRA
expires: Fri, 10 Dec 2021 08:53:31 GMT

GET
H2 200 bootstrap.min.js Show response
paste.co.id/js/ 50 KB
14 KB 37ms
35ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/js/bootstrap.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi465240.contaboserver.net

Software

nginx /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
expires: Tue, 19 Jan 2021 08:53:31 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 mdb.min.js Show response
paste.co.id/js/ 204 KB
63 KB 41ms
39ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/js/mdb.min.js?v=2

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi465240.contaboserver.net

Software

nginx /

Resource Hash

073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 29 Jan 2019 22:15:46 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
expires: Tue, 19 Jan 2021 08:53:31 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: HIT

GET
H2 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/ 65 KB
16 KB 16ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/select2.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 281616
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15668
cf-request-id: 0720f3abe800004a61cf108000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-1042e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U8mPI7gbJ%2BXx3LOYEegJ2sXl6l6qJdnhvM3xT1HZSvuQ2eVknPm5kAr5K7zTzjxH7c8GwTD2%2F%2BjGqGiYs7XmTEci9CGGsXYdD6BiSUghPijIV2fwmMSiCKs7k6IHbDmG%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 604822263e364a61-FRA
expires: Fri, 10 Dec 2021 08:53:31 GMT

GET
H2 200 ads.js Show response
paste.co.id/js/ 22 B
300 B 51ms
49ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/js/ads.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi465240.contaboserver.net

Software

nginx /

Resource Hash

83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
x-content-type-options: nosniff
last-modified: Sat, 14 Mar 2020 00:25:06 GMT
server: nginx
content-type: application/javascript
expires: Tue, 19 Jan 2021 08:53:31 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 22
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: UPDATING

GET
H2 200 app.min.js Show response
paste.co.id/js/ 1 KB
1 KB 51ms
50ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/js/app.min.js?v=1.5

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi465240.contaboserver.net

Software

nginx /

Resource Hash

900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 14 Mar 2020 00:34:12 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
expires: Tue, 19 Jan 2021 08:53:31 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: UPDATING

GET
H2 200 prism.js Show response
paste.co.id/plugins/prismjs/ 328 KB
122 KB 55ms
53ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/plugins/prismjs/prism.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi465240.contaboserver.net

Software

nginx /

Resource Hash

af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 24 Nov 2018 17:17:38 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
expires: Tue, 19 Jan 2021 08:53:31 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: UPDATING

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-174907544-1

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a53936ae5d81bd099d88181c84c3860e1f855af14a60a111f933face36e77e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39021
x-xss-protection: 0
last-modified: Sun, 20 Dec 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 20 Dec 2020 08:53:31 GMT

GET
H2 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel/ 37 KB
12 KB 908ms
277ms Script
application/javascript 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.25
Resource Hash: f6cb2c4c9c079acc6d20bb301334911ce189df64c8db2efb2ea1b99df30f206c

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: cache
date: Sun, 20 Dec 2020 08:53:32 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.25
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
expires: Sun, 20 Dec 2020 08:58:32 GMT

GET
H2 200 tag.min.js Show response
iclickcdn.com/ 81 KB
23 KB 46ms
21ms Script
application/javascript 2606:4700:20::681a:c76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iclickcdn.com/tag.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf44440b5a5d9f372b338ca5859fa02f7a8997b19bfe709fff0bd40a6d6f7f79

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
age: 32490
access-control-allow-methods: GET, POST, OPTIONS
cf-request-id: 0720f3ac320000c290bd2e3000000001
x-trace-id: b995f441b2b6613cc33521b553865c2f
pragma: no-cache
last-modified: Fri, 18 Dec 2020 12:39:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Td0H5fkn7%2FEUxXhhPIgOcVM4G3vkT9sB4mBYx53tcQlW9NpOZRN4PwtSUvA%2FOiHtmiIXEfArEfH5FAQsAO2%2Fv5Vax4Lkhoxoikh%2FzN7vHE%2B8GzJkASLBALME"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 60482226b90ec290-FRA
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Sun, 20 Dec 2020 23:52:01 GMT

GET
H2 200 Roboto-Light.woff2
paste.co.id/font/roboto/ 48 KB
49 KB 76ms
75ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/font/roboto/Roboto-Light.woff2

Requested by

Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi465240.contaboserver.net

Software

nginx /

Resource Hash

94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: nginx
content-type: font/woff2
expires: Thu, 18 Feb 2021 08:53:31 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 49380
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 387ms
30ms Font
font/woff2 209.197.3.15
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

vip0x00f.map2.ssl.hwcdn.net

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://paste.co.id
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 77171

GET
H2 200 Roboto-Regular.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 79ms
78ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/font/roboto/Roboto-Regular.woff2

Requested by

Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi465240.contaboserver.net

Software

nginx /

Resource Hash

b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: nginx
content-type: font/woff2
expires: Thu, 18 Feb 2021 08:53:31 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 49236
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 Roboto-Bold.woff2
paste.co.id/font/roboto/ 49 KB
49 KB 52ms
51ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/font/roboto/Roboto-Bold.woff2

Requested by

Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi465240.contaboserver.net

Software

nginx /

Resource Hash

8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
x-content-type-options: nosniff
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: nginx
content-type: font/woff2
expires: Thu, 18 Feb 2021 08:53:31 GMT
cache-control: max-age=5184000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 49976
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE

GET
H2 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/ 10 KB
3 KB 11ms
11ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/plugins/prismjs/prism.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1542445
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2905
cf-request-id: 0720f3ad4d00004a61a3b2b000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e29-29a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MNRmR8CqR15l4swKec9l%2BpZ2NcsqoaAtSSVNG3doRyceBvSEIVFzU%2BK2xgqTdxbmhcz%2BQN3IhM7061OB47BMkuP%2BKO4US8Xt8iUPZOd7FNXdK%2F%2FN%2FGvYP0BV5%2F%2BRVGVRJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 604822287b464a61-FRA
expires: Fri, 10 Dec 2021 08:53:31 GMT

POST
H2 200 get-paste Show response
paste.co.id/ 1 KB
1 KB 6006ms
6006ms XHR
application/json 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/get-paste

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi465240.contaboserver.net

Software

nginx / PHP/7.3.24

Resource Hash

842189b0542964f3825773074767873c976637fecfe2568cea8ee7eb24dad54e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://paste.co.id/Do3ZF1fi8t
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 20 Dec 2020 08:53:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.3.24
vary: Accept-Encoding
content-type: application/json
x-ratelimit-remaining: 58
cache-control: no-cache, private
x-server-powered-by: Engintron
x-ratelimit-limit: 60
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK zone Show response
seeptoag.net/ 716 B
1 KB 33ms
33ms Fetch
application/json 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/zone?pub=0&zone_id=3534037&is_mobile=false&domain=paste.co.id&var=&ymid=&var_3=

Requested by

Host: seeptoag.net
URL: https://seeptoag.net/ntfc.php?p=3534037

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.145 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

6d7f8897536cff787a749e4db3b660d522b975131082b36bf20d32df5675aa1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: ebfde2e052ff0ae9c2b6be197943d972
Date: Sun, 20 Dec 2020 08:53:31 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 716

GET
H/1.1 200
OK universal.min.js Show response
seeptoag.net/pfe/current/ 188 KB
54 KB 120ms
54ms Fetch
application/javascript 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/pfe/current/universal.min.js?v=3.1.281
Requested by: Host: seeptoag.net
URL: https://seeptoag.net/ntfc.php?p=3534037
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.145 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 6d85189d6bb0bbafeab584b658483689630c0393c3be7f1bae6d2673c0957160

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Dec 2020 08:53:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-2ef30"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
39 KB 49ms
35ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137362802-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-174907544-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bde6e36165c39af1cd701fa09a2652dcd419e61f085939d357445e07c7c0dcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39030
x-xss-protection: 0
last-modified: Sun, 20 Dec 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 20 Dec 2020 08:53:31 GMT

GET
H/1.1 200
OK / Show response
bedrapiona.com/5/3724584/ 3 KB
2 KB 175ms
42ms XHR
application/json 139.45.196.58
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/3724584/?oo=1
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.196.58 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 632ff4e9d0f0c23cb67fc572bef0757dd673bdc86a1d9694518526396db49a2c

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: a996235fddfe67d93788fecceec72455
Pragma: no-cache, no-cache
Date: Sun, 20 Dec 2020 08:53:31 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://paste.co.id
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
646 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 20 Dec 2020 08:47:39 GMT
server: ESF
date: Sun, 20 Dec 2020 08:53:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Dec 2020 08:53:31 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 71ms
69ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
age: 3673
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
content-type: image/svg+xml
cf-ray: 604822298d82049b-CDG
x-amz-request-id: EDD0957952C83C96
cf-request-id: 0720f3adfa0000049b2d31b000000001

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 css
fonts.googleapis.com/ 22 KB
1 KB 42ms
28ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

297b33ba930feb975c6869804a999ec114c2235b151d019e4e844902f3ce41c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 20 Dec 2020 07:42:24 GMT
server: ESF
date: Sun, 20 Dec 2020 08:53:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Dec 2020 08:53:31 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 532ebb63b21f25cd2321d533fa378e22801af099c6b8b115d66f5fb2a9b9f482

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/css?family=Open+Sans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Dec 2020 16:31:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 145346
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Sat, 18 Dec 2021 16:31:05 GMT

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
2 KB 78ms
77ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?w=840&h=234&p3_w=201&p3_h=189&cols=4&pv=5&cbuster=1608454411920335486624&uniqId=0ff87&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FDo3ZF1fi8t&lu=https%3A%2F%2Fpaste.co.id%2FDo3ZF1fi8t&pageView=1&pvid=1767f5a96908e821f72&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fc13c767b7963f267b67ec4717e808acf3e5770339524e395b35cc5b37b8d78

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6048222a9f3d049b-CDG
cf-request-id: 0720f3ae9a0000049b46334000000001

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 79ms
78ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?w=840&h=234&p3_w=201&p3_h=189&cols=4&pv=5&cbuster=1608454411940989060234&uniqId=0d442&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FDo3ZF1fi8t&lu=https%3A%2F%2Fpaste.co.id%2FDo3ZF1fi8t&pageView=0&pvid=1767f5a96a4a8fd8f48&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8524cc6c0dd85347ce92adcb05b981311036f0d461f57cb2fc118c1aa97eddcf

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6048222aaf5b049b-CDG
cf-request-id: 0720f3aeab0000049b4ebaa000000001

GET
H/1.1 200
OK 3724582 Show response
inpagepush.com/400/ 77 KB
28 KB 41ms
40ms Script
application/javascript 139.45.195.26
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3724582

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.26 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

8a9d4a2785cd091c356b4bfafef2f515cbc1cc985444f427443f42ef20138f02

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: a7891b998ffb5d7ed7cd335e060e432d
Pragma: no-cache
Date: Sun, 20 Dec 2020 08:53:31 GMT
Content-Encoding: gzip
Vary: Origin
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 1 Show response
inabsolor.com/ 7 KB
4 KB 127ms
32ms Script
text/javascript 139.45.195.167
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://inabsolor.com/1?z=3724583
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.195.167 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 859f45a84a707d879f1e44356846bb1ebb761a2aca1c32a316c8cf32e349debc

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Dec 2020 08:53:32 GMT
Content-Encoding: gzip
X-Sc: f4KqEsZZ8x8N7BcLVMOJMcj7_ZEFVA8kE5MxN-Kkaw5y459dgeY4WIMVZOGWTvXr-lSco3AYMbzMVYArtpdZYNTBgEs=
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content fac.php
onmarshtompor.com/ Frame CA2E 0
0 132ms
33ms Document
text/html 139.45.195.150
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/fac.php

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.150 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: onmarshtompor.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://paste.co.id/Do3ZF1fi8t
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/Do3ZF1fi8t

Response headers

Server: nginx
Date: Sun, 20 Dec 2020 08:53:32 GMT
Content-Type: text/html; charset=utf8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
X-Trace-Id: 5a6b324ed0ded6f7ead874e48d7403eb
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 26ms
13ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Dec 2020 01:27:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 199553
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Sat, 18 Dec 2021 01:27:39 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 25ms
15ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 06:19:46 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 354826
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Thu, 16 Dec 2021 06:19:46 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 22ms
13ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 17:20:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 401587
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 15 Dec 2021 17:20:25 GMT

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 80ms
80ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?w=255&h=431&p3_w=90&p3_h=183&cols=2&pv=5&cbuster=1608454411988599845747&uniqId=14f20&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FDo3ZF1fi8t&lu=https%3A%2F%2Fpaste.co.id%2FDo3ZF1fi8t&pageView=0&pvid=1767f5a96d4b60b0f66&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7eb84b4b39afcd866ccd0b40d7178ce621d52e2a1402a6b894f85b7d99e9890d

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6048222affbc049b-CDG
cf-request-id: 0720f3aeda0000049b580cb000000001

GET
H/1.1 200
OK 3509488 Show response
inpagepush.com/500/ 2 KB
2 KB 39ms
39ms XHR
application/javascript 139.45.195.26
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3509488?excludes=&oaid=3a4044e2220740d8ab9c4d7c5ddcc35e&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Fpaste.co.id%2FDo3ZF1fi8t&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.26 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

c9f2f1c084ed8d5dbcde6923a4d7cc1287332e7628c4f0545c409b3552596484

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 20 Dec 2020 08:53:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 601b5cac21b89dcf6d891d7d6026898f
Pragma: no-cache
Server: nginx
Vary: Origin
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H/1.1 200
OK 3509488
inpagepush.com/500/ Frame 0
0 125ms
31ms Other 139.45.195.26
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Server

139.45.195.26 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sun, 20 Dec 2020 08:53:32 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Max-Age: 300
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *

GET
H2 200 1 Show response
servicer.mgid.com/914924/ 3 KB
1 KB 78ms
78ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/914924/1?w=844&h=250&cols=2&pv=5&cbuster=1608454412001332163351&uniqId=0017e&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FDo3ZF1fi8t&lu=https%3A%2F%2Fpaste.co.id%2FDo3ZF1fi8t&pageView=0&pvid=1767f5a96e19c9544ae&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 575e5bb25edbc2c879d546f4ca84ac30fdb765bd2db95669c6985aab5a8ebc7e

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6048222b0fe0049b-CDG
cf-request-id: 0720f3aeea0000049b1f2b0000000001

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137362802-1&l=dataLayer&cx=c

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3778
date: Sun, 20 Dec 2020 07:50:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sun, 20 Dec 2020 09:50:34 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
864 B 74ms
73ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=160845441207710151990
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18a913854b54818b519dff959551e5ac616139c13606451764dfebe4f4f4f118

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 5ec870ca-4ea3-4d9d-9cfa-33489911a06b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6048222b88d6049b-CDG
cf-request-id: 0720f3af340000049b283cb000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 0027 19 B
372 B 73ms
73ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1608454412081382439550
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 47089f49-ec4a-44c3-90b5-fdfe76819270
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6048222b88db049b-CDG
cf-request-id: 0720f3af370000049b54387000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M4MDcxMDI4MzE4M2VkYWU1NThlNTgyNjBkNTQ2M2U5LmpwZWc.webp
s-img.mgid.com/g/3887987/492x328/0x0x1200x800/ 10 KB
10 KB 29ms
27ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3887987/492x328/0x0x1200x800/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2M4MDcxMDI4MzE4M2VkYWU1NThlNTgyNjBkNTQ2M2U5LmpwZWc.webp?v=1608454411-YupMSS5TbwuAgO2nYweELHoZB_aLVQWyNY07hnbrQCY
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1aee39e40258b43c29cb453d9bb7d815479ac3d9b2df3087e8fadbf470a0ae38

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:32 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:23:16 GMT
x-mg-request-uuid: 1df03817-1abd-4617-860b-82202b985e67
age: 3816601
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6048222b98ec049b-CDG
content-length: 10290
cf-request-id: 0720f3af3f0000049bf7360000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDItMjAvMTAxOTI0L2E0MDg4YTc0ZjE5OWZiOTM4N2ZlNzIxZWVjOWNmYWY4LmpwZz90PTE0ODc2MTAwMDM1NjQ.webp
s-img.mgid.com/g/3805434/492x328/0x0x492x328/ 11 KB
12 KB 27ms
26ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805434/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDItMjAvMTAxOTI0L2E0MDg4YTc0ZjE5OWZiOTM4N2ZlNzIxZWVjOWNmYWY4LmpwZz90PTE0ODc2MTAwMDM1NjQ.webp?v=1608454411-S4veX-oQMzE3wCGxdbUf8EHQ65ZNKSWVogdXWk1d388
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b9568a17b484886bad87a7eaac4ca134c9734778488fd262b39655b8633f9e8

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:32 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:22:56 GMT
x-mg-request-uuid: bdae13a3-75e0-4457-b576-de5dbefdbe57
age: 3732004
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6048222b98e9049b-CDG
content-length: 11398
cf-request-id: 0720f3af3f0000049b580d4000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC81MzYyOTQ5ODY4NTNlMzBkMzAwNzk2YWMyOTBlN2FmMC5qcGVn.webp
s-img.mgid.com/g/3805669/492x328/0x245x736x490/ 18 KB
18 KB 33ms
31ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805669/492x328/0x245x736x490/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC81MzYyOTQ5ODY4NTNlMzBkMzAwNzk2YWMyOTBlN2FmMC5qcGVn.webp?v=1608454411-sq0sXk2XixE0QhWclWcQvhjT-WsTmNgIwUmgdUt1ViE
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fcc185ecfb2dc1fbc55679e535adad1f14f85237cb5554191cce2b03aabcf33

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:32 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Sep 2020 01:31:54 GMT
x-mg-request-uuid: 9cf535d8-17c6-4878-a470-f1d41d007885
age: 4001796
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6048222b98eb049b-CDG
content-length: 18178
cf-request-id: 0720f3af3f0000049b06ba2000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2FmNzNmOTExYzA0OWI2Y2NmZTRmN2M3YjFlOGQ5OWQzLmpwZz90PTE0OTc5ODQ5NjIzMjM.webp
s-img.mgid.com/g/3805489/492x328/0x158x799x532/ 13 KB
13 KB 30ms
28ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805489/492x328/0x158x799x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2FmNzNmOTExYzA0OWI2Y2NmZTRmN2M3YjFlOGQ5OWQzLmpwZz90PTE0OTc5ODQ5NjIzMjM.webp?v=1608454411-ZxvuCH_84XcvCqe06ChmyPT_iKy64SmpPJ-WSxe0q3Y
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2eba15eb8245896d2083fcffa94c68d1b1a0a292c2235f8ec4f75e867121255

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:32 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:13:55 GMT
x-mg-request-uuid: ec12465c-7f5e-4d7e-ae10-5f3270983e4c
age: 4082125
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6048222b98ed049b-CDG
content-length: 13220
cf-request-id: 0720f3af3f0000049b29230000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc.webp
s-img.mgid.com/g/5523139/492x328/135x0x1062x708/ 18 KB
18 KB 27ms
26ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5523139/492x328/135x0x1062x708/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc.webp?v=1608454411-hO50zmjsvIsWZ-GJpMXnrHyonNE0sT4jaQFuH4ZFs10
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eac7590b017690e12746846c2498d60c1d205bf7006236c21df207bfee4a5d48

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:32 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:23:06 GMT
x-mg-request-uuid: 4e750d4a-bf82-42b7-9fba-5ec7c36a717b
age: 3738894
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6048222ba902049b-CDG
content-length: 18000
cf-request-id: 0720f3af4b0000049b41992000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0L2E4NGZmYTUxNTI5ZDZmNGQ2NzJmM2UxMjFlYzNjMjk4LmpwZWc.webp
s-img.mgid.com/g/4147880/492x328/0x32x655x436/ 9 KB
10 KB 28ms
28ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4147880/492x328/0x32x655x436/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDkvMTAxOTI0L2E4NGZmYTUxNTI5ZDZmNGQ2NzJmM2UxMjFlYzNjMjk4LmpwZWc.webp?v=1608454411-qIJSxiVnmkOX1c3AMUXuiNBhfSVF9-CEjqYqvBbADO0
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 862887b8e94ba6d80cd369cc81c7c3c68f6a292668260a98239cb6a361c42e62

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:32 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:24:51 GMT
x-mg-request-uuid: 8ea4338f-6b57-4536-874d-100ced83309e
age: 3994462
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6048222ba904049b-CDG
content-length: 9624
cf-request-id: 0720f3af4c0000049b283cc000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2IwNTY1MGMyNWJmMzk2MGQ5OWMzNThmMGVhMmRlYjFiLmpwZz90PTE0OTgxNjIxOTEzMjY.webp
s-img.mgid.com/g/3805610/492x328/0x0x495x330/ 20 KB
21 KB 27ms
27ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805610/492x328/0x0x495x330/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0L2IwNTY1MGMyNWJmMzk2MGQ5OWMzNThmMGVhMmRlYjFiLmpwZz90PTE0OTgxNjIxOTEzMjY.webp?v=1608454411-3-M6t0f2x9C5EnRNtleMS_9oXO53uEGimi1Co56Pl3g
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b94380f7876d7d1dc2a2f41bb763a299aeb5cc8899060c1e37d7113f6e7dfb0c

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:32 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:28:19 GMT
x-mg-request-uuid: 2235185b-41e9-4ea7-9a64-5ddb632a57bb
age: 3822205
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6048222bc92d049b-CDG
content-length: 20938
cf-request-id: 0720f3af5a0000049b41993000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc.webp
s-img.mgid.com/g/6288128/492x328/0x155x900x600/ 7 KB
7 KB 28ms
27ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/6288128/492x328/0x155x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc.webp?v=1608454411-KiTPZ6Q_CXnwDNKswUHIEdvfFTw59TFuFYBXgndmKq0
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89c715bab749f2438367b405207f80871f7df7d1d429fed4f6d103344759c8ed

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:32 GMT
cf-cache-status: HIT
last-modified: Sun, 04 Oct 2020 08:22:53 GMT
x-mg-request-uuid: 13e14fc4-eaf0-426d-a811-48e8f20bb6e3
age: 3747873
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6048222bc931049b-CDG
content-length: 7490
cf-request-id: 0720f3af5b0000049b14842000000001
server: cloudflare

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
63 B 13ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=981906029&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2FDo3ZF1fi8t&ul=en-us&de=UTF-8&dt=werwer34r%20-%20Paste.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1890098490&gjid=595056850&cid=1595695615.1608454412&tid=UA-137362802-1&_gid=1398543442.1608454412&_r=1&gtm=2oubu0&z=1627402085

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
26 B 13ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=981906029&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2FDo3ZF1fi8t&ul=en-us&de=UTF-8&dt=werwer34r%20-%20Paste.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUABAAAAAC~&jid=446566710&gjid=843315822&cid=1595695615.1608454412&tid=UA-174907544-1&_gid=1398543442.1608454412&_r=1&gtm=2oubu0&z=570629374

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzZkNjRkNGQ2NDhhMWFiMDFlYzk0YWYyZDgzNjBiM2NmLnBuZw.webp
s-img.mgid.com/g/5097658/492x328/0x105x650x433/ 15 KB
15 KB 31ms
30ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097658/492x328/0x105x650x433/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzZkNjRkNGQ2NDhhMWFiMDFlYzk0YWYyZDgzNjBiM2NmLnBuZw.webp?v=1608454412--PezT03b2LaX6Sm4CD-VOyBysPvULQuZbsabhg3hfXM
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e38b415c34bc287e5f207b929aa1a732dcc1fc58e757a7f077719a84d7c059c

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:32 GMT
cf-cache-status: HIT
last-modified: Sun, 04 Oct 2020 08:22:53 GMT
x-mg-request-uuid: 3b5451f6-4f2c-4d62-9395-3d749a9629c6
age: 3825184
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6048222bd95e049b-CDG
content-length: 14944
cf-request-id: 0720f3af6c0000049b283cf000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp
s-img.mgid.com/g/5097645/492x328/0x0x980x653/ 24 KB
24 KB 27ms
26ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097645/492x328/0x0x980x653/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzY4MTM3YWVmOWYzOGUwMWUwYjFlYTA5ZjZlZjY0ZjJlLmpwZWc.webp?v=1608454412-6x9G6_x6rXAWHFlKn8PwMM3cdW78LXnhvKNDjV04fJM
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12b92a2cb05cfef66c4ada6dc0cb92b1956ce9dfb293e8c718b74a0b0f8939e2

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:32 GMT
cf-cache-status: HIT
last-modified: Sun, 04 Oct 2020 08:22:49 GMT
x-mg-request-uuid: ca5cd678-e6ac-4d2f-8c89-0ac4ebaf5ffa
age: 4003907
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6048222be962049b-CDG
content-length: 24582
cf-request-id: 0720f3af6c0000049b21111000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzI4MGUwZTIyYTk0NDg4NTA3ZjM0MzA2YWM5M2JlOWM1LmpwZWc.webp
s-img.mgid.com/g/3839414/492x328/84x0x758x505/ 16 KB
16 KB 34ms
34ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3839414/492x328/84x0x758x505/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzI4MGUwZTIyYTk0NDg4NTA3ZjM0MzA2YWM5M2JlOWM1LmpwZWc.webp?v=1608454412-JCWSiZHqVMjmIDnWgP7Q5hyg5E2I60QLSJgvHtcptUM
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a65a8068c1f96e196b8917aebe0f81fd6992d25c93a3c078fc210ba028a1234

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:32 GMT
cf-cache-status: HIT
last-modified: Sun, 04 Oct 2020 08:19:45 GMT
x-mg-request-uuid: be0790ab-33ec-4a09-9fdc-9001a08bbf27
age: 3821117
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6048222be963049b-CDG
content-length: 15900
cf-request-id: 0720f3af6c0000049bf3358000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5Mjg1Y2FiMDIyMDQ2ODE5NGIxNzU3ZTZmMzhjZDQ3LmpwZWc.webp
s-img.mgid.com/g/3944304/492x328/0x0x758x505/ 23 KB
23 KB 32ms
32ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3944304/492x328/0x0x758x505/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5Mjg1Y2FiMDIyMDQ2ODE5NGIxNzU3ZTZmMzhjZDQ3LmpwZWc.webp?v=1608454412-3zf-dPt8FoLbwzlixzsDKffFLFlM3ULoWuK4afhFCps
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80c617a07b4d70a5989a62e6e2c7e20b5806187205d05eb352c2042c9dd59669

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:32 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:22:53 GMT
x-mg-request-uuid: 3b73cb79-ca60-4e5c-8832-e5ef5801d594
age: 3900212
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6048222be965049b-CDG
content-length: 23892
cf-request-id: 0720f3af6d0000049bf3bcb000000001
server: cloudflare

GET
H/1.1 200
OK 0a3a0c92910b63298c6f5b55b048f73f Show response
inabsolor.com/27/ 361 KB
119 KB 45ms
45ms Script
application/javascript 139.45.195.167
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inabsolor.com/27/0a3a0c92910b63298c6f5b55b048f73f

Requested by

Host: inabsolor.com
URL: https://inabsolor.com/1?z=3724583

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.167 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

949f6a3e065b5cc8f4cd059adf4c6bfccb1cace57707636a3e5d64ffaf83135c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 20 Dec 2020 08:53:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 08 Dec 2020 05:36:22 GMT
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: max-age:290304000, public
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Tue, 07 Jan 2081 05:36:22 GMT

GET
H/1.1 200
OK 38 Show response
inabsolor.com/42/ 0
722 B 98ms
32ms Script
text/plain 139.45.195.167
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://inabsolor.com/42/38?z=3724583
Requested by: Host: inabsolor.com
URL: https://inabsolor.com/1?z=3724583
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.195.167 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Dec 2020 08:53:32 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Content-Length: 0
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE2N2M0OTZmNzkyOThhYzBlNGRhZDgwN2VhMGI2Y2U1LmpwZz90PTE0OTc5ODQwMTQ5NjU.webp
s-img.mgid.com/g/3805481/370x209/0x205x800x533/ 10 KB
10 KB 28ms
27ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805481/370x209/0x205x800x533/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0LzE2N2M0OTZmNzkyOThhYzBlNGRhZDgwN2VhMGI2Y2U1LmpwZz90PTE0OTc5ODQwMTQ5NjU.webp?v=1608454412-e04OICobhfiwI8paSDypt4KuQFPwcSi6jT6BFBRfKFM
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4ffe14c1b94027bdbbbd93eabd9a7c6f4a14dd13f4aea53632e8f47b7de1ab7

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:32 GMT
cf-cache-status: HIT
last-modified: Mon, 26 Oct 2020 13:46:54 GMT
x-mg-request-uuid: ca2c5746-cc9a-4c17-88c9-ce803c2b0441
age: 4004729
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6048222bf996049b-CDG
content-length: 10118
cf-request-id: 0720f3af7a0000049b11068000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2E5ZmM0ODI1Y2RlZmFlOTFmMTFjZWRlZWQzY2YwMmY1LmpwZWc.webp
s-img.mgid.com/g/6946118/370x209/0x59x1024x682/ 10 KB
10 KB 29ms
28ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/6946118/370x209/0x59x1024x682/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2E5ZmM0ODI1Y2RlZmFlOTFmMTFjZWRlZWQzY2YwMmY1LmpwZWc.webp?v=1608454412-ItQA4bqSTyfr4cxQ70VCaZRNjq-re2reQiqkxRDu1X0
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee049a89f3aabde3405558eab906101654c6ea3c4deaaa8efa7af826ccff1d81

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:32 GMT
cf-cache-status: HIT
last-modified: Mon, 26 Oct 2020 13:44:38 GMT
x-mg-request-uuid: facd9c0e-0e85-4c2b-b818-78b06fa64843
age: 3828063
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6048222bf99a049b-CDG
content-length: 9972
cf-request-id: 0720f3af7a0000049b4ebbb000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzM5ZGMzY2I3MjBmYzRlYmVkZmUxNGE5MTc0N2UzNzIyLmpwZz90PTE0OTgxMjc5OTQyMTU.webp
s-img.mgid.com/g/3805478/370x209/0x150x1060x706/ 7 KB
7 KB 27ms
26ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805478/370x209/0x150x1060x706/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzM5ZGMzY2I3MjBmYzRlYmVkZmUxNGE5MTc0N2UzNzIyLmpwZz90PTE0OTgxMjc5OTQyMTU.webp?v=1608454412-g5PTWOasxwpMh_K2gg6X8UQ3uz6LRa1U6UHLHmpVEHs
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 297eaefaf0ed3f4224de66e7d92b62243f5e0ceabdb808b0028704da08dd96d8

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:32 GMT
cf-cache-status: HIT
last-modified: Mon, 26 Oct 2020 13:44:58 GMT
x-mg-request-uuid: a7af9b2b-b974-4709-a9cf-706aa98271cc
age: 3744770
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6048222c09ae049b-CDG
content-length: 7260
cf-request-id: 0720f3af830000049bf98ab000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdjODMzMmYwY2IzMWMwMzcxNTEwMTZiMDJiZTg2YzBhLmpwZWc.webp
s-img.mgid.com/g/3885439/370x209/0x0x582x388/ 8 KB
8 KB 26ms
26ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3885439/370x209/0x0x582x388/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzdjODMzMmYwY2IzMWMwMzcxNTEwMTZiMDJiZTg2YzBhLmpwZWc.webp?v=1608454412-ckZs1-JvCZKsYSZ2WrE6CZs1WI5MB0ce4alalv_Np9g
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 842c89903975bfecf512ac0871a9d2059f065fa9ff54eb42fea2369a1e2c23e2

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:32 GMT
cf-cache-status: HIT
last-modified: Mon, 26 Oct 2020 13:43:07 GMT
x-mg-request-uuid: 89669f75-e9ec-4d97-b02f-bca2e6ccc6c0
age: 3905912
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 6048222c09ac049b-CDG
content-length: 8446
cf-request-id: 0720f3af830000049b09afe000000001
server: cloudflare

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
85 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-137362802-1&cid=1595695615.1608454412&jid=1890098490&gjid=595056850&_gid=1398543442.1608454412&_u=IEBAAUAAAAAAAC~&z=532599193

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 20 Dec 2020 08:53:32 GMT
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 0A63
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

104ms
34ms

Document
text/html

104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=160845441207710151990
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.50.124 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://paste.co.id/Do3ZF1fi8t
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/Do3ZF1fi8t

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Sun, 20 Dec 2020 08:53:32 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Sun, 20 Dec 2020 08:53:32 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=mgid&bsw_custom_parameter=bb7e3bbc-57a5-470e-b629-bab93fc44dd2
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=mgid&expires=10&bsw_param=bb7e3bbc-57a5-470e-b629-bab93fc44dd2
https://cm.mgid.com/m?cdsp=433145&c=bb7e3bbc-57a5-470e-b629-bab93fc44dd2&gdpr=&gdpr_consent=&us_privacy=

43 B
242 B

80ms
80ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=bb7e3bbc-57a5-470e-b629-bab93fc44dd2&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:32 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 3ca4270b-81c8-4405-a5d0-3956447f033e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6048222e4d29049b-CDG
cf-request-id: 0720f3b0ec0000049b0036b000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=bb7e3bbc-57a5-470e-b629-bab93fc44dd2&gdpr=&gdpr_consent=&us_privacy=
date: Sun, 20 Dec 2020 08:53:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=a2Jrd3pXZzc1bVIw&muidn=kbkwzWg75mR0
https://cm.mgid.com/google?muidn=kbkwzWg75mR0&google_ula={guid},5&google_gid=CAESEBwq1AyVC0P2yd_PdbdKkkI&google_cver=1

0
333 B

81ms
80ms

Image
text/plain

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=kbkwzWg75mR0&google_ula={guid},5&google_gid=CAESEBwq1AyVC0P2yd_PdbdKkkI&google_cver=1
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6048222ccb08049b-CDG
cf-request-id: 0720f3afff0000049b46350000000001

Redirect headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=kbkwzWg75mR0&google_ula={guid},5&google_gid=CAESEBwq1AyVC0P2yd_PdbdKkkI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=1212a2e8-d060-4882-a7b2-35602fe7dc3a

43 B
258 B

90ms
89ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=1212a2e8-d060-4882-a7b2-35602fe7dc3a
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:37 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 4f85c45c-6cf1-4127-b9a2-fe69f61d0a48
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6048224e1db4049b-CDG
cf-request-id: 0720f3c4d00000049b501a3000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=287839&c=1212a2e8-d060-4882-a7b2-35602fe7dc3a
date: Sun, 20 Dec 2020 08:53:37 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

sync
visitor.omnitagjs.com/visitor/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=kbkwzWg75mR0
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=kbkwzWg75mR0
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=bb7e3bbc-57a5-470e-b629-bab93fc44dd2&name=BIDSWITCH

49 B
372 B

66ms
23ms

Image
image/gif

185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=bb7e3bbc-57a5-470e-b629-bab93fc44dd2&name=BIDSWITCH

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
content-type: image/gif
content-length: 74
expires: 0

Redirect headers

location: //visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=bb7e3bbc-57a5-470e-b629-bab93fc44dd2&name=BIDSWITCH
date: Sun, 20 Dec 2020 08:53:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
556 B 136ms
85ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=kbkwzWg75mR0
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6048222c6ff8084b-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 0720f3afbd0000084bef223000000001

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
560 B 130ms
78ms Image
image/gif 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=kbkwzWg75mR0
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:32 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6048222c6cc00857-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 0720f3afbf000008578413c000000001

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=9caccae1-8a4f-462c-9923-0336f7285f34&ttl=1611046412

43 B
337 B

74ms
73ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=9caccae1-8a4f-462c-9923-0336f7285f34&ttl=1611046412
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:32 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: ce2a7371-9e72-479c-87e9-28856682f380
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6048222d7bea049b-CDG
cf-request-id: 0720f3b06a0000049b5987c000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:32 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=9caccae1-8a4f-462c-9923-0336f7285f34&ttl=1611046412
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=lrtrHaEMRAr3XlJZ3j0Z&pi=mgid&tc=1

43 B
226 B

76ms
75ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=lrtrHaEMRAr3XlJZ3j0Z&pi=mgid&tc=1
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:32 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: c6bb6c2b-9bf0-4923-ab7a-8deccd505b98
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6048222dbc55049b-CDG
cf-request-id: 0720f3b0960000049bf20ae000000001
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=lrtrHaEMRAr3XlJZ3j0Z&pi=mgid&tc=1
pragma: no-cache
date: Sun, 20 Dec 2020 08:53:32 GMT, Sun, 20 Dec 2020 08:53:32 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H/1.1 200
OK custom
seeptoag.net/ Frame 0
0 33ms
32ms Other
text/plain 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.145 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sun, 20 Dec 2020 08:53:32 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
seeptoag.net/ 39 B
486 B 38ms
38ms Fetch
application/json 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.145 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 3a326361530243fb43768f553c6252d4
Date: Sun, 20 Dec 2020 08:53:32 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H/1.1 200
OK gid.js Show response
my.rtmark.net/ 65 B
769 B 131ms
33ms Fetch
application/json 139.45.197.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=0649ba86e1134d5384c39acd96bd35b8&zoneId=3534037&checkDuplicate=true&ymid=&var=

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.8 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

85c83914174e7f58595d0e03234330a4dc21c7acd0a06197482c38ed4f39f278

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 20 Dec 2020 08:53:32 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 65

GET
H2 200 0805408441928.png
littlecdn.com/contents/s/cb/9f/b9/f83edb61067b798e603a72771e/ 3 KB
4 KB 30ms
15ms Image
image/png 2606:4700:10::6816:1974
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/contents/s/cb/9f/b9/f83edb61067b798e603a72771e/0805408441928.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf1562c77987e7f1708ac3c6fdf7604f8c8169df061f89d9c7daeaafc1990f5f

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:32 GMT
cf-cache-status: HIT
age: 7125
content-length: 3225
cf-request-id: 0720f3afa200004ac8239c9000000001
last-modified: Sun, 28 Apr 2019 17:29:22 GMT
server: cloudflare
etag: "5cc5e2f2-c99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6048222c3d844ac8-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
88 B 19ms
18ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-137362802-1&cid=1595695615.1608454412&jid=1890098490&_u=IEBAAUAAAAAAAC~&z=534087750

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
88 B 18ms
17ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-137362802-1&cid=1595695615.1608454412&jid=1890098490&_u=IEBAAUAAAAAAAC~&z=534087750

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 204
No Content 9
inabsolor.com/ Frame 0
0 126ms
31ms Other 139.45.195.167
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://inabsolor.com/9?z=3724583&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaste.co.id%2FDo3ZF1fi8t&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&sah=1200&drf=&hil=2&ist=0
Protocol: HTTP/1.1
Server: 139.45.195.167 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sun, 20 Dec 2020 08:53:32 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 online.js Show response
static.lalaping.com/ 84 KB
33 KB 44ms
23ms Script
application/javascript 2606:4700:20::681a:97b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lalaping.com/online.js?ver=2.0.0
Requested by: Host: inabsolor.com
URL: https://inabsolor.com/27/0a3a0c92910b63298c6f5b55b048f73f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:97b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 17:10:39 GMT
server: cloudflare
age: 6470
etag: W/"5fbbed0f-14f3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=biryzazwZEQ%2FJp87BpKo0RZkwLR02ytTMg3RcfRmSMbVFXSiuP4OUqOavcLA8O%2BDuPBduFxSkmxc0RMMyvFOjKW%2BGZ%2B5NcxqR2ifoJDLE1j20e6ZAivqIkvZ1X3aHc4v"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6048222cdf7ec2fe-FRA
cf-request-id: 0720f3b0090000c2fe80896000000001

POST
H/1.1 204
No Content 9 Show response
inabsolor.com/ 0
768 B 35ms
35ms XHR
application/javascript 139.45.195.167
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://inabsolor.com/9?z=3724583&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaste.co.id%2FDo3ZF1fi8t&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&sah=1200&drf=&hil=2&ist=0
Requested by: Host: inabsolor.com
URL: https://inabsolor.com/27/0a3a0c92910b63298c6f5b55b048f73f
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.195.167 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Sun, 20 Dec 2020 08:53:32 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK defaultSkin.min.js Show response
seeptoag.net/pfe/current/ 56 KB
19 KB 40ms
40ms Fetch
application/javascript 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/pfe/current/defaultSkin.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.145 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Dec 2020 08:53:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 13:35:40 GMT
Server: nginx
ETag: W/"5fd2242c-de6b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H3-Q050 200 googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 5 KB
5 KB 17ms
15ms Image
image/png 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5087
x-xss-protection: 0
expires: Sun, 20 Dec 2020 08:53:32 GMT

GET
H3-Q050 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 16ms
14ms Image
image/png 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5969
x-xss-protection: 0
expires: Sun, 20 Dec 2020 08:53:32 GMT

GET
H3-Q050 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 13 KB
13 KB 19ms
17ms Image
image/png 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13504
x-xss-protection: 0
expires: Sun, 20 Dec 2020 08:53:32 GMT

GET
H3-Q050 200 googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 7 KB
7 KB 17ms
15ms Image
image/png 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
expires: Sun, 20 Dec 2020 08:53:32 GMT

GET
H3-Q050 200 googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 4 KB
4 KB 17ms
16ms Image
image/png 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3934
x-xss-protection: 0
expires: Sun, 20 Dec 2020 08:53:32 GMT

GET
DATA 200
OK truncated
/ Frame B8C2 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H/1.1 200
OK custom
seeptoag.net/ Frame 0
0 33ms
33ms Other
text/plain 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.145 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sun, 20 Dec 2020 08:53:32 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
seeptoag.net/ 39 B
486 B 33ms
33ms Fetch
application/json 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.145 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 8fced23fa0245d256cc85eefef3523af
Date: Sun, 20 Dec 2020 08:53:32 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H3-Q050 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
99 B 2370ms
2369ms XHR
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:35 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.25
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H3-Q050 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 429ms
225ms Other
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.25
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.25
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Sun, 20 Dec 2020 08:53:32 GMT
server: LiteSpeed

OPTIONS
H3-Q050 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 2078ms
2078ms Other
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.25
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.25
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Sun, 20 Dec 2020 08:53:35 GMT
server: LiteSpeed

POST
H3-Q050 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
101 B 418ms
417ms XHR
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:37 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.25
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 c
c.mgid.com/ 43 B
154 B 2040ms
2039ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=202|219|8|xiQ9WIow1tmnLPAYoIOIRN2JrM74Txsiv3UoqDnFRNYLnhnx8UQTjhSHIHker5nJ&fw=1&extjs=66044&v=202|219|40|xiQ9WIow1tmnLPAYoIOIRDMB72p873NehmifX3CRLXsXOHzKAqCnw7s1pFRxqABw&v=202|219|8|xiQ9WIow1tmnLPAYoIOIRO3pS0ev-VWxO8dIC-ZHptTS2xyXVI6XitkyviVWE_Vd&v=202|219|8|xiQ9WIow1tmnLPAYoIOIRFF4CqnBg5Y6dNUbyyJmJ-G1Oj1SBXq_KAGbfNpM5cvh&cid=997452&h2=_IqHHECS4sm7TQFWqEkmfXiIRCw5aJaSpM4M_SpA4o4*&rid=d620e8ae-42a0-11eb-a7e4-d094662f8ab5&tt=Direct&pageImp=1&muid=kbkvq71Ma_R0&cbuster=1608454415466974432819&tpl=0
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:37 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 906fc0dc-41e8-4ad9-b649-8b9485e4c3b8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6048224cfbf6049b-CDG
cf-request-id: 0720f3c41a0000049bf62ee000000001
server: cloudflare

GET
H2 200 c
c.mgid.com/ 43 B
280 B 2031ms
2031ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=414|107|8|pfqgiXC_rmGSnm2raGCddb_Ygshqqwh9hPXxCqRrcu-cDotMl7yqKj5b63BPAu47&fw=1&extjs=66044&v=414|107|8|pfqgiXC_rmGSnm2raGCddbS2uc3YuKegAO1SEZlFKrpNerhfb99v447AfPSZIRKd&v=414|108|8|pfqgiXC_rmGSnm2raGCddYZ6O-bfcqEU_d_60VpeQj_ydGsaLsdksK_beaXiLYsJ&v=414|108|8|pfqgiXC_rmGSnm2raGCddamkHnhbsHT3H-clDEAoZUT-nIosf41MvxRuuuziqKE_&cid=914924&h2=_IqHHECS4sm7TQFWqEkmfXiIRCw5aJaSpM4M_SpA4o4*&rid=d62d340f-42a0-11eb-a7e4-d094662f8ab5&tt=Direct&pageImp=0&muid=kbkvq71Ma_R0&cbuster=1608454415469499707841&tpl=0
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:37 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 6c5f8dfa-c9ae-4b0d-8032-19280dbf489c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6048224cfbf7049b-CDG
cf-request-id: 0720f3c41a0000049b5aa79000000001
server: cloudflare

GET
H2 200 c
c.mgid.com/ 43 B
154 B 2032ms
2031ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?pv=3&v=90|213|24|RUghjSxP5BOj8Xk3nvRfXkYyYG2uFZnmjteX4AOiTcmtRgWd5EuQEkkkRWUNUwMG&fw=1&extjs=66044&v=90|213|24|RUghjSxP5BOj8Xk3nvRfXl0u_riJ9EgGbLAC-KMFYCFFjLeszY8GTGcRAGquGlaD&cid=997452&h2=_IqHHECS4sm7TQFWqEkmfXiIRCw5aJaSpM4M_SpA4o4*&rid=d62add15-42a0-11eb-a7e4-d094662f8ab5&tt=Direct&pageImp=0&muid=kbkvq71Ma_R0&cbuster=1608454415469714006089&tpl=0
Requested by: Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:37 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 86a5cca1-5077-46dd-8f36-62ac94e15a84
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6048224cfbf8049b-CDG
cf-request-id: 0720f3c41a0000049b2d063000000001
server: cloudflare

OPTIONS
H/1.1 200
OK add
o.wowreality.info/api/log/ Frame 0
0 1377ms
31ms Other 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Protocol: HTTP/1.1
Server: 139.45.195.254 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sun, 20 Dec 2020 08:53:37 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://paste.co.id

POST
H/1.1 200
OK add Show response
o.wowreality.info/api/log/ 0
398 B 127ms
58ms XHR
text/plain 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Requested by: Host: static.lalaping.com
URL: https://static.lalaping.com/online.js?ver=2.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

Date: Sun, 20 Dec 2020 08:53:37 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length: 0

OPTIONS
H3-Q050 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 1209ms
1209ms Other
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.25
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.25
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Sun, 20 Dec 2020 08:53:37 GMT
server: LiteSpeed

POST
H3-Q050 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
102 B 1470ms
293ms XHR
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:39 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.25
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H/1.1 200
OK custom
seeptoag.net/ Frame 0
0 97ms
32ms Other
text/plain 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.145 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sun, 20 Dec 2020 08:53:37 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
seeptoag.net/ 39 B
486 B 98ms
33ms Fetch
application/json 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/Do3ZF1fi8t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.145 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 28ee509bee4eccf273b6655d0af9fb4b
Date: Sun, 20 Dec 2020 08:53:37 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H3-Q050 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 265ms
265ms Other
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.25
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.25
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Sun, 20 Dec 2020 08:53:38 GMT
server: LiteSpeed

POST
H3-Q050 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
101 B 335ms
321ms XHR
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:38 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.25
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK PCi8GGBIlaUC4HdCV45M3b8bx5zxUP7iWABlYnNDKLaZJ-aKPCCH2n-zoilcwyLxaWiFV99veKeKQMsQA5Pp_B2oW1-TnzG3iHK7GHtq07bFpaWCSDxQJl0oh2Hbd4-kVOi2e5qTT3A5Ofq7xySw-DKSSyXDliV8Oy2kjNvXb86HfRggL53o59fBvbKPnOxSdO0vt...
onstunkyr.com/impression/ 43 B
482 B 127ms
32ms Image
image/gif 139.45.197.9
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onstunkyr.com/impression/PCi8GGBIlaUC4HdCV45M3b8bx5zxUP7iWABlYnNDKLaZJ-aKPCCH2n-zoilcwyLxaWiFV99veKeKQMsQA5Pp_B2oW1-TnzG3iHK7GHtq07bFpaWCSDxQJl0oh2Hbd4-kVOi2e5qTT3A5Ofq7xySw-DKSSyXDliV8Oy2kjNvXb86HfRggL53o59fBvbKPnOxSdO0vtadRAov_X1qLZj5IjwcFa-KUmQywJi6Br-Q96Ikh7JM9CIKUSJmjGkizWcCiCJAgFLT0wZAzE99QXkYgwBBfgglOK39wX0SmjZepgroIewrfCbWNe-qeeGXtBAMNgeJML3KuY9lJfRh-qtE0pCqFedghYITc5rPe5tpzBBhn_citabBFspfLKFdfDPnhcWSQbXeqXu9ZfbP9XGPECxukQTJo3c4Fw_8lC6y7bnLQeb-j5PI7y1dUvpR4K-oTrCa9JvX608brItq9yGPavT6lfA5tY5_gSW6YyfPogz9ry1S_5o-1S7ldnv0yKj_ChrHDE_duaynYZIXjrjvaE6u8z_7-Yn8qRozIBZJfrf8jVJw6mk5dSXgF06k6VnN0j4-Ap27C0pqfAMMbQwPSjUp9Qw5PcLnTqchFbAMB6tRLzfnbhRgRS7Xfrg2ds0fm_40ow43dZvftlDkIEo6lO1jGosxVgrUHOyf8UuKxmJI=?z=3509488&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fpaste.co.id%2FDo3ZF1fi8t&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.9 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 12f147812df0c300908578bd9cfcf85a
Pragma: no-cache
Date: Sun, 20 Dec 2020 08:53:41 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: image/gif
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Vary: Origin
Content-Length: 43
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 0805408441928.png
littlecdn.com/contents/s/cb/9f/b9/f83edb61067b798e603a72771e/ Frame AC2D 3 KB
3 KB 10ms
10ms Image
image/png 2606:4700:10::6816:1974
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/contents/s/cb/9f/b9/f83edb61067b798e603a72771e/0805408441928.png
Requested by: Host: inpagepush.com
URL: https://inpagepush.com/400/3509488
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf1562c77987e7f1708ac3c6fdf7604f8c8169df061f89d9c7daeaafc1990f5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 20 Dec 2020 08:53:41 GMT
cf-cache-status: HIT
age: 7134
content-length: 3225
cf-request-id: 0720f3d4d300004ac8140a2000000001
last-modified: Sun, 28 Apr 2019 17:29:22 GMT
server: cloudflare
etag: "5cc5e2f2-c99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 60482267b8634ac8-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H/1.1 200
OK 3509488 Show response
inpagepush.com/500/ 1 KB
2 KB 130ms
49ms XHR
application/javascript 139.45.195.26
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3509488?excludes=6428786&oaid=3a4044e2220740d8ab9c4d7c5ddcc35e&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&pl=https%3A%2F%2Fpaste.co.id%2FDo3ZF1fi8t&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.26 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2a39e2091b1e04f2d351356646395d63a9f323bfb7ba49a314774eb085607017

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 20 Dec 2020 08:53:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: d75f4f7fe1d0f8f3d252514f598ba988
Pragma: no-cache
Server: nginx
Vary: Origin
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H/1.1 200
OK 3509488
inpagepush.com/500/ Frame 0
0 93ms
31ms Other 139.45.195.26
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Server

139.45.195.26 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sun, 20 Dec 2020 08:53:41 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Max-Age: 300
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *

GET
H/1.1 200
OK 01518696390713.png
static.cdnativepush.com/contents/s/70/51/f2/1b62babe0716d7c5c0e4f24de0/ 921 B
2 KB 127ms
32ms Image
image/png 139.45.197.174
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/70/51/f2/1b62babe0716d7c5c0e4f24de0/01518696390713.png
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.174 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 88d7e15ac7d9f6571cbb281bae8ab485a523782791509617aefd2df41665d150

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 20 Dec 2020 08:53:42 GMT
Last-Modified: Thu, 30 Apr 2020 13:15:35 GMT
Server: nginx
ETag: "5eaacf77-399"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 921

OPTIONS
H2 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 651ms
253ms Other
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H2
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.25
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.25
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Sun, 20 Dec 2020 08:53:42 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

POST
H3-Q050 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
102 B 285ms
285ms XHR
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:43 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.25
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H3-Q050 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
78 B 248ms
247ms XHR
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:43 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.25
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H3-Q050 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 225ms
225ms Other
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.25
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.25
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Sun, 20 Dec 2020 08:53:43 GMT
server: LiteSpeed

POST
H3-Q050 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
101 B 262ms
261ms XHR
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:44 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.25
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H3-Q050 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 229ms
228ms Other
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.25
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.25
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Sun, 20 Dec 2020 08:53:44 GMT
server: LiteSpeed

POST
H3-Q050 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
101 B 246ms
246ms XHR
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:45 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.25
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H3-Q050 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 228ms
228ms Other
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.25
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.25
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Sun, 20 Dec 2020 08:53:45 GMT
server: LiteSpeed

POST
H3-Q050 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
101 B 248ms
248ms XHR
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:46 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.25
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H3-Q050 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 229ms
229ms Other
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.25
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.25
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Sun, 20 Dec 2020 08:53:46 GMT
server: LiteSpeed

GET
H/1.1 200
OK yVcFo5MxA1S0-9dzFLxJo2fzq04TnGvseLusrBl3y79XR4M9B8y6B5prGttk41ZfaFmig4x7mLqLaNpsP-C51lreQ_r79gkx3Ss85Kn3FnOk-8obbRYZGGABjyGG9MS7rM1MN1593nf1ROxYuMXlxReii_xpNWZnnozQQ2PAp4PQmr9lUonS8-rfPbr6mh1OgTLGf...
onstunkyr.com/impression/ 43 B
482 B 35ms
35ms Image
image/gif 139.45.197.9
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onstunkyr.com/impression/yVcFo5MxA1S0-9dzFLxJo2fzq04TnGvseLusrBl3y79XR4M9B8y6B5prGttk41ZfaFmig4x7mLqLaNpsP-C51lreQ_r79gkx3Ss85Kn3FnOk-8obbRYZGGABjyGG9MS7rM1MN1593nf1ROxYuMXlxReii_xpNWZnnozQQ2PAp4PQmr9lUonS8-rfPbr6mh1OgTLGfroC3Lwl4nokgi4HjZFPw7VKPd2_W0FYbJnYATS38aueqMtsHiu23ygeYl5dtPspVboeIqrBH4bdic0v4pn9A4lKLwGERiSwhYnV8Qz6NLz37fqLMckzwGftnkstpoInYK8nFUMF7TFXKmGdzg-mm9xa6fig5rRMsBDwAHqXUNvdePtEZg6FztTMlAW3h_j_6OEDNSP8VbQwq7ZZQwGzyFaljFafukRzOuMSUgB8UGsNS8UrfqRyFv1zy7tKuM7UbCW1qq-rx8xs1iKzX21AHBTuN5095fIUdrTWlk2yJDgQxgDoD1lt_THzEAB2ZfQNQ-ZE-kQnsdiCdXqsbsn6tf7uPAPxfw419lUvMg3KiKI3JwjAXThk651KYKtqIEMCPYCWARvofTGAn0NG4Q==?z=3509488&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&pl=https%3A%2F%2Fpaste.co.id%2FDo3ZF1fi8t&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.9 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 78dccb2acddd074714e02982d4e86284
Pragma: no-cache
Date: Sun, 20 Dec 2020 08:53:46 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: image/gif
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Vary: Origin
Content-Length: 43
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 01518696390713.png
static.cdnativepush.com/contents/s/70/51/f2/1b62babe0716d7c5c0e4f24de0/ Frame AC2D 921 B
2 KB 33ms
33ms Image
image/png 139.45.197.174
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/70/51/f2/1b62babe0716d7c5c0e4f24de0/01518696390713.png
Requested by: Host: inpagepush.com
URL: https://inpagepush.com/400/3509488
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.174 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 88d7e15ac7d9f6571cbb281bae8ab485a523782791509617aefd2df41665d150

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 20 Dec 2020 08:53:46 GMT
Last-Modified: Thu, 30 Apr 2020 13:15:35 GMT
Server: nginx
ETag: "5eaacf77-399"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 921

OPTIONS
H3-Q050 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 247ms
246ms Other
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.25
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.25
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Sun, 20 Dec 2020 08:53:47 GMT
server: LiteSpeed

POST
H3-Q050 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
101 B 257ms
257ms XHR
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:47 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.25
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H3-Q050 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
100 B 261ms
261ms XHR
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/Do3ZF1fi8t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 20 Dec 2020 08:53:48 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.25
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H3-Q050 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 242ms
242ms Other
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.25
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.25
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Sun, 20 Dec 2020 08:53:48 GMT
server: LiteSpeed

OPTIONS nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: arnalyze.net
URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC

Verdicts & Comments Add Verdict or Comment

200 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
paste.co.id/	1970-01-19 14:47:41	Name: pasteshr_session Value: eyJpdiI6ImU5VXczd1ZYWm8yZVVsYjFNNlpLTnc9PSIsInZhbHVlIjoiQkxWNTFlTVdmU2k0d0NMXC9cL1YzZE5yZmhoRkRXMFlqbXNZWUJaZWdZdFpmWWhpN1l0ZVBvWDkrck54a1EwcXkwIiwibWFjIjoiZTlkOThkY2RiOTlhNThlMDQ0ZTNhMzgzNzU5NGMwNjAxOWU3ZmNmMjA1MzU3MzM0NjQxNWNjZmRhNjNhYTZiMCJ9
paste.co.id/	1970-01-19 14:47:41	Name: XSRF-TOKEN Value: eyJpdiI6IjhNXC9WY3hNR0dGR2pQZndyV0hxT3FRPT0iLCJ2YWx1ZSI6IjFwVmJEdWxXVmNja2JEY3pTeEZNU29ReW9GbE1KMkdFeWlQUFpkXC9oajg1TUZ0ak5kYkNjMHc3TmlIUjZwakgrIiwibWFjIjoiMGNjMjBhNjFkZTNhOGYxNGY4NTIzYmM5Mzc4OTA0NDRiMmVkMzc3ZTc2MDliMDRlNGFmOTBmNzRkNTkyMWIyMSJ9
paste.co.id/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22OoE18jsLh%22%7D%2C%22C997452%22%3A%7B%22page%22%3A1%2C%22time%22%3A1608454412126%7D%2C%22C914924%22%3A%7B%22page%22%3A1%2C%22time%22%3A1608454412138%7D%7D
.paste.co.id/	1970-01-20 08:18:46	Name: _ga Value: GA1.3.1595695615.1608454412
.paste.co.id/	1970-01-19 14:47:34	Name: _gat_gtag_UA_174907544_1 Value: 1
.paste.co.id/	1970-01-19 14:47:34	Name: _gat_gtag_UA_137362802_1 Value: 1
.paste.co.id/	1970-01-19 14:49:00	Name: _gid Value: GA1.3.1398543442.1608454412

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js(Line 1) Message: [object HTMLImageElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ams.creativecdn.com
arnalyze.net
bedrapiona.com
berkas.co
bidswitch-eu.splicky.com
c.mgid.com
cdn.mgid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
iclickcdn.com
inabsolor.com
inpagepush.com
jsc.mgid.com
littlecdn.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
my.rtmark.net
o.wowreality.info
onmarshtompor.com
onstunkyr.com
paste.co.id
rtb-usw.mfadsrvr.com
s-img.mgid.com
secure-assets.rubiconproject.com
seeptoag.net
servicer.mgid.com
static.cdnativepush.com
static.lalaping.com
stats.g.doubleclick.net
visitor.omnitagjs.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.qrcoder.co.uk
x.bidswitch.net
arnalyze.net
103.16.198.218
104.108.50.124
104.16.199.73
104.19.133.78
104.19.217.61
109.203.125.88
139.45.195.150
139.45.195.167
139.45.195.254
139.45.195.26
139.45.196.145
139.45.196.58
139.45.197.174
139.45.197.8
139.45.197.9
173.249.18.21
184.30.212.16
185.184.8.30
185.255.84.153
2001:4de0:ac19::1:b:1b
209.197.3.15
216.58.206.2
2606:4700:10::6816:1974
2606:4700:20::681a:97b
2606:4700:20::681a:c76
2606:4700::6810:125e
2a00:1450:4001:802::200a
2a00:1450:4001:808::2008
2a00:1450:4001:817::2003
2a00:1450:4001:81e::2003
2a00:1450:4001:820::200e
2a00:1450:4001:824::2004
2a00:1450:400c:c06::9c
35.212.212.222
5.189.137.168
52.210.128.165
52.57.142.16
94.130.165.158
008d5a9d53c757fadb7b3858ecdaa1f288bf20f9cb8baddc0a4d7babb2169369
073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0fcc185ecfb2dc1fbc55679e535adad1f14f85237cb5554191cce2b03aabcf33
12b92a2cb05cfef66c4ada6dc0cb92b1956ce9dfb293e8c718b74a0b0f8939e2
140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18a913854b54818b519dff959551e5ac616139c13606451764dfebe4f4f4f118
1aee39e40258b43c29cb453d9bb7d815479ac3d9b2df3087e8fadbf470a0ae38
1b9568a17b484886bad87a7eaac4ca134c9734778488fd262b39655b8633f9e8
1e38b415c34bc287e5f207b929aa1a732dcc1fc58e757a7f077719a84d7c059c
1ec4f33a819d2ab1d60083ad39001db95d42d8ac4dcdea6cd04f9596e1f76171
23d804e3ff30dbe5814c7efc5138ebea5099cee70b763b7364002ac1f35f7b34
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
297b33ba930feb975c6869804a999ec114c2235b151d019e4e844902f3ce41c4
297eaefaf0ed3f4224de66e7d92b62243f5e0ceabdb808b0028704da08dd96d8
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
2a39e2091b1e04f2d351356646395d63a9f323bfb7ba49a314774eb085607017
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
31bef18aa5a9a46783ef5c364f077f44c4d94c5a4eed063fb272bfe80df9f06b
36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6
3a65a8068c1f96e196b8917aebe0f81fd6992d25c93a3c078fc210ba028a1234
40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fc13c767b7963f267b67ec4717e808acf3e5770339524e395b35cc5b37b8d78
532ebb63b21f25cd2321d533fa378e22801af099c6b8b115d66f5fb2a9b9f482
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
575e5bb25edbc2c879d546f4ca84ac30fdb765bd2db95669c6985aab5a8ebc7e
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5eb58957336c213965803eb8f38617c70deea70a22470a4e66a0712a870e9c09
5fc463d4a569ad548983d99f47dcd275745874c31f4e3e453bfabdf59f774ad5
632ff4e9d0f0c23cb67fc572bef0757dd673bdc86a1d9694518526396db49a2c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d7f8897536cff787a749e4db3b660d522b975131082b36bf20d32df5675aa1f
6d85189d6bb0bbafeab584b658483689630c0393c3be7f1bae6d2673c0957160
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7eb84b4b39afcd866ccd0b40d7178ce621d52e2a1402a6b894f85b7d99e9890d
80c617a07b4d70a5989a62e6e2c7e20b5806187205d05eb352c2042c9dd59669
8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b
83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140
842189b0542964f3825773074767873c976637fecfe2568cea8ee7eb24dad54e
842c89903975bfecf512ac0871a9d2059f065fa9ff54eb42fea2369a1e2c23e2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8524cc6c0dd85347ce92adcb05b981311036f0d461f57cb2fc118c1aa97eddcf
8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045
859f45a84a707d879f1e44356846bb1ebb761a2aca1c32a316c8cf32e349debc
85c83914174e7f58595d0e03234330a4dc21c7acd0a06197482c38ed4f39f278
862887b8e94ba6d80cd369cc81c7c3c68f6a292668260a98239cb6a361c42e62
88d7e15ac7d9f6571cbb281bae8ab485a523782791509617aefd2df41665d150
89c715bab749f2438367b405207f80871f7df7d1d429fed4f6d103344759c8ed
8a9d4a2785cd091c356b4bfafef2f515cbc1cc985444f427443f42ef20138f02
8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716
900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
949f6a3e065b5cc8f4cd059adf4c6bfccb1cace57707636a3e5d64ffaf83135c
94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
a53936ae5d81bd099d88181c84c3860e1f855af14a60a111f933face36e77e7e
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
b94380f7876d7d1dc2a2f41bb763a299aeb5cc8899060c1e37d7113f6e7dfb0c
bde6e36165c39af1cd701fa09a2652dcd419e61f085939d357445e07c7c0dcd7
c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
c9f2f1c084ed8d5dbcde6923a4d7cc1287332e7628c4f0545c409b3552596484
cf1562c77987e7f1708ac3c6fdf7604f8c8169df061f89d9c7daeaafc1990f5f
cf44440b5a5d9f372b338ca5859fa02f7a8997b19bfe709fff0bd40a6d6f7f79
cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d4ffe14c1b94027bdbbbd93eabd9a7c6f4a14dd13f4aea53632e8f47b7de1ab7
d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517
d801a7aee4bfe2c958fd643f0cbeec4594298233004ada814fbff90eeb0b1c0b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2eba15eb8245896d2083fcffa94c68d1b1a0a292c2235f8ec4f75e867121255
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
eac7590b017690e12746846c2498d60c1d205bf7006236c21df207bfee4a5d48
ee049a89f3aabde3405558eab906101654c6ea3c4deaaa8efa7af826ccff1d81
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d2fff7330777865db60662cacd85824bc584202657102ce7f2ee4337f09411
f6cb2c4c9c079acc6d20bb301334911ce189df64c8db2efb2ea1b99df30f206c
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

paste.co.id Open in urlscan Pro 5.189.137.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

138 Requests

99 %HTTPS

32 %IPv6

35 Domains

43 Subdomains

32 IPs

10 Countries

1439 kBTransfer

3495 kBSize

7 Cookies

24 Outgoing links

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paste.co.id Open in urlscan Pro
5.189.137.168 Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

99 %
HTTPS

32 %
IPv6

35
Domains

43
Subdomains

32
IPs

10
Countries

1439 kB
Transfer

3495 kB
Size

7
Cookies

138 HTTP transactions
3 data transactions