paste.co.id Open in urlscan Pro
2606:4700:3036::681f:4fc2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://paste.co.id/ov9XRXMot8
Effective URL:
https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6m...
Submission: On May 31 via api (May 31st 2020, 12:12:03 am UTC) from US

Summary HTTP 84 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 22 IPs in 8 countries across 28 domains to perform 84 HTTP transactions. The main IP is 2606:4700:3036::681f:4fc2, located in United States and belongs to CLOUDFLARENET, US. The main domain is paste.co.id.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 8th 2020. Valid for: 7 months.

This is the only time paste.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	2606:4700:303... 2606:4700:3036::681f:4fc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2606:4700::68... 2606:4700::6810:84e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
17	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	173.254.207.118 173.254.207.118	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
3	35.190.91.111 35.190.91.111	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
1 3	104.111.214.103 104.111.214.103	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	178.63.78.76 178.63.78.76	24940 (HETZNER-AS) (HETZNER-AS)
2 2	34.252.111.25 34.252.111.25	16509 (AMAZON-02) (AMAZON-02)
1 2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE)
1	23.105.245.5 23.105.245.5	7979 (SERVERS) (SERVERS)
2 2	35.212.212.222 35.212.212.222	19527 (GOOGLE-2) (GOOGLE-2)
1 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	52.28.147.164 52.28.147.164	16509 (AMAZON-02) (AMAZON-02)
2 2	18.185.190.97 18.185.190.97	16509 (AMAZON-02) (AMAZON-02)
1	63.33.106.135 63.33.106.135	16509 (AMAZON-02) (AMAZON-02)
2 2	188.42.191.196 188.42.191.196	7979 (SERVERS) (SERVERS)
1 1	23.105.254.92 23.105.254.92	7979 (SERVERS) (SERVERS)
1	216.58.206.6 216.58.206.6	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE)
84	22

24 2606:4700:3036::681f:4fc2 (United States)

ASN13335 (CLOUDFLARENET, US)

paste.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.254.207.118 (Los Angeles, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: 173.254.207.118.ip.rhzahra.com

idnovel.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.91.111 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 111.91.190.35.bc.googleusercontent.com

lovelydrum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.214.103 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-103.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.63.78.76 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.76.78.63.178.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.111.25 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-111-25.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.245.5 (Russian Federation)

ASN7979 (SERVERS, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.212.212.222 (Mountain View, United States) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 222.212.212.35.bc.googleusercontent.com

rtb-usw.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 1 redirects

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.28.147.164 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-147-164.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.190.97 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-190-97.eu-central-1.compute.amazonaws.com

prod.perf-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.106.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-106-135.eu-west-1.compute.amazonaws.com

s.pubmine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.254.92 (Russian Federation) 1 redirects

ASN7979 (SERVERS, US)
PTR: mixer.mixmarket.biz

udata.mixmarket.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.6 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	paste.co.id paste.co.id	452 KB
17	mgid.com jsc.mgid.com servicer.mgid.com cm.mgid.com cdn.mgid.com s-img.mgid.com c.mgid.com	67 KB
8	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	2 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	133 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
4	gstatic.com fonts.gstatic.com	42 KB
4	cloudflare.com cdnjs.cloudflare.com	52 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	lovelydrum.com lovelydrum.com	28 KB
2	betweendigital.com 2 redirects ads.betweendigital.com	934 B
2	perf-serving.com 2 redirects prod.perf-serving.com	1 KB
2	creativecdn.com 1 redirects creativecdn.com ams.creativecdn.com	688 B
2	mfadsrvr.com 2 redirects rtb-usw.mfadsrvr.com	740 B
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	279 B
2	adsrvr.org 2 redirects match.adsrvr.org	905 B
2	googleapis.com fonts.googleapis.com	2 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	google.com 1 redirects adservice.google.com www.google.com	1 KB
2	google.de adservice.google.de www.google.de	1 KB
2	idnovel.co.id idnovel.co.id	1 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
1	mixmarket.biz 1 redirects udata.mixmarket.biz	207 B
1	pubmine.com s.pubmine.com	366 B
1	idealmedia.io cm.idealmedia.io	556 B
1	lentainform.com cm.lentainform.com	329 B
1	loopme.me 1 redirects csync.loopme.me	191 B
1	googletagservices.com www.googletagservices.com	27 KB
1	googletagmanager.com www.googletagmanager.com	33 KB
84	28

	Domain	Requested by
24	paste.co.id	paste.co.id
9	cm.mgid.com	jsc.mgid.com paste.co.id
5	x.bidswitch.net	5 redirects
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	s-img.mgid.com	paste.co.id
4	fonts.gstatic.com	www.googletagservices.com jsc.mgid.com
4	pagead2.googlesyndication.com	paste.co.id pagead2.googlesyndication.com
4	cdnjs.cloudflare.com	paste.co.id
3	tpc.googlesyndication.com	lovelydrum.com pagead2.googlesyndication.com tpc.googlesyndication.com
3	sb.scorecardresearch.com	1 redirects jsc.mgid.com paste.co.id
3	lovelydrum.com	paste.co.id lovelydrum.com
2	ads.betweendigital.com	2 redirects
2	prod.perf-serving.com	2 redirects
2	rtb-usw.mfadsrvr.com	2 redirects
2	match.adsrvr.org	2 redirects
2	fonts.googleapis.com	jsc.mgid.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	idnovel.co.id	paste.co.id
2	maxcdn.bootstrapcdn.com	paste.co.id
1	c.mgid.com
1	ad.doubleclick.net	lovelydrum.com
1	udata.mixmarket.biz	1 redirects
1	s.pubmine.com	paste.co.id
1	cm.idealmedia.io	paste.co.id
1	ams.creativecdn.com	paste.co.id
1	creativecdn.com	1 redirects
1	cm.lentainform.com	paste.co.id
1	cm.g.doubleclick.net	1 redirects
1	eus.rubiconproject.com	paste.co.id
1	secure-assets.rubiconproject.com	1 redirects
1	csync.loopme.me	1 redirects
1	cdn.mgid.com	paste.co.id
1	servicer.mgid.com	jsc.mgid.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	www.google.de	paste.co.id
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	jsc.mgid.com	paste.co.id
1	www.googletagmanager.com	paste.co.id
84	41

This site contains links to these domains. Also see Links.

Domain
nac.ge
widgets.mgid.com
www.mgid.com
www.facebook.com
instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-08` - `2020-10-09`	7 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
idnovel.co.id Let's Encrypt Authority X3	`2020-03-28` - `2020-06-26`	3 months	crt.sh
lovelydrum.com Let's Encrypt Authority X3	`2020-05-08` - `2020-08-06`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.lentainform.com Go Daddy Secure Certificate Authority - G2	`2020-01-09` - `2021-01-20`	a year	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
s.pubmine.com Go Daddy Secure Certificate Authority - G2	`2017-11-01` - `2020-11-01`	3 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Frame ID: 93FBC5A27B3484F2D6DD11AA62297D55
Requests: 78 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200526/r20190131/zrt_lookup.html
Frame ID: 6B9907464DF44CE66D2DEABABA007C4F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1590883897&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8%3F__cf_chl_jschl_tk__%3D5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1590883897133&bpp=11&bdt=237&idt=135&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7600763792420&frm=20&pv=2&ga_vid=1740415651.1590883897&ga_sid=1590883897&ga_hid=1984283564&ga_fc=0&iag=0&icsg=150612520&dssz=21&mdo=0&mso=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C26835105&oid=3&pvsid=3473647965173534&pem=733&ref=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=149
Frame ID: BC98F96311BAB3912B0A3BEA084861FD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&slotname=3374289680&adk=2423028384&adf=2347387144&w=840&fwrn=4&fwrnh=100&lmt=1590883897&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=840x280&url=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8%3F__cf_chl_jschl_tk__%3D5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1590883897147&bpp=4&bdt=251&idt=140&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7600763792420&frm=20&pv=1&ga_vid=1740415651.1590883897&ga_sid=1590883897&ga_hid=1984283564&ga_fc=0&iag=0&icsg=2298096168&dssz=22&mdo=0&mso=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=77&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C26835105&oid=3&pvsid=3473647965173534&pem=733&ref=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=z9vnT9bDCb&p=https%3A//paste.co.id&dtd=146
Frame ID: 5F2DB7A368C514EFA0D309DCB83AD729
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&slotname=3374289680&adk=2423028384&adf=3360776472&w=840&fwrn=4&fwrnh=100&lmt=1590883897&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=840x280&url=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8%3F__cf_chl_jschl_tk__%3D5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1590883897151&bpp=1&bdt=255&idt=156&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C840x280&nras=1&correlator=7600763792420&frm=20&pv=1&ga_vid=1740415651.1590883897&ga_sid=1590883897&ga_hid=1984283564&ga_fc=0&iag=0&icsg=2298096168&dssz=22&mdo=0&mso=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=1099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C26835105&oid=3&pvsid=3473647965173534&pem=733&ref=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wxkaWbB8Pn&p=https%3A//paste.co.id&dtd=160
Frame ID: 89B4CCE8A5FFF2F952E5FA5D5CFCF3C1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=600&slotname=3374289680&adk=1935312948&adf=64888922&w=255&fwrn=4&fwrnh=100&lmt=1590883897&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=255x600&url=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8%3F__cf_chl_jschl_tk__%3D5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1590883897152&bpp=1&bdt=255&idt=168&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C840x280%2C840x280&nras=1&correlator=7600763792420&frm=20&pv=1&ga_vid=1740415651.1590883897&ga_sid=1590883897&ga_hid=1984283564&ga_fc=0&iag=0&icsg=2298096168&dssz=22&mdo=0&mso=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C26835105&oid=3&pvsid=3473647965173534&pem=733&ref=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=3&uci=a!3&fsb=1&xpc=BsM751C5Ua&p=https%3A//paste.co.id&dtd=171
Frame ID: 696CAE6FA53113EC065E7161A2BD640F
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1590883897580260791395
Frame ID: A96D118DC456C53B800A425033AB9B38
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: 10C2535F5F60DD71C17CBCB1C6354360
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: F6082C2FE4C0423C8557756FBAE4F19B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://paste.co.id/ov9XRXMot8 Page URL
https://paste.co.id/ov9XRXMot8 Page URL
https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

script /clipboard(?:-([\d.]+))?(?:\.min)?\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

84
Requests

100 %
HTTPS

42 %
IPv6

28
Domains

41
Subdomains

22
IPs

8
Countries

944 kB
Transfer

2438 kB
Size

6
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://nac.ge/watch/RLYBda9tt3Zgh6n
Title: https://nac.ge/watch/RLYBda9tt3Zgh6n

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=paste.co.id&utm_medium=referral&utm_campaign=widgets&utm_content=914924

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/2541037/i/126987/0/pp/1/1?h=iOcwoNZvHHIRPyaY6h9SauqqWuTw9Y2_f3rmHvhWJ13yEZakEiLCSff-XP4egS-K&rid=4b68364f-a2d3-11ea-9ed9-d094662f8ab5&ts=paste.co.id&tt=Referral&cpm=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/2872122/i/126987/0/pp/2/1?h=l31Ds0C9r2S8y87WfMdZgq58NzY3YgEc6NWmxgx5h7g6F1VpL5m_qQ1UZbs9ZzKt&rid=4b68364f-a2d3-11ea-9ed9-d094662f8ab5&ts=paste.co.id&tt=Referral&cpm=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/2540692/i/126987/0/pp/3/1?h=MaXZYkytSnyCq_NVtCaAd3tn86ecGcrH28Jv2Hiv6JRtt0YHT4QKUQlmtp9RzT3p&rid=4b68364f-a2d3-11ea-9ed9-d094662f8ab5&ts=paste.co.id&tt=Referral&cpm=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/4889660/i/126987/0/pp/4/1?h=0bFlcU_FjQU0e6KonLGDDbL2IkMsuw8tC86Yow_KIwLrsLilfyl15PT9L1uT76E3&rid=4b68364f-a2d3-11ea-9ed9-d094662f8ab5&ts=paste.co.id&tt=Referral&cpm=1

Search URL Search Domain Scan URL

URL: https://www.facebook.com/detroit.co.id
Title:

Search URL Search Domain Scan URL

URL: https://instagram.com/detroit.co.id
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://paste.co.id/ov9XRXMot8 Page URL
https://paste.co.id/ov9XRXMot8 Page URL
https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1984283564&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8%3F__cf_chl_jschl_tk__%3D5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c&ul=en-us&de=UTF-8&dt=Untitled%20-%20Paste.co.id%20-%20%231%20paste%20tool%20indonesia!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=244878198&gjid=950457729&cid=1740415651.1590883897&tid=UA-137362802-1&_gid=1198945752.1590883897&_r=1&gtm=2ou5k1&z=2114275356 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-137362802-1&cid=1740415651.1590883897&jid=244878198&_gid=1198945752.1590883897&gjid=950457729&_v=j82&z=2114275356 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137362802-1&cid=1740415651.1590883897&jid=244878198&_v=j82&z=2114275356 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137362802-1&cid=1740415651.1590883897&jid=244878198&_v=j82&z=2114275356&slf_rd=1&random=3831132758

Request Chain 64

https://csync.loopme.me/?redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D433143%26c%3D%7Bdevice_id%7D HTTP 307
https://cm.mgid.com/m?cdsp=433143&c=9ea46cdf-dcc2-4beb-a66f-6457207a49e8

Request Chain 65

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=b3107dd3-17ae-46fd-af49-d64a3975d1e8&ttl=1593475898

Request Chain 66

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 302
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 67

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azR1QmtUaVBleWJo&muidn=k4uBkTiPeybh HTTP 302
https://cm.mgid.com/google?muidn=k4uBkTiPeybh&google_ula={guid},5&google_gid=CAESEGex1eNdBwvOqfXGZE8oo-8&google_cver=1

Request Chain 69

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=287839&c=083c4029-923d-4f57-b6b5-05d8314df690

Request Chain 70

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1

Request Chain 72

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=68a0054c-69b0-49b4-89d3-436a83ebabda&ssp=mgid&user_group=1 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=ad873f53-ebba-46ee-9962-8bdcc62936bf

Request Chain 73

https://x.bidswitch.net/sync?dsp_id=303&user_id=k4uBkTiPeybh HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k4uBkTiPeybh HTTP 302
https://s.pubmine.com/match?bidder_id=1&external_user_id=ad873f53-ebba-46ee-9962-8bdcc62936bf&ssp_data=&gdpr=&gdpr_consent=

Request Chain 74

https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://cm.mgid.com/m?cdsp=501036&c=667f9f48-590a-5298-92a1-6d7dcc739b47

Request Chain 75

https://udata.mixmarket.biz/tr.php?syncnet=28&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D311971%26mode%3Dinverse%26c%3D%24UID HTTP 301
https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0

Request Chain 76

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1590883897959&ns_c=UTF-8&cv=3.5&c8=Untitled%20-%20Paste.co.id%20-%20%231%20paste%20tool%20indonesia!&c7=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8%3F__cf_chl_jschl_tk__%3D5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c&c9=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8 HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1590883897959&ns_c=UTF-8&cv=3.5&c8=Untitled%20-%20Paste.co.id%20-%20%231%20paste%20tool%20indonesia!&c7=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8%3F__cf_chl_jschl_tk__%3D5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c&c9=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8&cs_ak_ss=1

84 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 503 ov9XRXMot8 Show response
paste.co.id/ 9 KB
9 KB 56ms
25ms Document
text/html 2606:4700:3036::681f:4fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/ov9XRXMot8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681f:4fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e84a189cdca9f194b0bba2eeaa6216f383ae49d8d0d30916ceb6cf75be06779

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: paste.co.id
:scheme: https
:path: /ov9XRXMot8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 503
date: Sun, 31 May 2020 00:11:25 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=da1d51f4716aea30e02240dbafb78feb21590883885; expires=Tue, 30-Jun-20 00:11:25 GMT; path=/; domain=.paste.co.id; HttpOnly; SameSite=Lax
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id: 0309aabb4a00000bf976975200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 59bc7a3ed83c0bf9-AMS
alt-svc: h3-27=":443"; ma=86400

GET
H2 200 v1 Show response
paste.co.id/cdn-cgi/challenge-platform/orchestrate/jsch/ 59 KB
18 KB 428ms
427ms Script
text/javascript 2606:4700:3036::681f:4fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/cdn-cgi/challenge-platform/orchestrate/jsch/v1
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:4fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d0441dbf22e0e6728c313193d7f0bea2856d4fd0fe5eab5cba18a00749e01d8

Request headers

Referer: https://paste.co.id/ov9XRXMot8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:26 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cf-ray: 59bc7a3f18df0bf9-AMS
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 0309aabb7100000bf976979200000001

GET
H2 200 transparent.gif
paste.co.id/cdn-cgi/images/trace/jschal/js/nocookie/ 42 B
214 B 16ms
15ms Image
image/gif 2606:4700:3036::681f:4fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paste.co.id/cdn-cgi/images/trace/jschal/js/nocookie/transparent.gif?ray=59bc7a3ed83c0bf9

Requested by

Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681f:4fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://paste.co.id/ov9XRXMot8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:25 GMT
last-modified: Tue, 26 May 2020 17:47:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5ecd562a-2a"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 59bc7a3f18e10bf9-AMS
content-length: 42
cf-request-id: 0309aabb7100000bf97697a200000001
expires: Sun, 31 May 2020 02:11:25 GMT

GET
H2 200 transparent.gif
paste.co.id/cdn-cgi/images/trace/jschal/nojs/ 42 B
125 B 16ms
16ms Image
image/gif 2606:4700:3036::681f:4fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paste.co.id/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=59bc7a3ed83c0bf9

Requested by

Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681f:4fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://paste.co.id/ov9XRXMot8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:25 GMT
last-modified: Tue, 26 May 2020 17:47:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5ecd562a-2a"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 59bc7a3f18e30bf9-AMS
content-length: 42
cf-request-id: 0309aabb7100000bf97697b200000001
expires: Sun, 31 May 2020 02:11:25 GMT

POST
H2 200 bbcd09b20664804 Show response
paste.co.id/cdn-cgi/challenge-platform/generate/ov1/59bc7a3ed83c0bf9/ 38 KB
6 KB 64ms
63ms XHR
text/plain 2606:4700:3036::681f:4fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/cdn-cgi/challenge-platform/generate/ov1/59bc7a3ed83c0bf9/bbcd09b20664804
Requested by: Host: paste.co.id
URL: https://paste.co.id/cdn-cgi/challenge-platform/orchestrate/jsch/v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:4fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6f2862c221a30cecd6f6a5b89a2e3d73352b9d831c2edb655940defa34210c1

Request headers

Referer: https://paste.co.id/ov9XRXMot8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge: bbcd09b20664804
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 31 May 2020 00:11:26 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
status: 200
cf-ray: 59bc7a41e8d90bf9-AMS
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 0309aabd3100000bf9769a6200000001

POST
H2 200 bbcd09b20664804 Show response
paste.co.id/cdn-cgi/challenge-platform/generate/ov1/59bc7a3ed83c0bf9/ 979 B
552 B 80ms
79ms XHR
text/plain 2606:4700:3036::681f:4fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/cdn-cgi/challenge-platform/generate/ov1/59bc7a3ed83c0bf9/bbcd09b20664804
Requested by: Host: paste.co.id
URL: https://paste.co.id/cdn-cgi/challenge-platform/orchestrate/jsch/v1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:4fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3918a483d183ab445ddc3cf0b10186a76ecf2fa71861d8001c4816277717449

Request headers

Referer: https://paste.co.id/ov9XRXMot8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
CF-Challenge: bbcd09b20664804
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 31 May 2020 00:11:26 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
status: 200
cf-ray: 59bc7a442e1f0bf9-AMS
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 0309aabe9a00000bf9769bf200000001

GET
H2 503 ov9XRXMot8 Show response
paste.co.id/ 13 KB
13 KB 16ms
15ms Document
text/html 2606:4700:3036::681f:4fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/ov9XRXMot8

Requested by

Host: paste.co.id
URL: https://paste.co.id/cdn-cgi/challenge-platform/orchestrate/jsch/v1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681f:4fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d3550a6db6dae442d64a04259a3e69b144ab614d072fe6a36a6d677151f070

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: paste.co.id
:scheme: https
:path: /ov9XRXMot8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://paste.co.id/ov9XRXMot8
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/ov9XRXMot8

Response headers

status: 503
date: Sun, 31 May 2020 00:11:30 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d3b5d03a23c580c91df0364e6d45863ad1590883890; expires=Tue, 30-Jun-20 00:11:30 GMT; path=/; domain=.paste.co.id; HttpOnly; SameSite=Lax
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cf-request-id: 0309aaccc700000bf976acb200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 59bc7a5adc8e0bf9-AMS
alt-svc: h3-27=":443"; ma=86400

GET
H2 200 transparent.gif
paste.co.id/cdn-cgi/images/trace/jschal/js/nocookie/ 42 B
148 B 13ms
12ms Image
image/gif 2606:4700:3036::681f:4fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paste.co.id/cdn-cgi/images/trace/jschal/js/nocookie/transparent.gif?ray=59bc7a5adc8e0bf9

Requested by

Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681f:4fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://paste.co.id/ov9XRXMot8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:30 GMT
last-modified: Tue, 26 May 2020 17:47:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5ecd562a-2a"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 59bc7a5afcfc0bf9-AMS
content-length: 42
cf-request-id: 0309aaccdf00000bf976acd200000001
expires: Sun, 31 May 2020 02:11:30 GMT

GET
H2 200 transparent.gif
paste.co.id/cdn-cgi/images/trace/jschal/nojs/ 42 B
124 B 13ms
13ms Image
image/gif 2606:4700:3036::681f:4fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paste.co.id/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=59bc7a5adc8e0bf9

Requested by

Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681f:4fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://paste.co.id/ov9XRXMot8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:30 GMT
last-modified: Tue, 26 May 2020 17:47:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5ecd562a-2a"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 59bc7a5b0d010bf9-AMS
content-length: 42
cf-request-id: 0309aacce000000bf976ace200000001
expires: Sun, 31 May 2020 02:11:30 GMT

POST
H2 200 Primary Request ov9XRXMot8 Show response
paste.co.id/ 25 KB
8 KB 2413ms
2412ms Document
text/html 2606:4700:3036::681f:4fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:4fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.6 PleskLin
Resource Hash: 7b79c6b06361304deb41925d705021c57901827087727ca9db7d1d1230254ac4

Request headers

:method: POST
:authority: paste.co.id
:scheme: https
:path: /ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
content-length: 1609
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://paste.co.id
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://paste.co.id/ov9XRXMot8
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://paste.co.id
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/ov9XRXMot8

Response headers

status: 200
date: Sun, 31 May 2020 00:11:36 GMT
content-type: text/html; charset=UTF-8
set-cookie: cf_clearance=d609d9770969b3a4c3a41b6a43efe12fe8c570eb-1590883894-0-150; path=/; expires=Mon, 01-Jun-20 01:11:34 GMT; domain=.paste.co.id; HttpOnly; Secure; SameSite=None __cfduid=d47d0f8cd2989063a64cfe94ffbf29a441590883894; expires=Tue, 30-Jun-20 00:11:34 GMT; path=/; domain=.paste.co.id; HttpOnly; SameSite=Lax XSRF-TOKEN=eyJpdiI6IlhLR3o3MHBITnhcL2pPK1dcL1ZwdUF2Zz09IiwidmFsdWUiOiJIY211NkF2dk1iOVlLbis4c1dBWDBlTTlXcmliQkZzTVhqUmlBSmVUN09zZUtZdk45T3h4bnNDMTR5Rnl4UTVQIiwibWFjIjoiMmUxYTEzNDI5OTljNjU3YTczNjI5YzQ0OThmNGMyMzBlN2ZiOWJjZjI3NmUwZmM4NWI5YWM3ZTNkNjZmYzEwNSJ9; expires=Sun, 31-May-2020 02:11:36 GMT; Max-Age=7200; path=/ pasteshr_session=eyJpdiI6ImpmcW1vTFROd2FsbDZRR3BGWWlTWGc9PSIsInZhbHVlIjoiVFZDa0x6czVGU3pUMTVQd1hWZ0tncXl1a2FZRjR0a1FyZnJocHYxb1k4QmFjQTRhdzBwcER4cFY3TnFTT3IwQSIsIm1hYyI6IjUzZDRkODBhZmNmYWUzMzFkM2ExMzBmNDFiMGViN2VlNDM3YmQ3OTc5MzZmYjlhMzk1NTVjNmE5YjU5MGI5Y2IifQ%3D%3D; expires=Sun, 31-May-2020 02:11:36 GMT; Max-Age=7200; path=/; httponly
x-powered-by: PHP/7.4.6 PleskLin
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
cf-cache-status: DYNAMIC
cf-request-id: 0309aadcd500000bf976bd3200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 59bc7a7488180bf9-AMS
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400

GET
H2 200 2yqJvyfZ1Uh-2lN7LZ_VejZFsEM.js Show response
paste.co.id/cdn-cgi/apps/head/ 15 KB
5 KB 25ms
23ms Script
application/javascript 2606:4700:3036::681f:4fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/cdn-cgi/apps/head/2yqJvyfZ1Uh-2lN7LZ_VejZFsEM.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:4fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 748851c4d2e38c4f7587afb6b6e54dfc26e7329018d27911115f1840e251d4a8

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 4341162
status: 200
alt-svc: h3-27=":443"; ma=86400
x-amz-request-id: 60D5ADD3AAF153CE
x-amz-id-2: 5KlQn7lkJ+7Cd/T1/UFz61D+77lSy+Cq/BopAa6H/jjQl8XyBokFmzEA00ALsUncI6k0dSb23yg=
last-modified: Thu, 09 Apr 2020 07:01:53 GMT
server: cloudflare
etag: W/"b41983019dc124823e0cbe364e0a102d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: FzzEO.YKJ_vU2aF7romPpg.vx2TIcrhF
cf-request-id: 0309aae65200000bf9768c9200000001
cf-ray: 59bc7a83bbaf0bf9-AMS

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 64ms
43ms Stylesheet
text/css 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
status: 200
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 bootstrap.min.css
paste.co.id/css/ 138 KB
19 KB 116ms
114ms Stylesheet
text/css 2606:4700:3036::681f:4fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/bootstrap.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:4fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Nov 2018 09:15:02 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"5be3fe96-22688"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 59bc7a83bba70bf9-AMS
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 0309aae65200000bf9768c5200000001

GET
H2 200 mdb.min.css
paste.co.id/css/ 226 KB
23 KB 109ms
107ms Stylesheet
text/css 2606:4700:3036::681f:4fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/mdb.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:4fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Nov 2018 09:15:02 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"5be3fe96-38940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 59bc7a83bba90bf9-AMS
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 0309aae65200000bf9768c6200000001

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/ 15 KB
2 KB 28ms
27ms Stylesheet
text/css 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/select2.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1970430
status: 200
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 0309aae6500000bf3ce00a0200000001
served-in-seconds: 0.002
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:26:42 GMT
server: cloudflare
etag: W/"5afd4ad2-3b5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 59bc7a83be14bf3c-AMS
expires: Fri, 21 May 2021 00:11:36 GMT

GET
H2 200 style.min.css
paste.co.id/css/ 3 KB
1 KB 91ms
90ms Stylesheet
text/css 2606:4700:3036::681f:4fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/style.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:4fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 59d3b0f41ff8ed0ab160bbe4df8c72cfcbd729ee6e97f23c1a8ff1913b78ad52

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:36 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 29 Mar 2020 14:37:15 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"5e80b29b-b1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 59bc7a83bbaa0bf9-AMS
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 0309aae65200000bf9768c7200000001

GET
H2 200 prism-okadia.css
paste.co.id/plugins/prismjs/ 13 KB
3 KB 92ms
91ms Stylesheet
text/css 2606:4700:3036::681f:4fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism-okadia.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:4fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:36 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 29 Jan 2019 16:43:52 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"5c5082c8-326d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 59bc7a83bbac0bf9-AMS
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 0309aae65200000bf9768c8200000001

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
39 KB 42ms
20ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65a16525e945d83037208cb592c0b118ff52787f4ce0f947a4cdee1ccded2123

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 39264
x-xss-protection: 0
server: cafe
etag: 9715404142784001149
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 31 May 2020 00:11:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 83 KB
33 KB 22ms
19ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137362802-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8dfb89df4c51a4b18b50df85c0e0b715cb433dcb738e0632b8b52fd71a748d6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33190
x-xss-protection: 0
expires: Sun, 31 May 2020 00:11:37 GMT

GET
H2 200 KX3CTmWGGs.png
paste.co.id/uploads/ 5 KB
5 KB 95ms
93ms Image
image/png 2606:4700:3036::681f:4fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paste.co.id/uploads/KX3CTmWGGs.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:4fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: bf8eeec0243213e8b5d4caf858a57977c915a8d8b004991ba9260603d2c0d920

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
cf-cache-status: REVALIDATED
x-powered-by: PleskLin
status: 200
alt-svc: h3-27=":443"; ma=86400
content-length: 4938
cf-request-id: 0309aae6d500000bf9768d3200000001
last-modified: Mon, 25 Feb 2019 12:32:06 GMT
server: cloudflare
etag: "5c73e046-134a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 59bc7a848da30bf9-AMS

GET
H2 503 default-avatar.png
paste.co.id/img/ 9 KB
9 KB 16ms
16ms Image
text/html 2606:4700:3036::681f:4fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paste.co.id/img/default-avatar.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681f:4fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0c7e56009835b540c4d2e3d9aa847180d6ff489098c92fdea26cc77bb08325

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 503
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 59bc7a84ee6e0bf9-AMS
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 0309aae71300000bf9768d9200000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 paste.co.id.914924.js Show response
jsc.mgid.com/p/a/ 137 KB
37 KB 262ms
187ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61d4c7a33c2e0042655468d3351e76a84b939a97e79adb00bae443400bba3d4c

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 0745E79E8748DB5C
cf-polished: origSize=139961
status: 200
last-modified: Sat, 30 May 2020 14:33:51 GMT
alt-svc: h3-27=":443"; ma=86400
x-amz-id-2: pf12J+z7Um9Hk2EHQZxPZbViryt/Ex/9niscth6H7RL4USfkD+dBViLB1caq5UTeW9UnJh4T7Xs=
cf-bgj: minify
server: cloudflare
etag: W/"82b3d8a88219df952c6396b5803a5578"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 0309aae7370000cda3cc024200000001
cf-ray: 59bc7a852c49cda3-CDG
expires: Sun, 31 May 2020 01:11:37 GMT

GET
H2 200 wp-embed.min.js Show response
idnovel.co.id/wp-includes/js/ 1 KB
1 KB 619ms
164ms Script
application/javascript 173.254.207.118
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://idnovel.co.id/wp-includes/js/wp-embed.min.js?ver=5.3.2
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.254.207.118 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 173.254.207.118.ip.rhzahra.com
Software: Nginx / VPSSIM
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
content-encoding: gzip
last-modified: Sun, 17 May 2020 17:44:02 GMT
server: Nginx
x-powered-by: VPSSIM
etag: W/"5ec177e2-59a"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
expires: Tue, 30 Jun 2020 00:11:37 GMT

GET
H2 200 advertisement.js Show response
idnovel.co.id/wp-content/themes/MegumiNovelV2/lib/js/ 22 B
269 B 611ms
165ms Script
application/javascript 173.254.207.118
ASN-QUADRANET-GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://idnovel.co.id/wp-content/themes/MegumiNovelV2/lib/js/advertisement.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.254.207.118 Los Angeles, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS: 173.254.207.118.ip.rhzahra.com
Software: Nginx / VPSSIM
Resource Hash: 4f1f346b33b799d894518a419e5320c710dcfda41c35a171cc8baa4e08439c11

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
last-modified: Fri, 27 Mar 2020 21:03:09 GMT
server: Nginx
x-powered-by: VPSSIM
etag: "5e7e6a0d-16"
content-type: application/javascript
status: 200
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 22
expires: Tue, 30 Jun 2020 00:11:37 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
29 KB 25ms
21ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 424121
status: 200
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 0309aae6d40000bf3ce00a9200000001
served-in-seconds: 0.004
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:20:15 GMT
server: cloudflare
etag: W/"5afd494f-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 59bc7a848e7dbf3c-AMS
expires: Fri, 21 May 2021 00:11:37 GMT

GET
H2 200 bootstrap.min.js Show response
paste.co.id/js/ 50 KB
13 KB 95ms
91ms Script
application/javascript 2606:4700:3036::681f:4fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/bootstrap.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:4fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Nov 2018 09:15:02 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"5be3fe96-c75f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 59bc7a848d9f0bf9-AMS
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 0309aae6d500000bf9768d0200000001

GET
H2 200 mdb.min.js Show response
paste.co.id/js/ 204 KB
60 KB 112ms
109ms Script
application/javascript 2606:4700:3036::681f:4fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/mdb.min.js?v=2
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:4fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 29 Jan 2019 16:15:46 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"5c507c32-331d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 59bc7a848da10bf9-AMS
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 0309aae6d500000bf9768d1200000001

GET
H2 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/ 65 KB
17 KB 27ms
25ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/select2.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 422564
status: 200
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 0309aae6d40000bf3ce00aa200000001
served-in-seconds: 0.002
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:26:42 GMT
server: cloudflare
etag: W/"5afd4ad2-1042e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 59bc7a848e7ebf3c-AMS
expires: Fri, 21 May 2021 00:11:37 GMT

GET
H2 200 prism.js Show response
paste.co.id/plugins/prismjs/ 328 KB
114 KB 111ms
108ms Script
application/javascript 2606:4700:3036::681f:4fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:4fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 24 Nov 2018 11:17:38 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"5bf93352-521a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 59bc7a848da20bf9-AMS
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 0309aae6d500000bf9768d2200000001

GET
H2 200 99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add Show response
lovelydrum.com/ 89 KB
28 KB 354ms
239ms Script
text/javascript 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lovelydrum.com/99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add

Requested by

Host: paste.co.id
URL: https://paste.co.id/cdn-cgi/apps/head/2yqJvyfZ1Uh-2lN7LZ_VejZFsEM.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

111.91.190.35.bc.googleusercontent.com

Software

Resource Hash

462134860ae0129389d8e469de5ac84e245dd53bcd68fea751998d3cf4894e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "5c818401f0709bc7df75ffebdc0fc0be1515b8054c2e3ae55c8adbfba852c4d4"
vary: Accept-Encoding, Accept-Language
x-hostname: george
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, must-revalidate, max-age=21600
date: Sun, 31 May 2020 00:11:37 GMT
timing-allow-origin: *

GET
H2 503 ODDUj0AVpwTFCkac0C-t0V4Mg-4.js
paste.co.id/cdn-cgi/apps/body/ 0
0 18ms
17ms Script
text/html 2606:4700:3036::681f:4fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/cdn-cgi/apps/body/ODDUj0AVpwTFCkac0C-t0V4Mg-4.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/cdn-cgi/apps/head/2yqJvyfZ1Uh-2lN7LZ_VejZFsEM.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::681f:4fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 503
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 59bc7a851ed80bf9-AMS
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 0309aae73300000bf9768da200000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 22ms
20ms Font
font/woff2 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://paste.co.id

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
status: 200
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 77171

GET
H2 200 Roboto-Regular.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 101ms
100ms Font
font/woff2 2606:4700:3036::681f:4fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Regular.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:4fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/css/mdb.min.css
Origin: https://paste.co.id

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
cf-cache-status: REVALIDATED
x-powered-by: PleskLin
status: 200
alt-svc: h3-27=":443"; ma=86400
content-length: 49236
cf-request-id: 0309aae6e700000bf9768d5200000001
last-modified: Thu, 08 Nov 2018 09:15:02 GMT
server: cloudflare
etag: "5be3fe96-c054"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 59bc7a84ade40bf9-AMS

GET
H2 200 Roboto-Light.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 106ms
104ms Font
font/woff2 2606:4700:3036::681f:4fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Light.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:4fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/css/mdb.min.css
Origin: https://paste.co.id

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
cf-cache-status: REVALIDATED
x-powered-by: PleskLin
status: 200
alt-svc: h3-27=":443"; ma=86400
content-length: 49380
cf-request-id: 0309aae6e700000bf9768d6200000001
last-modified: Thu, 08 Nov 2018 09:15:02 GMT
server: cloudflare
etag: "5be3fe96-c0e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 59bc7a84ade80bf9-AMS

GET
H2 200 Roboto-Bold.woff2
paste.co.id/font/roboto/ 49 KB
49 KB 125ms
124ms Font
font/woff2 2606:4700:3036::681f:4fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Bold.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:4fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/css/mdb.min.css
Origin: https://paste.co.id

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
cf-cache-status: REVALIDATED
x-powered-by: PleskLin
status: 200
alt-svc: h3-27=":443"; ma=86400
content-length: 49976
cf-request-id: 0309aae6e700000bf9768d7200000001
last-modified: Thu, 08 Nov 2018 09:15:02 GMT
server: cloudflare
etag: "5be3fe96-c338"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 59bc7a84ade90bf9-AMS

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
952 B 42ms
14ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=paste.co.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 May 2020 00:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
952 B 42ms
14ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paste.co.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 May 2020 00:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/ 218 KB
82 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f78ab01c230d1137acf6ddd944b8c74ca55fc21f93495c875a21428e4d2c0408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 83908
x-xss-protection: 0
server: cafe
etag: 18422230976395592926
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 May 2020 00:11:37 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200526/r20190131/ Frame 6B99 0
0 6ms
5ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200526/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200526/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 26 May 2020 23:49:31 GMT
expires: Tue, 09 Jun 2020 23:49:31 GMT
content-type: text/html; charset=UTF-8
etag: 17826495148367054107
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4284
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 346926
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137362802-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 5582
date: Sat, 30 May 2020 22:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Sun, 31 May 2020 00:38:35 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1984283564&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8%3F__cf_chl_jschl_tk__%3D5f547c469411eceb6bcc7885d16163220b67aeef-1590883...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-137362802-1&cid=1740415651.1590883897&jid=244878198&_gid=1198945752.1590883897&gjid=950457729&_v=j82&z=2114275356
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137362802-1&cid=1740415651.1590883897&jid=244878198&_v=j82&z=2114275356
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137362802-1&cid=1740415651.1590883897&jid=244878198&_v=j82&z=2114275356&slf_rd=1&random=3831132758

42 B
106 B

17ms
16ms

Image
image/gif

2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137362802-1&cid=1740415651.1590883897&jid=244878198&_v=j82&z=2114275356&slf_rd=1&random=3831132758

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 May 2020 00:11:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 31 May 2020 00:11:37 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-137362802-1&cid=1740415651.1590883897&jid=244878198&_v=j82&z=2114275356&slf_rd=1&random=3831132758
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame BC98 0
0 69ms
69ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1590883897&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8%3F__cf_chl_jschl_tk__%3D5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1590883897133&bpp=11&bdt=237&idt=135&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7600763792420&frm=20&pv=2&ga_vid=1740415651.1590883897&ga_sid=1590883897&ga_hid=1984283564&ga_fc=0&iag=0&icsg=150612520&dssz=21&mdo=0&mso=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C26835105&oid=3&pvsid=3473647965173534&pem=733&ref=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=149

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1590883897&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8%3F__cf_chl_jschl_tk__%3D5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1590883897133&bpp=11&bdt=237&idt=135&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7600763792420&frm=20&pv=2&ga_vid=1740415651.1590883897&ga_sid=1590883897&ga_hid=1984283564&ga_fc=0&iag=0&icsg=150612520&dssz=21&mdo=0&mso=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C26835105&oid=3&pvsid=3473647965173534&pem=733&ref=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=149
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 31 May 2020 00:11:37 GMT
server: cafe
content-length: 528
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 31-May-2020 00:26:37 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 31 May 2020 00:11:37 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26ab1f3d53089825fd05700e5518ee60a7ff1290d07fbb4ad5b07b4ac4953685

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1590752365362815"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27673
x-xss-protection: 0
expires: Sun, 31 May 2020 00:11:37 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5F2D 0
0 82ms
81ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&slotname=3374289680&adk=2423028384&adf=2347387144&w=840&fwrn=4&fwrnh=100&lmt=1590883897&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=840x280&url=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8%3F__cf_chl_jschl_tk__%3D5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1590883897147&bpp=4&bdt=251&idt=140&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7600763792420&frm=20&pv=1&ga_vid=1740415651.1590883897&ga_sid=1590883897&ga_hid=1984283564&ga_fc=0&iag=0&icsg=2298096168&dssz=22&mdo=0&mso=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=77&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C26835105&oid=3&pvsid=3473647965173534&pem=733&ref=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=z9vnT9bDCb&p=https%3A//paste.co.id&dtd=146

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&slotname=3374289680&adk=2423028384&adf=2347387144&w=840&fwrn=4&fwrnh=100&lmt=1590883897&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=840x280&url=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8%3F__cf_chl_jschl_tk__%3D5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1590883897147&bpp=4&bdt=251&idt=140&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7600763792420&frm=20&pv=1&ga_vid=1740415651.1590883897&ga_sid=1590883897&ga_hid=1984283564&ga_fc=0&iag=0&icsg=2298096168&dssz=22&mdo=0&mso=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=77&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C26835105&oid=3&pvsid=3473647965173534&pem=733&ref=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=1&uci=a!1&fsb=1&xpc=z9vnT9bDCb&p=https%3A//paste.co.id&dtd=146
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 31 May 2020 00:11:37 GMT
server: cafe
content-length: 203
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 31-May-2020 00:26:37 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 31 May 2020 00:11:37 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 89B4 0
0 54ms
53ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&slotname=3374289680&adk=2423028384&adf=3360776472&w=840&fwrn=4&fwrnh=100&lmt=1590883897&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=840x280&url=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8%3F__cf_chl_jschl_tk__%3D5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1590883897151&bpp=1&bdt=255&idt=156&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C840x280&nras=1&correlator=7600763792420&frm=20&pv=1&ga_vid=1740415651.1590883897&ga_sid=1590883897&ga_hid=1984283564&ga_fc=0&iag=0&icsg=2298096168&dssz=22&mdo=0&mso=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=1099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C26835105&oid=3&pvsid=3473647965173534&pem=733&ref=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wxkaWbB8Pn&p=https%3A//paste.co.id&dtd=160

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&slotname=3374289680&adk=2423028384&adf=3360776472&w=840&fwrn=4&fwrnh=100&lmt=1590883897&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=840x280&url=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8%3F__cf_chl_jschl_tk__%3D5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&adsid=NT&dt=1590883897151&bpp=1&bdt=255&idt=156&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C840x280&nras=1&correlator=7600763792420&frm=20&pv=1&ga_vid=1740415651.1590883897&ga_sid=1590883897&ga_hid=1984283564&ga_fc=0&iag=0&icsg=2298096168&dssz=22&mdo=0&mso=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=238&ady=1099&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C26835105&oid=3&pvsid=3473647965173534&pem=733&ref=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wxkaWbB8Pn&p=https%3A//paste.co.id&dtd=160
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 31 May 2020 00:11:37 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 31-May-2020 00:26:37 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 31 May 2020 00:11:37 GMT
cache-control: private

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 696C 0
0 91ms
91ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=600&slotname=3374289680&adk=1935312948&adf=64888922&w=255&fwrn=4&fwrnh=100&lmt=1590883897&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=255x600&url=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8%3F__cf_chl_jschl_tk__%3D5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1590883897152&bpp=1&bdt=255&idt=168&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C840x280%2C840x280&nras=1&correlator=7600763792420&frm=20&pv=1&ga_vid=1740415651.1590883897&ga_sid=1590883897&ga_hid=1984283564&ga_fc=0&iag=0&icsg=2298096168&dssz=22&mdo=0&mso=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C26835105&oid=3&pvsid=3473647965173534&pem=733&ref=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=3&uci=a!3&fsb=1&xpc=BsM751C5Ua&p=https%3A//paste.co.id&dtd=171

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&h=600&slotname=3374289680&adk=1935312948&adf=64888922&w=255&fwrn=4&fwrnh=100&lmt=1590883897&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=255x600&url=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8%3F__cf_chl_jschl_tk__%3D5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&adsid=NT&dt=1590883897152&bpp=1&bdt=255&idt=168&shv=r20200526&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C840x280%2C840x280&nras=1&correlator=7600763792420&frm=20&pv=1&ga_vid=1740415651.1590883897&ga_sid=1590883897&ga_hid=1984283564&ga_fc=0&iag=0&icsg=2298096168&dssz=22&mdo=0&mso=0&u_tz=120&u_his=3&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1123&ady=660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066085%2C26835105&oid=3&pvsid=3473647965173534&pem=733&ref=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=8336&bc=31&ifi=3&uci=a!3&fsb=1&xpc=BsM751C5Ua&p=https%3A//paste.co.id&dtd=171
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 31 May 2020 00:11:37 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 31-May-2020 00:26:37 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 31 May 2020 00:11:37 GMT
cache-control: private

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 20ms
18ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a20070fc475f7befb15e531f7212f19fa7502ee9a53fcabf36d42a09ac9260b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 31 May 2020 00:11:37 GMT
server: ESF
date: Sun, 31 May 2020 00:11:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 31 May 2020 00:11:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
670 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:815::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 31 May 2020 00:11:37 GMT
server: ESF
date: Sun, 31 May 2020 00:11:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 31 May 2020 00:11:37 GMT

GET
DATA 200
OK truncated
/ 418 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f96c53b9b03f4b4ab67841c2ffd39ec588c945206edb5d8f6e7725859e29f69d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Origin: https://paste.co.id

Response headers

date: Tue, 19 May 2020 23:49:29 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 951728
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 19 May 2021 23:49:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Origin: https://paste.co.id

Response headers

date: Sun, 17 May 2020 05:16:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 1191331
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Mon, 17 May 2021 05:16:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Origin: https://paste.co.id

Response headers

date: Tue, 26 May 2020 05:53:44 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 411473
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Wed, 26 May 2021 05:53:44 GMT

GET
H2 200 1 Show response
servicer.mgid.com/914924/ 3 KB
1 KB 96ms
95ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/914924/1?w=844&h=207&cols=2&pv=5&cbuster=1590883897469732027352&uniqId=0e6af&niet=4g&nisd=false&ref=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8&pr=paste.co.id&lu=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8%3F__cf_chl_jschl_tk__%3D5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c&pageView=1&pvid=1726811d07e9cfbbe4b&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5f8e722587df3b4210c83fbaaa149b7a56e738411eb52127f20757eaed3e848

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 May 2020 00:11:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 59bc7a873f2ccda3-CDG
content-type: application/x-javascript; charset=utf-8
cf-request-id: 0309aae8870000cda3cc02f200000001

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
792 B 94ms
92ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1590883897573566987870
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9797439b2c6652e70242c6b8710585cd957fb7725a36731a636997b8a1152467

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 May 2020 00:11:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 59bc7a87e840cda3-CDG
content-type: application/javascript
cf-request-id: 0309aae8ed0000cda3cc030200000001

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans
Origin: https://paste.co.id

Response headers

date: Fri, 15 May 2020 19:37:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 1312474
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Sat, 15 May 2021 19:37:03 GMT

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame A96D 186 B
479 B 92ms
92ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1590883897580260791395
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e83fc3dc542e7be4f58dea74a3d729956bf590acec4c8521de9dc8a74b276c6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 May 2020 00:11:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 59bc7a87e84ccda3-CDG
content-type: application/javascript
cf-request-id: 0309aae8f30000cda3cc031200000001

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 139ms
40ms Script
application/x-javascript 104.111.214.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 31 May 2020 00:11:37 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Mon, 01 Jun 2020 00:11:37 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 50ms
47ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
content-encoding: br
cf-cache-status: HIT
age: 628
status: 200
alt-svc: h3-27=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 0309aae9040000cda3cc032200000001
cf-ray: 59bc7a880874cda3-CDG

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTItMjgvMjgwNTk1L2RiZjRjZGIxZmU4YzYxNWI5ODRiZWE3ZGI1OTkyZjc2LmpwZw**.webp
s-img.mgid.com/g/2541037/370x200/0x0x492x328/ 6 KB
6 KB 43ms
40ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/2541037/370x200/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTItMjgvMjgwNTk1L2RiZjRjZGIxZmU4YzYxNWI5ODRiZWE3ZGI1OTkyZjc2LmpwZw**.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f13a775c8523c714e8028ee7bcf9994a769000c592749d1bcc4e3e85012b6fe3

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
cf-cache-status: HIT
age: 3305901
status: 200
alt-svc: h3-27=":443"; ma=86400
content-length: 6304
cf-request-id: 0309aae9050000cda3cc033200000001
last-modified: Mon, 10 Feb 2020 12:40:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 59bc7a880877cda3-CDG
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMTAvMTIyODQ5L2RiNzVhMTIxNjY5ZGQ5YjBiY2VmNTFkZGYzZWE0MDhiLmpwZz90PTE1MzEyMTk5NDk5NTQ*.webp
s-img.mgid.com/g/2872122/370x200/0x0x492x328/ 8 KB
8 KB 48ms
45ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/2872122/370x200/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDctMTAvMTIyODQ5L2RiNzVhMTIxNjY5ZGQ5YjBiY2VmNTFkZGYzZWE0MDhiLmpwZz90PTE1MzEyMTk5NDk5NTQ*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f22a0ee403ba8e85265fb12041b9244e4e74609b2ab69df3bdf1d1684749a59a

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
cf-cache-status: HIT
age: 2633017
status: 200
alt-svc: h3-27=":443"; ma=86400
content-length: 8386
cf-request-id: 0309aae9050000cda3cc036200000001
last-modified: Thu, 30 Apr 2020 12:44:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 59bc7a88087ccda3-CDG
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTItMjgvMjgwNTk0LzhhNmQ0NWU1NWIyNGYzMzIwZTc2YWU2ZjE5MDdmYTQyLmpwZw**.webp
s-img.mgid.com/g/2540692/370x200/0x0x492x328/ 5 KB
6 KB 45ms
42ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/2540692/370x200/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMTItMjgvMjgwNTk0LzhhNmQ0NWU1NWIyNGYzMzIwZTc2YWU2ZjE5MDdmYTQyLmpwZw**.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5123961588898531a8eec5f2e583151544233695bb39272df0c12f9986c14a35

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
cf-cache-status: HIT
age: 1344170
status: 200
alt-svc: h3-27=":443"; ma=86400
content-length: 5540
cf-request-id: 0309aae9050000cda3cc035200000001
last-modified: Fri, 15 May 2020 10:48:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 59bc7a88087acda3-CDG

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvNDQ5MTUzLzE5ZWJhMDY3YjE4NjI0Mjk4NzZjMDBiNjFmYmE0MjMwLmpwZw**.webp
s-img.mgid.com/g/4889660/370x200/0x0x1045x696/ 4 KB
4 KB 41ms
38ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4889660/370x200/0x0x1045x696/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvNDQ5MTUzLzE5ZWJhMDY3YjE4NjI0Mjk4NzZjMDBiNjFmYmE0MjMwLmpwZw**.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9cb4e045ada573df597099cd67a844e80214f4049a0b15798d351c597649622

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
cf-cache-status: HIT
age: 206546
status: 200
alt-svc: h3-27=":443"; ma=86400
content-length: 3714
cf-request-id: 0309aae9050000cda3cc034200000001
last-modified: Thu, 28 May 2020 13:46:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 59bc7a880879cda3-CDG

GET
H2 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/ 10 KB
3 KB 19ms
18ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/plugins/prismjs/prism.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:37 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6852940
status: 200
alt-svc: h3-27=":443"; ma=86400
cf-request-id: 0309aaea100000bf3ce00d2200000001
served-in-seconds: 0.003
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:18:33 GMT
server: cloudflare
etag: W/"5afd48e9-29a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 59bc7a89b939bf3c-AMS
expires: Fri, 21 May 2021 00:11:37 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D433143%26c%3D%7Bdevice_id%7D
https://cm.mgid.com/m?cdsp=433143&c=9ea46cdf-dcc2-4beb-a66f-6457207a49e8

43 B
197 B

91ms
91ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433143&c=9ea46cdf-dcc2-4beb-a66f-6457207a49e8
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 May 2020 00:11:38 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 59bc7a8c3ff5cda3-CDG
content-type: image/gif
cf-request-id: 0309aaeba60000cda3cc052200000001

Redirect headers

status: 307
date: Sun, 31 May 2020 00:11:38 GMT
content-length: 0
location: https://cm.mgid.com/m?cdsp=433143&c=9ea46cdf-dcc2-4beb-a66f-6457207a49e8

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=b3107dd3-17ae-46fd-af49-d64a3975d1e8&ttl=1593475898

43 B
189 B

92ms
92ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=b3107dd3-17ae-46fd-af49-d64a3975d1e8&ttl=1593475898
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 May 2020 00:11:38 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 59bc7a8b3e37cda3-CDG
content-type: image/gif
cf-request-id: 0309aaeb070000cda3cc049200000001

Redirect headers

pragma: no-cache
date: Sun, 31 May 2020 00:11:38 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=b3107dd3-17ae-46fd-af49-d64a3975d1e8&ttl=1593475898
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

119ms
39ms

Image
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Sun, 31 May 2020 00:11:38 GMT
Access-Control-Allow-Credentials: true
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azR1QmtUaVBleWJo&muidn=k4uBkTiPeybh
https://cm.mgid.com/google?muidn=k4uBkTiPeybh&google_ula={guid},5&google_gid=CAESEGex1eNdBwvOqfXGZE8oo-8&google_cver=1

0
396 B

95ms
95ms

Image
text/plain

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=k4uBkTiPeybh&google_ula={guid},5&google_gid=CAESEGex1eNdBwvOqfXGZE8oo-8&google_cver=1
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 May 2020 00:11:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 59bc7a8aed74cda3-CDG
content-type: text/plain
cf-request-id: 0309aaeacf0000cda3cc045200000001

Redirect headers

pragma: no-cache
date: Sun, 31 May 2020 00:11:38 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=k4uBkTiPeybh&google_ula={guid},5&google_gid=CAESEGex1eNdBwvOqfXGZE8oo-8&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
329 B 462ms
67ms Image
image/gif 23.105.245.5
SERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=k4uBkTiPeybh
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.105.245.5 , Russian Federation, ASN7979 (SERVERS, US),
Reverse DNS
Software: nginx/1.15.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 May 2020 00:11:38 GMT
server: nginx/1.15.10
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
https://cm.mgid.com/m?cdsp=287839&c=083c4029-923d-4f57-b6b5-05d8314df690

43 B
229 B

101ms
101ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=287839&c=083c4029-923d-4f57-b6b5-05d8314df690
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 May 2020 00:11:38 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 59bc7a8e5c15cda3-CDG
content-type: image/gif
cf-request-id: 0309aaecf50000cda3cc064200000001

Redirect headers

date: Sun, 31 May 2020 00:11:38 GMT
via: 1.1 google
status: 302
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: //cm.mgid.com/m?cdsp=287839&c=083c4029-923d-4f57-b6b5-05d8314df690
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0

GET
H2

200

cm-notify
ams.creativecdn.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1

42 B
252 B

32ms
31ms

Image
image/gif

185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Sun, 31 May 2020 00:11:38 GMT, Sun, 31 May 2020 00:11:38 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-type: image/gif
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

status: 302
date: Sun, 31 May 2020 00:11:38 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
location: https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
556 B 178ms
97ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=k4uBkTiPeybh
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 May 2020 00:11:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 59bc7a8acc50edb7-CDG
content-type: image/gif
cf-request-id: 0309aaeabb0000edb7340bd200000001

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=68a0054c-69b0-49b4-89d3-436a83ebabda&ssp=mgid&user_group=1
https://cm.mgid.com/m?cdsp=433145&c=ad873f53-ebba-46ee-9962-8bdcc62936bf

43 B
229 B

92ms
92ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=ad873f53-ebba-46ee-9962-8bdcc62936bf
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 May 2020 00:11:38 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 59bc7a8e4be6cda3-CDG
content-type: image/gif
cf-request-id: 0309aaecea0000cda3cc063200000001

Redirect headers

status: 302
date: Sun, 31 May 2020 00:11:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //cm.mgid.com/m?cdsp=433145&c=ad873f53-ebba-46ee-9962-8bdcc62936bf
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

match
s.pubmine.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=k4uBkTiPeybh
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k4uBkTiPeybh
https://s.pubmine.com/match?bidder_id=1&external_user_id=ad873f53-ebba-46ee-9962-8bdcc62936bf&ssp_data=&gdpr=&gdpr_consent=

43 B
366 B

107ms
35ms

Image
image/gif

63.33.106.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=1&external_user_id=ad873f53-ebba-46ee-9962-8bdcc62936bf&ssp_data=&gdpr=&gdpr_consent=
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.33.106.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-106-135.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 31 May 2020 00:11:38 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif

Redirect headers

status: 302
date: Sun, 31 May 2020 00:11:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //s.pubmine.com/match?bidder_id=1&external_user_id=ad873f53-ebba-46ee-9962-8bdcc62936bf&ssp_data=&gdpr=&gdpr_consent=
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43263&callback_url=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D501036%26c%3D%24%7BUSER_ID%7D&crf=1
https://cm.mgid.com/m?cdsp=501036&c=667f9f48-590a-5298-92a1-6d7dcc739b47

43 B
197 B

105ms
105ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501036&c=667f9f48-590a-5298-92a1-6d7dcc739b47
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 May 2020 00:11:38 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 59bc7a8c0f7acda3-CDG
content-type: image/gif
cf-request-id: 0309aaeb800000cda3cc04f200000001

Redirect headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: https://cm.mgid.com/m?cdsp=501036&c=667f9f48-590a-5298-92a1-6d7dcc739b47

GET
H2

200

m
cm.mgid.com/ Frame A96D
Redirect Chain

https://udata.mixmarket.biz/tr.php?syncnet=28&cb=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D311971%26mode%3Dinverse%26c%3D%24UID
https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0

43 B
317 B

97ms
97ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 May 2020 00:11:38 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 59bc7a8d2971cda3-CDG
content-type: image/gif
cf-request-id: 0309aaec340000cda3cc059200000001

Redirect headers

Location: https://cm.mgid.com/m?cdsp=311971&mode=inverse&c=0
Date: Sun, 31 May 2020 00:11:38 GMT
Server: nginx/1.14.2
Connection: keep-alive
Transfer-Encoding: chunked

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1590883897959&ns_c=UTF-8&cv=3.5&c8=Untitled%20-%20Paste.co.id%20-%20%231%20paste%20tool%20indonesia!&c7=https%3A%2F%2Fpaste.co.id%2F...
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1590883897959&ns_c=UTF-8&cv=3.5&c8=Untitled%20-%20Paste.co.id%20-%20%231%20paste%20tool%20indonesia!&c7=https%3A%2F%2Fpaste.co.id%2...

0
399 B

40ms
40ms

Image
text/plain

104.111.214.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1590883897959&ns_c=UTF-8&cv=3.5&c8=Untitled%20-%20Paste.co.id%20-%20%231%20paste%20tool%20indonesia!&c7=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8%3F__cf_chl_jschl_tk__%3D5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c&c9=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8&cs_ak_ss=1
Requested by: Host: paste.co.id
URL: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 May 2020 00:11:38 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1590883897959&ns_c=UTF-8&cv=3.5&c8=Untitled%20-%20Paste.co.id%20-%20%231%20paste%20tool%20indonesia!&c7=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8%3F__cf_chl_jschl_tk__%3D5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c&c9=https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8&cs_ak_ss=1
Pragma: no-cache
Date: Sun, 31 May 2020 00:11:38 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Aixlhp Show response
ad.doubleclick.net/ddm/adj/Brwj/ 11 B
581 B 103ms
36ms Script
text/javascript 216.58.206.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/Brwj/Aixlhp

Requested by

Host: lovelydrum.com
URL: https://lovelydrum.com/99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.6 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 May 2020 00:11:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame 10C2 0
0 27ms
6ms Document
text/html 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: lovelydrum.com
URL: https://lovelydrum.com/99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1479
date: Mon, 25 May 2020 22:48:37 GMT
expires: Tue, 25 May 2021 22:48:37 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 436981
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 37ms
18ms XHR
application/json 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200526&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

600fd68b1b49fbe54ece1303e91a1763c8b4af25b91596e0665fbd61f2243e40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 May 2020 00:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5592
x-xss-protection: 0

POST
H2 200 v2tpfHiRTPjRt23R-OhRsIkmP2DhQkNjajmHb3YlVrDMz8opbZWYGCTT5EhR4C-Ak9VuitqtP Show response
lovelydrum.com/ 216 B
609 B 99ms
34ms Fetch
application/json 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lovelydrum.com/v2tpfHiRTPjRt23R-OhRsIkmP2DhQkNjajmHb3YlVrDMz8opbZWYGCTT5EhR4C-Ak9VuitqtP

Requested by

Host: lovelydrum.com
URL: https://lovelydrum.com/99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

111.91.190.35.bc.googleusercontent.com

Software

Resource Hash

c0ec3f06ab6c4e1fbd21db24597ab3ac72f4946b1f6ebfc273e4a7fc832ed50d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
status: 200
date: Sun, 31 May 2020 00:11:38 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: george
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Sun, 31 May 2020 00:11:37 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200526/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 May 2020 00:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5456
x-xss-protection: 0
expires: Sun, 31 May 2020 00:11:38 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame F608 0
0 6ms
6ms Document
text/html 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Sat, 30 May 2020 23:41:17 GMT
expires: Sun, 30 May 2021 23:41:17 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1821
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
120 B 39ms
39ms Image
image/gif 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200526&jk=3473647965173534&bg=!KCulKzNYVzVLxQ1UjR4CAAAAMFIAAAAMmQFz2yE0T1IWqJxDhpOr-ejBFwh6D1q-BZOvbCP634MkTjV7VcLDucCf4tKOISybgKeZdD84Ux_pdj225nuj0VIeRgojkMc_nU_RdSJTpMLIcR_EPdTyw0NjPXKqFZk9PeQJB8PzRQqkyMtUkfukFAraIil12PBHGewsOj3OpRMajspFRtiljTNN2gFWHaz5VNJUOBpjWICxr_pe0pabUoO6Ce_x8M6ESom9Fwv4Hm6rFEVm0bPszS1_kEdzvfTS0aUQnzGo7LMwpzmoWFDu5eBqS1pisXui0lXDSLey97ToUqmgr-w5s9mcxHNdbSbq4uPW6XuIh_r18xn672QCLz9sBOq8blm1h4sjvSj8Fqod0e-gc7sj4_kDuRMhl8LqJ_LC6-RNiTvFiB5QpvWU5fIrlzLl2yU6rOx02SbkCH79TtPNxwJ6-GZRTIrxIwweq23nQx6kcly5FmRcCQ9RgqZkR3NSb397N4BH3IL_3f6MnuOXJP4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 May 2020 00:11:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c
c.mgid.com/ 43 B
148 B 130ms
116ms Image
image/gif 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=153|83|8|0bFlcU_FjQU0e6KonLGDDbL2IkMsuw8tC86Yow_KIwLrsLilfyl15PT9L1uT76E3&fw=1&extjs=66046&v=153|83|8|iOcwoNZvHHIRPyaY6h9SauqqWuTw9Y2_f3rmHvhWJ13yEZakEiLCSff-XP4egS-K&v=153|83|8|MaXZYkytSnyCq_NVtCaAd3tn86ecGcrH28Jv2Hiv6JRtt0YHT4QKUQlmtp9RzT3p&v=153|83|8|l31Ds0C9r2S8y87WfMdZgq58NzY3YgEc6NWmxgx5h7g6F1VpL5m_qQ1UZbs9ZzKt&imgdim=1&cid=914924&h2=_IqHHECS4sm7TQFWqEkmfXiIRCw5aJaSpM4M_SpA4o4*&rid=4b68364f-a2d3-11ea-9ed9-d094662f8ab5&tt=Referral&ts=paste.co.id&pageImp=1&muid=k4uBkTiPeybh&cbuster=1590883898972771141069&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 May 2020 00:11:39 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 59bc7a90bff6cda3-CDG
content-type: image/gif
cf-request-id: 0309aaee710000cda3cc072200000001

POST
H2 200 v2bybuCXibcVNTFX05o0ymVX2L17bM1DpOWfvv7iktI5N569RvfzXVwJ1wDUWiVRVylLC1N7siw
lovelydrum.com/ 2 B
319 B 33ms
33ms Other
application/json 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lovelydrum.com/v2bybuCXibcVNTFX05o0ymVX2L17bM1DpOWfvv7iktI5N569RvfzXVwJ1wDUWiVRVylLC1N7siw

Requested by

Host: lovelydrum.com
URL: https://lovelydrum.com/99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

111.91.190.35.bc.googleusercontent.com

Software

Resource Hash

4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://paste.co.id/ov9XRXMot8?__cf_chl_jschl_tk__=5f547c469411eceb6bcc7885d16163220b67aeef-1590883890-0-AfqEGRv-w6mGbK4gF5K9dPquAHbh1D60zVt8xjfv56lR1C7nbUXRdovRXY0tYukbz1K8DahsTSX2DYdhEtbB5478mev0gZkMQy7gAvF0OlsjdsLcoRGCFu9GMJyRQo036kQt4CA9NjgPrL5InY2BPw6J6WuJ4s7ZMtdXorW90rLha7Jy1sdO8lfUV9dnh9q68XwADheM45YNSK3ECsZ2nev5E47A4-fCbGq7vAsgJNVojNt4YI1Ta3UaCU1XKqLkLuTDieFXhAzwJL2uI7p6kbHzN0jIlOe7htUEnD39QT0c
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
status: 200
date: Sun, 31 May 2020 00:11:39 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: george
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 2
expires: Sun, 31 May 2020 00:11:38 GMT

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 19:16:19	Name: IDE Value: AHWqTUk0fK9LaDiO9VCCQyNwWmIctXw94Vo6FpwoMiWtvBKQU7P8CqY5bnBADLLJ
paste.co.id/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22https%3A%2F%2Fpaste.co.id%2Fov9XRXMot8%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22N6KMlVl6t%22%7D%2C%22C914924%22%3A%7B%22page%22%3A1%2C%22time%22%3A1590883897571%7D%7D
.paste.co.id/	1970-01-19 09:56:10	Name: _gid Value: GA1.3.1198945752.1590883897
.paste.co.id/	1970-01-20 03:25:55	Name: _ga Value: GA1.3.1740415651.1590883897
.paste.co.id/	1970-01-19 09:54:43	Name: _gat_gtag_UA_137362802_1 Value: 1
.paste.co.id/	1970-01-19 10:37:55	Name: __cfduid Value: d6205fca3a490f8918de54a2a96bb4e981590883897

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js(Line 9) Message: [object HTMLImageElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.betweendigital.com
adservice.google.com
adservice.google.de
ams.creativecdn.com
c.mgid.com
cdn.mgid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
csync.loopme.me
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
idnovel.co.id
jsc.mgid.com
lovelydrum.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
paste.co.id
prod.perf-serving.com
rtb-usw.mfadsrvr.com
s-img.mgid.com
s.pubmine.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
servicer.mgid.com
stats.g.doubleclick.net
tpc.googlesyndication.com
udata.mixmarket.biz
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.111.214.103
104.111.230.142
104.16.221.74
104.19.136.78
172.217.22.98
173.254.207.118
178.63.78.76
18.185.190.97
185.184.8.30
188.42.191.196
2001:4de0:ac19::1:b:3b
216.58.206.6
23.105.245.5
23.105.254.92
2606:4700:3036::681f:4fc2
2606:4700::6810:84e5
2a00:1450:4001:800::2002
2a00:1450:4001:800::2008
2a00:1450:4001:800::200e
2a00:1450:4001:814::2002
2a00:1450:4001:815::2001
2a00:1450:4001:815::200a
2a00:1450:4001:816::2003
2a00:1450:4001:81b::2003
2a00:1450:4001:81e::2004
2a00:1450:400c:c00::9c
34.252.111.25
35.190.91.111
35.212.212.222
52.28.147.164
63.33.106.135
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1d0441dbf22e0e6728c313193d7f0bea2856d4fd0fe5eab5cba18a00749e01d8
1e84a189cdca9f194b0bba2eeaa6216f383ae49d8d0d30916ceb6cf75be06779
26ab1f3d53089825fd05700e5518ee60a7ff1290d07fbb4ad5b07b4ac4953685
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
462134860ae0129389d8e469de5ac84e245dd53bcd68fea751998d3cf4894e7e
4e0c7e56009835b540c4d2e3d9aa847180d6ff489098c92fdea26cc77bb08325
4f1f346b33b799d894518a419e5320c710dcfda41c35a171cc8baa4e08439c11
5123961588898531a8eec5f2e583151544233695bb39272df0c12f9986c14a35
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
59d3b0f41ff8ed0ab160bbe4df8c72cfcbd729ee6e97f23c1a8ff1913b78ad52
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
600fd68b1b49fbe54ece1303e91a1763c8b4af25b91596e0665fbd61f2243e40
61d4c7a33c2e0042655468d3351e76a84b939a97e79adb00bae443400bba3d4c
65a16525e945d83037208cb592c0b118ff52787f4ce0f947a4cdee1ccded2123
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
748851c4d2e38c4f7587afb6b6e54dfc26e7329018d27911115f1840e251d4a8
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b79c6b06361304deb41925d705021c57901827087727ca9db7d1d1230254ac4
7e83fc3dc542e7be4f58dea74a3d729956bf590acec4c8521de9dc8a74b276c6
8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045
8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716
8dfb89df4c51a4b18b50df85c0e0b715cb433dcb738e0632b8b52fd71a748d6a
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75
9797439b2c6652e70242c6b8710585cd957fb7725a36731a636997b8a1152467
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a20070fc475f7befb15e531f7212f19fa7502ee9a53fcabf36d42a09ac9260b2
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3918a483d183ab445ddc3cf0b10186a76ecf2fa71861d8001c4816277717449
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a6f2862c221a30cecd6f6a5b89a2e3d73352b9d831c2edb655940defa34210c1
a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
bf8eeec0243213e8b5d4caf858a57977c915a8d8b004991ba9260603d2c0d920
c0ec3f06ab6c4e1fbd21db24597ab3ac72f4946b1f6ebfc273e4a7fc832ed50d
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
c9cb4e045ada573df597099cd67a844e80214f4049a0b15798d351c597649622
d5f8e722587df3b4210c83fbaaa149b7a56e738411eb52127f20757eaed3e848
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13a775c8523c714e8028ee7bcf9994a769000c592749d1bcc4e3e85012b6fe3
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f22a0ee403ba8e85265fb12041b9244e4e74609b2ab69df3bdf1d1684749a59a
f4d3550a6db6dae442d64a04259a3e69b144ab614d072fe6a36a6d677151f070
f78ab01c230d1137acf6ddd944b8c74ca55fc21f93495c875a21428e4d2c0408
f96c53b9b03f4b4ab67841c2ffd39ec588c945206edb5d8f6e7725859e29f69d

paste.co.id Open in urlscan Pro 2606:4700:3036::681f:4fc2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

84 Requests

100 %HTTPS

42 %IPv6

28 Domains

41 Subdomains

22 IPs

8 Countries

944 kBTransfer

2438 kBSize

6 Cookies

8 Outgoing links

Page URL History

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paste.co.id Open in urlscan Pro
2606:4700:3036::681f:4fc2 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

100 %
HTTPS

42 %
IPv6

28
Domains

41
Subdomains

22
IPs

8
Countries

944 kB
Transfer

2438 kB
Size

6
Cookies

84 HTTP transactions
3 data transactions