paste.co.id Open in urlscan Pro
5.189.137.168 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paste.co.id/3wkFHWaVQT
Submission Tags: falconsandbox
Submission: On February 11 via api (February 11th 2021, 9:20:06 am UTC) from US

Summary HTTP 133 Redirects Links 45 Behaviour Indicators

Summary

This website contacted 32 IPs in 10 countries across 33 domains to perform 133 HTTP transactions. The main IP is 5.189.137.168, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is paste.co.id.
TLS certificate: Issued by R3 on December 20th 2020. Valid for: 3 months.

This is the only time paste.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	5.189.137.168 5.189.137.168	51167 (CONTABO) (CONTABO)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	139.45.196.72 139.45.196.72	9002 (RETN-AS) (RETN-AS)
10	139.45.196.209 139.45.196.209	9002 (RETN-AS) (RETN-AS)
33	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	109.203.125.88 109.203.125.88	31727 (NODE4-AS) (NODE4-AS)
1	173.249.18.21 173.249.18.21	51167 (CONTABO) (CONTABO)
6	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
17	2405:4240:1:2::3 2405:4240:1:2::3	135370 (TMK-AS-AP...) (TMK-AS-AP PT Telematika Mitrakreasi)
1	2606:4700:20:... 2606:4700:20::681a:c76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	139.45.197.8 139.45.197.8	9002 (RETN-AS) (RETN-AS)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
5	139.45.195.167 139.45.195.167	9002 (RETN-AS) (RETN-AS)
1	139.45.197.48 139.45.197.48	9002 (RETN-AS) (RETN-AS)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	139.45.196.87 139.45.196.87	9002 (RETN-AS) (RETN-AS)
2	2606:4700:10:... 2606:4700:10::6816:1874	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:87b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 2	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
5 5	35.156.158.150 35.156.158.150	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	104.19.216.61 104.19.216.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	94.23.171.206 94.23.171.206	16276 (OVH) (OVH)
2 2	34.246.61.84 34.246.61.84	16509 (AMAZON-02) (AMAZON-02)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
1	139.45.196.93 139.45.196.93	9002 (RETN-AS) (RETN-AS)
133	32

16 5.189.137.168 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi465240.contaboserver.net

paste.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.196.72 (Ascension Island)

ASN9002 (RETN-AS, GB)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.196.209 (Ascension Island)

ASN9002 (RETN-AS, GB)

seeptoag.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 104.19.133.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.203.125.88 (Salford, United Kingdom)

ASN31727 (NODE4-AS, GB)
PTR: server.switchtowood.co.uk

www.qrcoder.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.249.18.21 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: berkas.co

berkas.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2405:4240:1:2::3 (None, )

ASN135370 (TMK-AS-AP PT Telematika Mitrakreasi, ID)

arnalyze.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:c76 (United States)

ASN13335 (CLOUDFLARENET, US)

iclickcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.8 (Ascension Island)

ASN9002 (RETN-AS, GB)

bedrapiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.195.167 (Ascension Island)

ASN9002 (RETN-AS, GB)

toglooman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.48 (Ascension Island)

ASN9002 (RETN-AS, GB)

onmarshtompor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.196.87 (Ascension Island)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1874 (United States)

ASN13335 (CLOUDFLARENET, US)

littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:87b (United States)

ASN13335 (CLOUDFLARENET, US)

static.lalaping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.132 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.156.158.150 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.216.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.171.206 (Czech Republic) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-94-23-171.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.246.61.84 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.254 (Ascension Island)

ASN9002 (RETN-AS, GB)

o.wowreality.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.196.93 (Ascension Island)

ASN9002 (RETN-AS, GB)

dutorterraom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	mgid.com jsc.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com c.mgid.com	408 KB
17	arnalyze.net arnalyze.net	13 KB
16	paste.co.id paste.co.id	413 KB
10	seeptoag.net seeptoag.net	66 KB
6	google.com www.google.com	35 KB
6	googletagmanager.com www.googletagmanager.com	77 KB
6	inpagepush.com inpagepush.com	58 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	toglooman.com toglooman.com	123 KB
4	gstatic.com fonts.gstatic.com	42 KB
4	cloudflare.com cdnjs.cloudflare.com	48 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	wowreality.info o.wowreality.info	398 B
2	adsrvr.org 2 redirects match.adsrvr.org	904 B
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	doubleclick.net 1 redirects cm.g.doubleclick.net stats.g.doubleclick.net	1 KB
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	279 B
2	littlecdn.com littlecdn.com	14 KB
2	rtmark.net my.rtmark.net	1 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
1	dutorterraom.com dutorterraom.com	326 B
1	google.de www.google.de	483 B
1	idealmedia.io cm.idealmedia.io	555 B
1	erne.co 1 redirects green.erne.co	296 B
1	lentainform.com cm.lentainform.com	623 B
1	pubmatic.com simage2.pubmatic.com	949 B
1	lalaping.com static.lalaping.com	33 KB
1	onmarshtompor.com onmarshtompor.com
1	bedrapiona.com bedrapiona.com	2 KB
1	iclickcdn.com iclickcdn.com	23 KB
1	berkas.co berkas.co	4 KB
1	qrcoder.co.uk www.qrcoder.co.uk
133	33

	Domain	Requested by
17	arnalyze.net	paste.co.id arnalyze.net
16	s-img.mgid.com	paste.co.id
16	paste.co.id	paste.co.id cdnjs.cloudflare.com
10	seeptoag.net	paste.co.id seeptoag.net
6	www.google.com	paste.co.id
6	cm.mgid.com	jsc.mgid.com paste.co.id
6	www.googletagmanager.com	paste.co.id www.googletagmanager.com
6	inpagepush.com	paste.co.id iclickcdn.com inpagepush.com
5	x.bidswitch.net	5 redirects
5	toglooman.com	iclickcdn.com toglooman.com
4	c.mgid.com	paste.co.id
4	servicer.mgid.com	jsc.mgid.com
4	fonts.gstatic.com	fonts.googleapis.com
4	cdnjs.cloudflare.com	paste.co.id
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	o.wowreality.info	static.lalaping.com
2	match.adsrvr.org	2 redirects
2	littlecdn.com	paste.co.id inpagepush.com
2	my.rtmark.net	inpagepush.com paste.co.id
2	fonts.googleapis.com	paste.co.id
2	jsc.mgid.com	paste.co.id
2	maxcdn.bootstrapcdn.com	paste.co.id maxcdn.bootstrapcdn.com
1	dutorterraom.com
1	www.google.de	paste.co.id
1	stats.g.doubleclick.net	www.google-analytics.com
1	cm.idealmedia.io	paste.co.id
1	green.erne.co	1 redirects
1	cm.lentainform.com	paste.co.id
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	simage2.pubmatic.com	paste.co.id
1	cm.g.doubleclick.net	1 redirects
1	eus.rubiconproject.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	static.lalaping.com	toglooman.com
1	onmarshtompor.com	iclickcdn.com
1	cdn.mgid.com	paste.co.id
1	bedrapiona.com	iclickcdn.com
1	iclickcdn.com	paste.co.id
1	berkas.co	paste.co.id
1	www.qrcoder.co.uk	paste.co.id
133	41

This site contains links to these domains. Also see Links.

Domain
widgets.mgid.com
www.mgid.com
www.imdb.com
github.com
gist.github.com
berkas.co

Subject Issuer	Validity	Valid
paste.co.id R3	`2020-12-20` - `2021-03-20`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
inpagepush.com R3	`2021-02-02` - `2021-05-03`	3 months	crt.sh
seeptoag.net R3	`2020-12-14` - `2021-03-14`	3 months	crt.sh
qrcoder.co.uk cPanel, Inc. Certification Authority	`2020-12-28` - `2021-03-28`	3 months	crt.sh
berkas.co R3	`2021-01-21` - `2021-04-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
arnalyze.net cPanel, Inc. Certification Authority	`2021-02-05` - `2021-05-06`	3 months	crt.sh
bedrapiona.com R3	`2021-02-04` - `2021-05-05`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
toglooman.com R3	`2020-12-15` - `2021-03-15`	3 months	crt.sh
onmarshtompor.com R3	`2021-01-13` - `2021-04-13`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
wowreality.info R3	`2021-02-06` - `2021-05-07`	3 months	crt.sh
dutorterraom.com R3	`2021-02-03` - `2021-05-04`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://paste.co.id/3wkFHWaVQT
Frame ID: D67E6D09DF6F965267B486E4F4520D86
Requests: 116 HTTP requests in this frame

Frame: https://onmarshtompor.com/fac.php
Frame ID: 4DE1A6A010FDE651ADECD325BD5E6B07
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1613035187559756183083
Frame ID: A7DDF38D664AADF0BF3CF740DE95CCAF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: BF4BBC3FA928CBBFEFC2A5D54E06CFB7
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 0E7EF18A4CF54628A04B01F65EF955F7
Requests: 1 HTTP requests in this frame

Frame: https://littlecdn.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/0276441336168.png
Frame ID: CB39B2C2B63EEA5DF24A369E350DD302
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

133
Requests

100 %
HTTPS

42 %
IPv6

33
Domains

41
Subdomains

32
IPs

10
Countries

1466 kB
Transfer

3506 kB
Size

7
Cookies

45 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.mgid.com/?utm_source=paste.co.id&utm_medium=referral&utm_campaign=widgets&utm_content=997452

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164845/i/57333099/0/pp/1/1?h=nbZFRYia4tJXbMMNPsyQCiBX2rE1PA_Kyep65uEc9vx60jBlU3KP1QcAbUUXXgh_&rid=491ac2f7-6c4a-11eb-9e2e-d094662c24f7&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1&muid=l1bLHBiJd4j1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164852/i/57333099/0/pp/2/1?h=nbZFRYia4tJXbMMNPsyQCuXnmm5Q9Lv3jZG57x1OP0oJRsGUKnsfsAbFg64VckI_&rid=491ac2f7-6c4a-11eb-9e2e-d094662c24f7&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1&muid=l1bLHBiJd4j1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193525/i/57333099/0/pp/3/1?h=nbZFRYia4tJXbMMNPsyQCgyTLjJM0opF7GHR6N70-LRRJucaLOSHrErFh4kIlWDL&rid=491ac2f7-6c4a-11eb-9e2e-d094662c24f7&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1&muid=l1bLHBiJd4j1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193536/i/57333099/0/pp/4/1?h=nbZFRYia4tJXbMMNPsyQCs1YhRkAEQBsDBsGlTLquUeJkKYhNV4TRdgBLErfBVSZ&rid=491ac2f7-6c4a-11eb-9e2e-d094662c24f7&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1&muid=l1bLHBiJd4j1

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097566629/
Title: https://www.imdb.com/list/ls097566629/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097566645/
Title: https://www.imdb.com/list/ls097566645/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097520788/
Title: https://www.imdb.com/list/ls097520788/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097520104/
Title: https://www.imdb.com/list/ls097520104/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097520156/
Title: https://www.imdb.com/list/ls097520156/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097520175/
Title: https://www.imdb.com/list/ls097520175/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097520178/
Title: https://www.imdb.com/list/ls097520178/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097520110/
Title: https://www.imdb.com/list/ls097520110/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097520119/
Title: https://www.imdb.com/list/ls097520119/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097520136/
Title: https://www.imdb.com/list/ls097520136/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097566689/
Title: https://www.imdb.com/list/ls097566689/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097566207/
Title: https://www.imdb.com/list/ls097566207/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097566255/
Title: https://www.imdb.com/list/ls097566255/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097566259/
Title: https://www.imdb.com/list/ls097566259/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097566273/
Title: https://www.imdb.com/list/ls097566273/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097566278/
Title: https://www.imdb.com/list/ls097566278/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097566212/
Title: https://www.imdb.com/list/ls097566212/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097566235/
Title: https://www.imdb.com/list/ls097566235/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097566614/
Title: https://www.imdb.com/list/ls097566614/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097566637/
Title: https://www.imdb.com/list/ls097566637/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097566634/
Title: https://www.imdb.com/list/ls097566634/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097566665/
Title: https://www.imdb.com/list/ls097566665/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097566666/
Title: https://www.imdb.com/list/ls097566666/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097566669/
Title: https://www.imdb.com/list/ls097566669/

Search URL Search Domain Scan URL

URL: https://github.com/qngheoaithuon/
Title: https://github.com/qngheoaithuon/

Search URL Search Domain Scan URL

URL: https://gist.github.com/qngheoaithuon/bedffee1edf7cf3c2a24d0ff06640713
Title: https://gist.github.com/qngheoaithuon/bedffee1edf7cf3c2a24d0ff06640713

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=paste.co.id&utm_medium=referral&utm_campaign=widgets&utm_content=914924

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193516/i/126987/0/pp/1/1?h=mB4ARl87ngXTlHWTLpvjTR6DBmVBcD8p-htkT7PehW43JYiX4rJepdlDrHEdcg59&rid=48f66402-6c4a-11eb-b699-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164889/i/126987/0/pp/2/1?h=mB4ARl87ngXTlHWTLpvjTYrqLZS5l3LJFa1nWh5hZnOf1XSnHUnK8jtPl3OwMjWj&rid=48f66402-6c4a-11eb-b699-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164883/i/126987/0/pp/3/1?h=mB4ARl87ngXTlHWTLpvjTU9f3wghoXbn9g3DfseEzMoBeoFV9sjf2Ri2z9Zd1GWm&rid=48f66402-6c4a-11eb-b699-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164848/i/126987/0/pp/4/1?h=mB4ARl87ngXTlHWTLpvjTTKXvocw8m23hsCs-rkfkOMKChw5KRE3pMDwQY9WhTEQ&rid=48f66402-6c4a-11eb-b699-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193537/i/57333099/0/pp/1/1?h=nbZFRYia4tJXbMMNPsyQCv1jrocPal-JKOnpbhzqlbWHhMQkVILnbrniYCFCXDtn&rid=491e396d-6c4a-11eb-bf14-d094662c1c35&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1&muid=l1bLHBiJd4j1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164884/i/57333099/0/pp/2/1?h=nbZFRYia4tJXbMMNPsyQCvMXtzDu5cPWAy7M2s03K2kZPqaNREIRgb-i-sJmTDnD&rid=491e396d-6c4a-11eb-bf14-d094662c1c35&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1&muid=l1bLHBiJd4j1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164865/i/57333099/0/pp/3/1?h=nbZFRYia4tJXbMMNPsyQCuUjhAmL1ifEPjOJdKd_YtBAFcrdg18M6Hvtl2FisaGe&rid=491e396d-6c4a-11eb-bf14-d094662c1c35&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1&muid=l1bLHBiJd4j1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193528/i/57333099/0/pp/4/1?h=nbZFRYia4tJXbMMNPsyQCsm4IbSViogtnwpEZhlBxBcpX3KOexgF8gl6BI1Qnduv&rid=491e396d-6c4a-11eb-bf14-d094662c1c35&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1&muid=l1bLHBiJd4j1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193497/i/57333099/0/pp/1/1?h=nbZFRYia4tJXbMMNPsyQCvObjBsjhnoQoBP3ay6d-eyLWwDkEq1c2ZmPvIuF9BWX&rid=491ee0b5-6c4a-11eb-bf14-d094662c1c35&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1&muid=l1bLHBiJd4j1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164923/i/57333099/0/pp/2/1?h=nbZFRYia4tJXbMMNPsyQCnrXB2bQYPwMvpgBduYUo9VdCC2evFUrlcRBXTtaG7XQ&rid=491ee0b5-6c4a-11eb-bf14-d094662c1c35&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1&muid=l1bLHBiJd4j1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164827/i/57333099/0/pp/3/1?h=nbZFRYia4tJXbMMNPsyQCjmSfnT4DyLLMgdXdPkuDHhUeqxvZCLKxNM8JbG3vBvK&rid=491ee0b5-6c4a-11eb-bf14-d094662c1c35&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1&muid=l1bLHBiJd4j1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164883/i/57333099/0/pp/4/1?h=nbZFRYia4tJXbMMNPsyQCk9f3wghoXbn9g3DfseEzMq4nslBWurZjzHhnM9SDqTh&rid=491ee0b5-6c4a-11eb-bf14-d094662c1c35&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&ct=1&muid=l1bLHBiJd4j1

Search URL Search Domain Scan URL

URL: https://berkas.co/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDFiTEhCaUpkNGox&muidn=l1bLHBiJd4j1 HTTP 302
https://cm.mgid.com/google?muidn=l1bLHBiJd4j1&google_ula={guid},5&google_gid=CAESEHaZM29eayLV3oqofIqiWVE&google_cver=1

Request Chain 83

https://x.bidswitch.net/sync?dsp_id=303&user_id=l1bLHBiJd4j1 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l1bLHBiJd4j1 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0785789a-f140-416a-a1e0-a7dfc4090e48&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 84

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=HxOP42sJO0GnHYw0spq2&pi=mgid&tc=1

Request Chain 86

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=EYWhtXmXkE7Extjdf710WTIP&ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=0785789a-f140-416a-a1e0-a7dfc4090e48&gdpr=&gdpr_consent=&us_privacy=

Request Chain 87

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=102422c0-3f7c-4655-b958-5c0af250524f&ttl=1615627188

133 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 3wkFHWaVQT Show response
paste.co.id/ 83 KB
25 KB 9164ms
9095ms Document
text/html 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed / PHP/7.3.24
Resource Hash: ea7f2ca477f401d156ad0c717510e50626344b11f62f17d4f92ffc7e987a5a4c

Request headers

:method: GET
:authority: paste.co.id
:scheme: https
:path: /3wkFHWaVQT
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-powered-by: PHP/7.3.24
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
set-cookie: XSRF-TOKEN=eyJpdiI6IjB4XC93TzAwbHdOZEZOZWREWEdudlhBPT0iLCJ2YWx1ZSI6Ink3OFBLZ2wxVk4wN2J1QTY4WjA5QWhzSG5xMFJlRjhPYUhhYW1EZjlTSnM5c3NSOCs0cDJTZFRreUJlRVZtc0kiLCJtYWMiOiJjMTkzZTUzOWU3OGExMDRjYzcwNTk5ZTk4NGE3NTYwZGYwZTE3YWE3MzljOWUzOWRjYjhjYTEzODFlOTA1MjMzIn0%3D; expires=Thu, 11-Feb-2021 11:19:46 GMT; Max-Age=7200; path=/; secure pasteshr_session=eyJpdiI6IjZ1WTlqUDRMTWx1V2ptWTBVbGZibnc9PSIsInZhbHVlIjoiV294RG01S2FNM0tVMDRLcXNjZHc5QlNhZHEwWUlZZjFRY3h1RnQ3dHp0OHpUVER6eHpLdTBYNmVtZXdsNGJ1YSIsIm1hYyI6ImY5ZDcwMjcyNTU4MzUxODRkOGFhMDc3YjFhZjFkOGUwMzEzYmM4MDc1MDk3NDc5NmI5OWM4ODMxOTRlZGM3OWIifQ%3D%3D; expires=Thu, 11-Feb-2021 11:19:46 GMT; Max-Age=7200; path=/; httponly; secure
content-encoding: br
vary: Accept-Encoding
date: Thu, 11 Feb 2021 09:19:46 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 32ms
14ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H3-Q050 200 bootstrap.min.css
paste.co.id/css/ 138 KB
19 KB 147ms
111ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/bootstrap.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:46 GMT
content-encoding: br
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 19090
expires: Thu, 18 Feb 2021 09:19:46 GMT

GET
H3-Q050 200 mdb.min.css
paste.co.id/css/ 226 KB
23 KB 149ms
113ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/mdb.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:46 GMT
content-encoding: br
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 23378
expires: Thu, 18 Feb 2021 09:19:46 GMT

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/ 15 KB
2 KB 14ms
12ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/select2.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2465095
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1624
cf-request-id: 0831fcc17b000016f2488f2000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-3b5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aZ7CoHJS1rzj5DWamVQ%2FFbR93bFDvAxyFNDeHymQchuqjpx9wZbNw%2Bzbf7lSUkgzXKdpMFXv%2FAbBaplwfxVKER4KnvMwO8cPjTwmquj9iRAsuWCRw75TTtvNJv8EH5%2FuFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61fcfd7bfbb116f2-FRA
expires: Tue, 01 Feb 2022 09:19:46 GMT

GET
H3-Q050 200 special.min.css
paste.co.id/css/skins/ 3 KB
921 B 145ms
109ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/skins/special.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: d801a7aee4bfe2c958fd643f0cbeec4594298233004ada814fbff90eeb0b1c0b

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:46 GMT
content-encoding: br
last-modified: Wed, 24 Apr 2019 12:08:22 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 776
expires: Thu, 18 Feb 2021 09:19:46 GMT

GET
H3-Q050 200 app.min.css
paste.co.id/css/ 648 B
263 B 146ms
110ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/app.min.css?v=1.2
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:46 GMT
content-encoding: br
last-modified: Fri, 05 Jun 2020 17:06:52 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 217
expires: Thu, 18 Feb 2021 09:19:46 GMT

GET
H3-Q050 200 prism-okadia.css
paste.co.id/plugins/prismjs/ 13 KB
3 KB 145ms
110ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism-okadia.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:46 GMT
content-encoding: br
last-modified: Tue, 29 Jan 2019 22:43:52 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3353
expires: Thu, 18 Feb 2021 09:19:46 GMT

GET
H2 200 3509488 Show response
inpagepush.com/400/ 79 KB
28 KB 65ms
27ms Script
application/javascript 139.45.196.72
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3509488

Requested by

Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.72 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

a99fcdcb14d086d4be997f4e643343db10d511bc07439d9cebf2a7c77fda0314

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: 76d2895c9387c91618177b80b2dbc873
pragma: no-cache
date: Thu, 11 Feb 2021 09:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK ntfc.php Show response
seeptoag.net/ 14 KB
6 KB 52ms
15ms Script
application/javascript 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/ntfc.php?p=3534037
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: d6288ae95bae940aa16ee045e4fdaae0a5f074914ac9cac19148bf051fea4613

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 09:19:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2021 09:55:25 GMT
Server: nginx
ETag: W/"601a730d-373e"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H3-Q050 200 default-avatar.png
paste.co.id/img/ 7 KB
7 KB 141ms
137ms Image
image/png 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paste.co.id/img/default-avatar.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:46 GMT
last-modified: Wed, 28 Nov 2018 16:58:44 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6957
expires: Thu, 18 Feb 2021 09:19:46 GMT

GET
H2 200 paste.co.id.997452.js Show response
jsc.mgid.com/p/a/ 241 KB
65 KB 113ms
75ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f62ba05dc6245204c88c0b20ef0d78bb14f36d23f9531d08710b02d8929299

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:46 GMT
content-encoding: br
cf-cache-status: HIT
age: 1738
cf-polished: origSize=246737
last-modified: Mon, 08 Feb 2021 10:06:43 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: F67270F72D83ECEF
x-amz-id-2: TY0EZFk9z40jw34k4+P1W+21vzZ0RoXGH1YToaLeYswnfza27PqiZ+ubJsR+3qEy/9glWGFu6eI=
cf-bgj: minify
server: cloudflare
etag: W/"641c944448e5f7924a16f9066bc4c6ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 0831fcc28700001e91fa362000000001
cf-ray: 61fcfd7dad771e91-AMS
expires: Thu, 11 Feb 2021 12:19:46 GMT

GET
H2 200 paste.co.id.914924.js Show response
jsc.mgid.com/p/a/ 240 KB
66 KB 80ms
43ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bd926d6d570248d95edc9c52fdf5e242823ab3bb383fe38dcf85721402bdce5

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:46 GMT
content-encoding: br
cf-cache-status: HIT
age: 1738
cf-polished: origSize=246173
last-modified: Mon, 08 Feb 2021 09:55:09 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2F440965CB6C21A2
x-amz-id-2: FszI4P36keaK9sAY/4cRQiClhL+6XzmpxNDmJ9ykmHg2vCNsx9t5I2sXFVwjjMLLy5E9BRXfUG4=
cf-bgj: minify
server: cloudflare
etag: W/"b2e69ed3e1ac1f58d9b58a32db71f08e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 0831fcc28500001e910e856000000001
cf-ray: 61fcfd7dad7a1e91-AMS
expires: Thu, 11 Feb 2021 12:19:46 GMT

GET
H/1.1 403
Forbidden /
www.qrcoder.co.uk/api/v1/ 0
0 136ms
28ms Image
text/html 109.203.125.88
NODE4-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.qrcoder.co.uk/api/v1/?size=4&text=https%3A%2F%2Fpaste.co.id%2F3wkFHWaVQT
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 109.203.125.88 Salford, United Kingdom, ASN31727 (NODE4-AS, GB),
Reverse DNS: server.switchtowood.co.uk
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK logo.png
berkas.co/ds1/img/ 4 KB
4 KB 200ms
108ms Image
image/png 173.249.18.21
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://berkas.co/ds1/img/logo.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.249.18.21 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: berkas.co
Software: nginx/1.16.1 / RHZ SECURITY
Resource Hash: 5eb58957336c213965803eb8f38617c70deea70a22470a4e66a0712a870e9c09

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 11 Feb 2021 09:19:46 GMT
ETag: "e5e-5a81d91e86dc0"
Last-Modified: Mon, 15 Jun 2020 11:17:19 GMT
Server: nginx/1.16.1
X-Powered-By: RHZ SECURITY
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3678

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
27 KB 14ms
14ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 35101
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
cf-request-id: 0831fcc212000016f270217000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9xZjIkqEtu%2BU8K9qwkdUVCUXS0aBBewHw3yap1NNRDL4Enqc7tr1Fs%2FQe7YDmS3nQPkMjPHtLY19ebtvQe371zBT1qWUYgpQcZXRirNXFXar%2BdJK3c4zzc6oJCMhvBJKpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61fcfd7ced0e16f2-FRA
expires: Tue, 01 Feb 2022 09:19:46 GMT

GET
H3-Q050 200 bootstrap.min.js Show response
paste.co.id/js/ 50 KB
13 KB 45ms
44ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/bootstrap.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:46 GMT
content-encoding: br
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13430
expires: Thu, 18 Feb 2021 09:19:46 GMT

GET
H3-Q050 200 mdb.min.js Show response
paste.co.id/js/ 204 KB
60 KB 50ms
50ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/mdb.min.js?v=2
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:46 GMT
content-encoding: br
last-modified: Tue, 29 Jan 2019 22:15:46 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 61240
expires: Thu, 18 Feb 2021 09:19:46 GMT

GET
H2 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/ 65 KB
16 KB 18ms
12ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/select2.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4080130
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15668
cf-request-id: 0831fcc25d000016f23a080000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-1042e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PKA8yy9Knr7hGO0oKiDgLnUY%2FhCWKxa7K6s7WNBclA09A5eedMlIiMs3yuZmUCyI5H90nSafUZetvcgHAHKTLoky0eaFjyswbkhe0Ry3GXjJd5p07Uh34nZSOtbh1uZg1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61fcfd7d6dbe16f2-FRA
expires: Tue, 01 Feb 2022 09:19:46 GMT

GET
H3-Q050 200 ads.js Show response
paste.co.id/js/ 22 B
68 B 128ms
123ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/ads.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:46 GMT
last-modified: Sat, 14 Mar 2020 00:25:06 GMT
server: LiteSpeed
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 22
expires: Thu, 18 Feb 2021 09:19:46 GMT

GET
H3-Q050 200 app.min.js Show response
paste.co.id/js/ 1 KB
688 B 128ms
123ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/app.min.js?v=1.5
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:46 GMT
content-encoding: br
last-modified: Sat, 14 Mar 2020 00:34:12 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 639
expires: Thu, 18 Feb 2021 09:19:46 GMT

GET
H3-Q050 200 prism.js Show response
paste.co.id/plugins/prismjs/ 328 KB
116 KB 128ms
123ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:46 GMT
content-encoding: br
last-modified: Sat, 24 Nov 2018 17:17:38 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 118363
expires: Thu, 18 Feb 2021 09:19:46 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 42ms
27ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-174907544-1

Requested by

Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b0a3d1224b3c29f3f96d00e58bd4fcbe177be1208d3e44d7ae40ec2f43ed9df0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39147
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Feb 2021 09:19:46 GMT

GET
H2 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel/ 37 KB
12 KB 840ms
291ms Script
application/javascript 2405:4240:1:2::3
TMK-AS-AP PT Tele...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2405:4240:1:2::3 -, , ASN135370 (TMK-AS-AP PT Telematika Mitrakreasi, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.26
Resource Hash: f6cb2c4c9c079acc6d20bb301334911ce189df64c8db2efb2ea1b99df30f206c

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: cache
date: Thu, 11 Feb 2021 09:19:47 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.26
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
expires: Thu, 11 Feb 2021 09:24:47 GMT

GET
H2 200 tag.min.js Show response
iclickcdn.com/ 81 KB
23 KB 46ms
20ms Script
application/javascript 2606:4700:20::681a:c76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iclickcdn.com/tag.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf44440b5a5d9f372b338ca5859fa02f7a8997b19bfe709fff0bd40a6d6f7f79

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
age: 34012
access-control-allow-methods: GET, POST, OPTIONS
cf-request-id: 0831fcc27500002bc63d1d6000000001
x-trace-id: 17f0838c79e7d33e588c8b741ef7d08b
pragma: no-cache
last-modified: Tue, 09 Feb 2021 16:02:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZKZRBY%2FMTwbiTq7Fmo6IXf5mmehxDZS2YetHrdKZzJZmOAB1OY2sG0uUNPdaAMetCMsMbKaCYK9mHcnEjC5k%2BZNR9GlBAWh3H20PMaChLvZoOin81%2FOiX6ev"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 61fcfd7d8e882bc6-FRA
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Thu, 11 Feb 2021 23:52:54 GMT

GET
H3-Q050 200 Roboto-Light.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 122ms
120ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Light.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:46 GMT
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 49380
expires: Thu, 18 Feb 2021 09:19:46 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 11ms
7ms Font
font/woff2 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://paste.co.id
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 77171

GET
H3-Q050 200 Roboto-Regular.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 125ms
123ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Regular.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:46 GMT
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 49236
expires: Thu, 18 Feb 2021 09:19:46 GMT

GET
H3-Q050 200 Roboto-Bold.woff2
paste.co.id/font/roboto/ 49 KB
49 KB 102ms
101ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Bold.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:46 GMT
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 49976
expires: Thu, 18 Feb 2021 09:19:46 GMT

GET
H/1.1 200
OK zone Show response
seeptoag.net/ 717 B
1 KB 17ms
16ms Fetch
application/json 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/zone?pub=0&zone_id=3534037&is_mobile=false&domain=paste.co.id&var=&ymid=&var_3=

Requested by

Host: seeptoag.net
URL: https://seeptoag.net/ntfc.php?p=3534037

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

453f9df9106e4568ca9baf1eaf5b4e427db1dd360b2a03c103044c292abf4afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 293ba3319d60f0f7244c1cf046e3cc5d
Date: Thu, 11 Feb 2021 09:19:46 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 717

GET
H/1.1 200
OK universal.min.js Show response
seeptoag.net/pfe/current/ 106 KB
38 KB 64ms
29ms Fetch
application/javascript 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/pfe/current/universal.min.js?v=3.1.282
Requested by: Host: seeptoag.net
URL: https://seeptoag.net/ntfc.php?p=3534037
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 976772d64052b8a91bfc0448e8e5653477618071a4b64758a7f2b4bc7db3d96d

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 09:19:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2021 09:55:25 GMT
Server: nginx
ETag: W/"601a730d-1a972"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 / Show response
bedrapiona.com/5/3724584/ 3 KB
2 KB 58ms
22ms XHR
application/json 139.45.197.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/3724584/?oo=1
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.8 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: f6cd37b7a2b881dbef06e1c01f3429be87e66bfac29c65ecac06612f2a8638ea

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: d5a6410f15131f75055e79303bf4fff8
pragma: no-cache, no-cache
date: Thu, 11 Feb 2021 09:19:47 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://paste.co.id
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
1 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

297b33ba930feb975c6869804a999ec114c2235b151d019e4e844902f3ce41c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 08:30:13 GMT
server: ESF
date: Thu, 11 Feb 2021 09:19:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Feb 2021 09:19:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
623 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 08:14:07 GMT
server: ESF
date: Thu, 11 Feb 2021 09:19:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Feb 2021 09:19:46 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 23ms
22ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:47 GMT
content-encoding: br
cf-cache-status: HIT
age: 7068
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: DCB403D7254D6E85
x-amz-id-2: Cnwert1GiENoysUfBDXPF2oxBVB7KvQCrQPePrf/gjyjLKV6G2s01OhrGpZe00vVtwDUBpnt1yc=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 0831fcc35200001e91200c0000000001
cf-ray: 61fcfd7ee8b31e91-AMS

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 532ebb63b21f25cd2321d533fa378e22801af099c6b8b115d66f5fb2a9b9f482

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 3724582 Show response
inpagepush.com/400/ 79 KB
28 KB 22ms
21ms Script
application/javascript 139.45.196.72
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3724582

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.72 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

a8228818bcb7fb0de8785755c0fc687dd0073736e333b36430f1f401c4a54d55

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: e0babeb72389c8565f7f5ae2c058b141
pragma: no-cache
date: Thu, 11 Feb 2021 09:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 1 Show response
toglooman.com/ 7 KB
4 KB 107ms
17ms Script
text/javascript 139.45.195.167
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/1?z=3724583
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.167 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: d9c2702d0420ba6e4e78c7d97f28beb8e764fb215a3625e12b3044e24d4a664e

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:47 GMT
content-encoding: gzip
x-sc: u57az7cwlVcehhXltcVGbd8aFe6YQETo-q2KAlbnQYJU07Dm3LXwp7aMrdaiJ5IZxk_qxks0oDdqkEwePbOO1KeSSgU=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 fac.php
onmarshtompor.com/ Frame 4DE1 0
0 52ms
15ms Document
text/plain 139.45.197.48
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/fac.php

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.48 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onmarshtompor.com
:scheme: https
:path: /fac.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/3wkFHWaVQT
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/3wkFHWaVQT

Response headers

server: nginx
date: Thu, 11 Feb 2021 09:19:47 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
x-trace-id: 2444e6fdee8e58c78177c6261bd6e05c
strict-transport-security: max-age=1
x-content-type-options: nosniff

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 16:25:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 233662
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 08 Feb 2022 16:25:25 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 05:54:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 185104
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Wed, 09 Feb 2022 05:54:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 05:54:34 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 185113
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 09 Feb 2022 05:54:34 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 27ms
13ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/css?family=Open+Sans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 22:00:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 40748
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 10 Feb 2022 22:00:39 GMT

GET
H2 200 1 Show response
servicer.mgid.com/914924/ 3 KB
2 KB 70ms
69ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/914924/1?w=844&h=250&cols=2&pv=5&cbuster=1613035187197148057069&uniqId=0a2f3&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2F3wkFHWaVQT&lu=https%3A%2F%2Fpaste.co.id%2F3wkFHWaVQT&pageView=1&pvid=1779063abfda415912c&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5daad4259f68bcc772ed930cc61d9a4ca65b26f4fc6f14390f87f3d162e3e33a

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61fcfd800b101e91-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0831fcc40900001e91f891e000000001

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 48ms
15ms XHR
application/json 139.45.196.87
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.87 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

73064e713837f4253032748be12a1ebf69bc97946854460521008e3c4fdbeaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:47 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/ 10 KB
3 KB 12ms
11ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/plugins/prismjs/prism.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2462953
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2905
cf-request-id: 0831fcc4da000016f2893ad000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e29-29a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1l90Ety9IFBgS5BmkUcjaWVp3eLidjJee0l%2Fg0xMn7K1AJqq4BM3OWQ6oZxK28nDVbcaTXIYqiIwtym4pKw8A0%2Fz3Ptl4UC%2Bp8cMYmvGtLRXU5QDB3YkF4OySTlr5FePLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61fcfd815c4516f2-FRA
expires: Tue, 01 Feb 2022 09:19:47 GMT

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 78ms
77ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?w=840&h=234&p3_w=201&p3_h=189&cols=4&pv=5&cbuster=1613035187422660619150&uniqId=04716&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2F3wkFHWaVQT&lu=https%3A%2F%2Fpaste.co.id%2F3wkFHWaVQT&pageView=0&pvid=1779063acdeba6f4ef6&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e332d4376f93d507785c0e40ebb393158f9b2177332aea644f8f61c0a22bb7d7

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61fcfd818e6f1e91-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0831fcc4f600001e91dea0c000000001

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 70ms
69ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?w=840&h=234&p3_w=201&p3_h=189&cols=4&pv=5&cbuster=1613035187466776006044&uniqId=0542e&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2F3wkFHWaVQT&lu=https%3A%2F%2Fpaste.co.id%2F3wkFHWaVQT&pageView=0&pvid=1779063ad0aac3d6634&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea0cb8726787299cf57adacc1a64df97f338eb47442d9a2131f949c684c1475e

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61fcfd81bed41e91-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0831fcc51400001e91cc056000000001

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 69ms
68ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?w=255&h=431&p3_w=90&p3_h=183&cols=2&pv=5&cbuster=1613035187468589749805&uniqId=0bb83&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2F3wkFHWaVQT&lu=https%3A%2F%2Fpaste.co.id%2F3wkFHWaVQT&pageView=0&pvid=1779063ad0cb495c7aa&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e56b63116ab202ceed714b293abc2113659eea150b8537b8d848ca6e55308f63

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61fcfd81beda1e91-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0831fcc51600001e91020c1000000001

POST
H3-Q050 200 get-paste Show response
paste.co.id/ 2 KB
1 KB 3010ms
3009ms XHR
application/json 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/get-paste
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed / PHP/7.3.24
Resource Hash: edd9844fa890c361761b8a06d0051b3fe0eb83a3f317042e6de0abcfa89c10e9

Request headers

Accept: */*
Referer: https://paste.co.id/3wkFHWaVQT
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 11 Feb 2021 09:19:50 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.24
vary: Accept-Encoding
content-type: application/json
x-ratelimit-remaining: 58
cache-control: no-cache, private
x-ratelimit-limit: 60
content-length: 376

GET
H2 200 abae4c9ff902156d9bc9e64900f2daed Show response
toglooman.com/27/ 361 KB
118 KB 26ms
25ms Script
application/javascript 139.45.195.167
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://toglooman.com/27/abae4c9ff902156d9bc9e64900f2daed

Requested by

Host: toglooman.com
URL: https://toglooman.com/1?z=3724583

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.167 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

6f51dacdee8bd8ec54a1f90450b98954c322ea13c8efc8682f99caeeaac96f6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Feb 2021 10:29:13 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age:290304000, public
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Thu, 06 Mar 2081 10:29:13 GMT

GET
H2 200 38 Show response
toglooman.com/42/ 0
495 B 54ms
53ms Script
text/plain 139.45.195.167
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/42/38?z=3724583
Requested by: Host: toglooman.com
URL: https://toglooman.com/1?z=3724583
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.167 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:47 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 45ms
21ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137362802-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-174907544-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d50ed89d7bef91de44d84358afd57151f1022cfc0a40e85c48c21e7313012ea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39158
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Feb 2021 09:19:47 GMT

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
118 B 17ms
14ms Image
image/gif 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-174907544-1&cv=1&v=3&t=t&pid=691998500&rv=230&es=1&e=gtm.init&eid=1&u=AAAC&tc=1&z=0

Requested by

Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:47 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
21 B 19ms
16ms Image
image/gif 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-174907544-1&cv=1&v=3&t=t&pid=691998500&rv=230&es=1&e=gtm.js&eid=2&u=AAAC&tc=1&tr=1rep&ti=1rep&z=0

Requested by

Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:47 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 3509488
inpagepush.com/500/ Frame 0
0 45ms
14ms Other 139.45.196.72
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3509488?excludes=&oaid=a14787aea8f544f29abcd12552a1847b&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Fpaste.co.id%2F3wkFHWaVQT&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Server

139.45.196.72 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 11 Feb 2021 09:19:47 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://paste.co.id
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 3509488 Show response
inpagepush.com/500/ 1011 B
1 KB 20ms
20ms XHR
application/javascript 139.45.196.72
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.72 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

21cf7d5414983345b3d5c1147034569482b98e355b02ce419f085935ac405407

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 7daf5a4acc7d4e3a76ce0113d65ac434
pragma: no-cache
date: Thu, 11 Feb 2021 09:19:47 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
content-length: 1011
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
1003 B 83ms
69ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1613035187553391413746
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31db7727102c35cddba7987bbaa137b08eaf9ff7e7bd9a03b6b4daa9ccfe377e

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 2c76bcc8-8417-4303-963f-46fc4b70ebd0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61fcfd8258511e91-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0831fcc57a00001e91f893b000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame A7DD 19 B
610 B 77ms
76ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1613035187559756183083
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: e5de31c2-5a72-47e4-aaea-edc476af1760
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61fcfd8288ac1e91-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0831fcc59200001e91d00de000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzcxNDkzMDc4YjMzMzRmYjk1MzRjOGEwMmYxMzQ5OThkLmpwZw.webp
s-img.mgid.com/g/8193516/370x209/0x299x1080x720/ 9 KB
9 KB 26ms
23ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193516/370x209/0x299x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzcxNDkzMDc4YjMzMzRmYjk1MzRjOGEwMmYxMzQ5OThkLmpwZw.webp?v=1613035187-WkMaMBohjPbpyXqWjqtwyUMatQdWdzalRegGu-d7oGc
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac75635ed39dcdc8c915c37dc8bdabd76b96452a2ef424bcd0e316fa08b610dc

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:47 GMT
cf-cache-status: HIT
x-mg-request-uuid: 56f0469d-3218-4e0e-a48b-8c31d521c983
age: 93333
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8906
cf-request-id: 0831fcc57900001e91b28bb000000001
last-modified: Wed, 10 Feb 2021 07:16:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61fcfd8258491e91-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp
s-img.mgid.com/g/8164889/370x209/0x124x565x376/ 9 KB
9 KB 26ms
23ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164889/370x209/0x124x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp?v=1613035187-DeQvsCp1U2rczrvBJOqST3KkNZFcSCDmFy7w5njvpGE
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff33bb71ebddf644ff2b2b2da49311440572ec957c1675ef2799ec80a884bba6

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:47 GMT
cf-cache-status: HIT
x-mg-request-uuid: 068cf1fd-2ffa-4c9c-b81d-c89b177273ec
age: 255263
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9250
cf-request-id: 0831fcc57900001e91c3ac1000000001
last-modified: Mon, 08 Feb 2021 10:20:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61fcfd82584c1e91-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp
s-img.mgid.com/g/8164883/370x209/0x0x492x328/ 7 KB
7 KB 37ms
34ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164883/370x209/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp?v=1613035187-N73FLi7FbtXlEmy_IKvpQG6djaH9V63RezA-hnpFIes
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 061105649a68170ec0c32f8fdcbeea091be65a304098f3c896220d4ab251c5a1

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:47 GMT
cf-cache-status: HIT
x-mg-request-uuid: 1d72c559-c7e5-4051-805d-3a149dc0c649
age: 255411
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6726
cf-request-id: 0831fcc57b00001e91b7017000000001
last-modified: Mon, 08 Feb 2021 10:21:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61fcfd82584d1e91-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNWFhYTJjMWJkZGVmMzJmMzE5MzE3OWU0ZDNkODk3My5qcGVn.webp
s-img.mgid.com/g/8164848/370x209/0x0x2243x1495/ 11 KB
11 KB 26ms
24ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164848/370x209/0x0x2243x1495/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNWFhYTJjMWJkZGVmMzJmMzE5MzE3OWU0ZDNkODk3My5qcGVn.webp?v=1613035187-2bvmEbKAIK4-HepHBGJo_oW3M5jOSc9GJiU_KvWJEPI
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fb04f90ff1f264f35ed17a2c748377b0a9a7b31abd3537f00053ce48fd2d205

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:47 GMT
cf-cache-status: HIT
x-mg-request-uuid: 20f1e768-a0b1-406a-82a4-535a5608cdd7
age: 254734
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11180
cf-request-id: 0831fcc57900001e91dea17000000001
last-modified: Mon, 08 Feb 2021 10:22:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61fcfd8258401e91-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2E5M2RiOGJlNTg5ZDYxZGFmYmRmMmNlM2U0MDdlOTBmLmpwZWc.webp
s-img.mgid.com/g/8164845/492x328/0x0x1083x722/ 24 KB
24 KB 23ms
22ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164845/492x328/0x0x1083x722/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2E5M2RiOGJlNTg5ZDYxZGFmYmRmMmNlM2U0MDdlOTBmLmpwZWc.webp?v=1613035187-QhiUKtFhmndciPiSAjZfHzVsfTNX8dKtz866Fepw4IM
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ea5a16c6c568ee4e7e0935c48bb53411911f73e24ee7dc7f7ad6f9feb811ce1

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:47 GMT
cf-cache-status: HIT
x-mg-request-uuid: 43f8e0de-6f4f-444e-9f82-0bc02e923c30
age: 255295
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24662
cf-request-id: 0831fcc5a000001e91d7b5c000000001
last-modified: Mon, 08 Feb 2021 10:20:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61fcfd8298f81e91-AMS

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC81MTkxYzA2OTg5NGRjNmYzN...
s-img.mgid.com/g/8164852/492x328/-/ 22 KB
22 KB 26ms
25ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164852/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC81MTkxYzA2OTg5NGRjNmYzNTQ3ZDA4ODNmMWMyYmJkOC5qcGc.webp?v=1613035187-0Q-xnkKhYcBtuZVyfJFtvpNBkbkoqNcdL5o-VS2FXVg
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ac05781d1a4eec5d40e9b668ee97489a3c6adc8104e4f7610ce2f07b02cb2e7

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:47 GMT
cf-cache-status: HIT
x-mg-request-uuid: 380f8f8d-5761-450d-a582-efa629d0f97b
age: 255467
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22712
cf-request-id: 0831fcc5a100001e91fd8e0000000001
last-modified: Mon, 08 Feb 2021 10:20:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61fcfd8298fb1e91-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp
s-img.mgid.com/g/8193525/492x328/0x311x684x456/ 16 KB
16 KB 25ms
24ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193525/492x328/0x311x684x456/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp?v=1613035187-DPq82AuWJJ4jHUrtJjcp7EZT3ksRpnU15x7lcqRPhik
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32288afbbd582a50540b8ff709114b8ecc273d16be5364e4e5e0ad9f8904630a

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:47 GMT
cf-cache-status: HIT
x-mg-request-uuid: 83ea9310-9927-45aa-bf24-3f5c73b4aac5
age: 93765
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16692
cf-request-id: 0831fcc5a100001e911f1da000000001
last-modified: Wed, 10 Feb 2021 07:15:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61fcfd8298fd1e91-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzFjMDgwZWRhYWYxOGQwYWFhZmI4NDNjMWJjZTZkZDhkLnBuZw.webp
s-img.mgid.com/g/8193536/492x328/24x0x530x353/ 15 KB
15 KB 30ms
29ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193536/492x328/24x0x530x353/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzFjMDgwZWRhYWYxOGQwYWFhZmI4NDNjMWJjZTZkZDhkLnBuZw.webp?v=1613035187-nSLFf7ieyc0IfvT3NQlkDYpi4SMzu899EMaOnDRYeU8
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 116e11b0e60d3fbee191c04447957deeaac6bc02604b29abefa1bf0b3a7ab3bb

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:47 GMT
cf-cache-status: HIT
x-mg-request-uuid: 112f2c5a-ab6e-4778-8654-1d837927857f
age: 93786
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15088
cf-request-id: 0831fcc5a200001e91bc239000000001
last-modified: Wed, 10 Feb 2021 07:15:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61fcfd8298ff1e91-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNjMwNThmNGE5ZDNhOTI3ZjczOWIyZWQzNmYzNjkwNi5qcGVn.webp
s-img.mgid.com/g/8193537/492x328/0x168x510x340/ 47 KB
47 KB 28ms
27ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193537/492x328/0x168x510x340/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8zNjMwNThmNGE5ZDNhOTI3ZjczOWIyZWQzNmYzNjkwNi5qcGVn.webp?v=1613035187-zjWbEniLEkpNjrO6fljouwze99lYIktyJ1aynwhbkTo
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa26dacced73f4559cbfef850bb5020eb8f5225021ccce2bc54fe4c0645b0bbd

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:47 GMT
cf-cache-status: HIT
x-mg-request-uuid: f9fe6b26-a235-4b91-bc5d-60cd1a017c8c
age: 93761
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48220
cf-request-id: 0831fcc5b100001e91bd3b7000000001
last-modified: Wed, 10 Feb 2021 07:15:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61fcfd82b9381e91-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp
s-img.mgid.com/g/8164884/492x328/0x0x1001x667/ 21 KB
21 KB 29ms
28ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164884/492x328/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDUvMTAxOTI0LzA2ZWM0NWZkMzdjZmYxNTI4MzVjNjEzMDMxMmE5NjYxLmpwZWc.webp?v=1613035187-ul15MNsxYQw8E6odV-eB057LIltLu2p7dqr2nhlq6Kc
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 416ad5ca4d012266fa88ed4a3941d48cb2638e931a9634b4de9434abf2e7572e

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:47 GMT
cf-cache-status: HIT
x-mg-request-uuid: 2834b0e0-f884-4a1c-88a7-c089645ceba0
age: 255418
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21184
cf-request-id: 0831fcc5b200001e91eb244000000001
last-modified: Mon, 08 Feb 2021 10:20:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61fcfd82b93b1e91-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp
s-img.mgid.com/g/8164865/492x328/0x0x900x600/ 21 KB
22 KB 25ms
25ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164865/492x328/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp?v=1613035187-armpaQRXdO_hnUhHIWhHuHYFQCKnpLfxS6PAFQeNyi0
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbe28a1b807c1e7e6c98e4c5900817dc26fe9ee04cd549d97c9cdb057003ab78

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:47 GMT
cf-cache-status: HIT
x-mg-request-uuid: 6076d8da-21b5-43f5-a52c-bfcdaa40ce58
age: 255469
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21892
cf-request-id: 0831fcc5b700001e91130bd000000001
last-modified: Mon, 08 Feb 2021 10:20:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61fcfd82b9491e91-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzQ0N2UwYWEyZjFmYjU0OWMwMThiMmI1NDQ5YjFjMTgwLmpwZw.webp
s-img.mgid.com/g/8193528/492x328/0x81x600x400/ 8 KB
9 KB 24ms
24ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193528/492x328/0x81x600x400/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzQ0N2UwYWEyZjFmYjU0OWMwMThiMmI1NDQ5YjFjMTgwLmpwZw.webp?v=1613035187-KaygsG7dgmtw2mLRGEBvdzUYFlA0bCX0ohn20epOX0g
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb948a83c0273180b468b91a1f0d700f9945fe4d1f7e7b5b81e4ce163c3c60d3

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:47 GMT
cf-cache-status: HIT
x-mg-request-uuid: 6948ef21-04d9-414f-aa38-2a047b4b111b
age: 93598
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8620
cf-request-id: 0831fcc5b500001e91b4330000000001
last-modified: Wed, 10 Feb 2021 07:15:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61fcfd82b94b1e91-AMS

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC9lMzhlMzlmNTcwODQzOTU5M...
s-img.mgid.com/g/8193497/492x328/-/ 22 KB
22 KB 24ms
22ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193497/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC9lMzhlMzlmNTcwODQzOTU5MGFiMWI5OWQ4MTlmNDM0Ny5qcGc.webp?v=1613035187-Intq-2kcEmznFJouGE4CHLK8ZWoPJLF1oe27qH3ZshQ
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9021446be5708f0cc01d535420b4b7f2692c813939262aa7bf57889cbe6aa5b7

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:47 GMT
cf-cache-status: HIT
x-mg-request-uuid: d211af4e-a984-4f2c-a1d6-86e0d19cad09
age: 93366
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22510
cf-request-id: 0831fcc5be00001e91b4332000000001
last-modified: Wed, 10 Feb 2021 07:15:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61fcfd82c9761e91-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDktMDcvMTAxOTI0LzEwYzY3NTkzMmIzZTIwYjIyMDZkOGQ1NjZiM2ZhZGU1LmpwZWc_dD0xNTM2MzE4NzUzODE4.webp
s-img.mgid.com/g/8164923/492x328/2x284x493x328/ 13 KB
13 KB 25ms
25ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164923/492x328/2x284x493x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDktMDcvMTAxOTI0LzEwYzY3NTkzMmIzZTIwYjIyMDZkOGQ1NjZiM2ZhZGU1LmpwZWc_dD0xNTM2MzE4NzUzODE4.webp?v=1613035187-NIQ71TWwaEe_Czcf6WajJEZ4w0fg0CbyxhG4NorocVE
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3bf17896b19ccc5536ea62170aa8d8d28e3f89a13d024eeff8e4e88f4cf3676

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:47 GMT
cf-cache-status: HIT
x-mg-request-uuid: 15f1cb65-a995-4bfd-8dc4-cf4d14331b4d
age: 255215
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13432
cf-request-id: 0831fcc5c200001e91eaae1000000001
last-modified: Mon, 08 Feb 2021 10:20:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61fcfd82c9881e91-AMS

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC81N2FjZDYwMGU3ODUyY2I1Z...
s-img.mgid.com/g/8164827/492x328/-/ 6 KB
6 KB 23ms
22ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164827/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC81N2FjZDYwMGU3ODUyY2I1ZjMzMGUwMGIwMjYzN2U1My5qcGc.webp?v=1613035187-jNJXtFttqmox4qqWDcaomXLQPA3zi2zd2EfVqsbq0O0
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 153232d7a63e1f452827ba72a1fddd4b964a322ae067c29301c4cede21f0d043

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:47 GMT
cf-cache-status: HIT
x-mg-request-uuid: 55f67ad5-3bd7-4e4b-bec4-357fc635dd35
age: 255458
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6014
cf-request-id: 0831fcc5c200001e91fd8e5000000001
last-modified: Mon, 08 Feb 2021 10:20:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61fcfd82c98d1e91-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp
s-img.mgid.com/g/8164883/492x328/0x0x492x328/ 12 KB
12 KB 22ms
22ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164883/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzIwOWY0ODAyNmU2NjY1ZjAzMWRlZDMyNzE5ZWI1ZmEwLmpwZw.webp?v=1613035187-LHagGwMoCGWWA1HGLygArRMIFocIa2vtdd8QffVzBZs
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8c3f71afbeeed7e2dd4c4f436a8f1b75b8cc09a9849ef2f842016500d0f4788

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:47 GMT
cf-cache-status: HIT
x-mg-request-uuid: d8e78f98-a398-4514-9a5c-b7de211ead42
age: 255486
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12392
cf-request-id: 0831fcc5c100001e91243f8000000001
last-modified: Mon, 08 Feb 2021 10:20:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 61fcfd82c98b1e91-AMS

GET
H2 200 widget-ssp-performance
c.mgid.com/ 43 B
260 B 153ms
148ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/widget-ssp-performance?time=70
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 61fcfd82c9801e91-AMS
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0831fcc5bf00001e91113bb000000001

GET
H2 200 0276441336168.png
littlecdn.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/ 6 KB
7 KB 37ms
11ms Image
image/png 2606:4700:10::6816:1874
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/0276441336168.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b3e928c0bf59b7e48ad949290f60585d1cbe2f43fe80aa8b560af4c7ff5d159

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:47 GMT
cf-cache-status: HIT
age: 2236
content-length: 6498
cf-request-id: 0831fcc5d100001e47371d7000000001
last-modified: Fri, 07 Feb 2020 15:37:35 GMT
server: cloudflare
etag: "5e3d843f-1962"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61fcfd82ebd21e47-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

OPTIONS
H2 204 9
toglooman.com/ Frame 0
0 47ms
17ms Other 139.45.195.167
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=3724583&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaste.co.id%2F3wkFHWaVQT&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=&hil=2&ist=0
Protocol: H2
Server: 139.45.195.167 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 11 Feb 2021 09:19:47 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://paste.co.id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 online.js Show response
static.lalaping.com/ 84 KB
33 KB 44ms
28ms Script
application/javascript 2606:4700:20::681a:87b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lalaping.com/online.js?ver=2.0.0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/abae4c9ff902156d9bc9e64900f2daed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:87b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 17:10:39 GMT
server: cloudflare
age: 2250
etag: W/"5fbbed0f-14f3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cik6pdymt69bzPHr%2BGgIqDJd4i1DQnMAAqElBjrSB5smQ%2FbQOx6%2BWgtUe3Cxv%2BTH6WxTN4uxM7kqZxSvFGNGzCnMAIN1Hnb%2FiJyEyuE5MxNgW1Ens4wYNtT6TTgSebgo"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 61fcfd832e352c22-FRA
cf-request-id: 0831fcc5f900002c22a095a000000001

POST
H2 204 9 Show response
toglooman.com/ 0
506 B 16ms
16ms XHR
text/plain 139.45.195.167
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=3724583&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaste.co.id%2F3wkFHWaVQT&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=&hil=2&ist=0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/abae4c9ff902156d9bc9e64900f2daed
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.167 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:47 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137362802-1&l=dataLayer&cx=c

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6880
date: Thu, 11 Feb 2021 07:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 11 Feb 2021 09:25:07 GMT

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame BF4B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

69ms
23ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1613035187553391413746
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://paste.co.id/3wkFHWaVQT
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/3wkFHWaVQT

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "40295-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Thu, 11 Feb 2021 09:19:47 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Thu, 11 Feb 2021 09:19:47 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDFiTEhCaUpkNGox&muidn=l1bLHBiJd4j1
https://cm.mgid.com/google?muidn=l1bLHBiJd4j1&google_ula={guid},5&google_gid=CAESEHaZM29eayLV3oqofIqiWVE&google_cver=1

0
233 B

66ms
65ms

Image
text/plain

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l1bLHBiJd4j1&google_ula={guid},5&google_gid=CAESEHaZM29eayLV3oqofIqiWVE&google_cver=1
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61fcfd89ba8b1e91-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0831fcca1200001e91e7b51000000001

Redirect headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l1bLHBiJd4j1&google_ula={guid},5&google_gid=CAESEHaZM29eayLV3oqofIqiWVE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l1bLHBiJd4j1
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l1bLHBiJd4j1
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0785789a-f140-416a-a1e0-a7dfc4090e48&gdpr=&gdpr_consent=&gdpr_pd=

1 B
949 B

94ms
22ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0785789a-f140-416a-a1e0-a7dfc4090e48&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Thu, 11 Feb 2021 09:19:48 GMT
X-lat: Pug23039:0:388
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0785789a-f140-416a-a1e0-a7dfc4090e48&gdpr=&gdpr_consent=&gdpr_pd=
date: Thu, 11 Feb 2021 09:19:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=HxOP42sJO0GnHYw0spq2&pi=mgid&tc=1

43 B
226 B

68ms
67ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=HxOP42sJO0GnHYw0spq2&pi=mgid&tc=1
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:48 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 80f06453-f77a-4e1e-af6b-f7dc71ccc7fe
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61fcfd89db0e1e91-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0831fcca2c00001e91b43a8000000001
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=HxOP42sJO0GnHYw0spq2&pi=mgid&tc=1
pragma: no-cache
date: Thu, 11 Feb 2021 09:19:48 GMT, Thu, 11 Feb 2021 09:19:48 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
623 B 116ms
76ms Image
image/gif 104.19.216.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l1bLHBiJd4j1
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 61fcfd83bdd84c62-AMS
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0831fcc65300004c62261da000000001

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=EYWhtXmXkE7Extjdf710WTIP&ssp=mgid
https://cm.mgid.com/m?cdsp=433145&c=0785789a-f140-416a-a1e0-a7dfc4090e48&gdpr=&gdpr_consent=&us_privacy=

43 B
265 B

67ms
66ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=0785789a-f140-416a-a1e0-a7dfc4090e48&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:49 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 7d04fd9a-751f-40e8-a2d6-df45bee05125
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61fcfd8afdbf1e91-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0831fccade00001e91c6284000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=0785789a-f140-416a-a1e0-a7dfc4090e48&gdpr=&gdpr_consent=&us_privacy=
date: Thu, 11 Feb 2021 09:19:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=102422c0-3f7c-4655-b958-5c0af250524f&ttl=1615627188

43 B
227 B

84ms
83ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=102422c0-3f7c-4655-b958-5c0af250524f&ttl=1615627188
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:48 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: d67da458-f5bd-4878-a322-6154cf3b27f6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61fcfd8a2bbd1e91-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0831fcca5c00001e91fa028000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:48 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=102422c0-3f7c-4655-b958-5c0af250524f&ttl=1615627188
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
555 B 109ms
63ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l1bLHBiJd4j1
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 61fcfd83cfc00bfd-AMS
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 0831fcc65900000bfd1eaa1000000001

POST
H3-Q050 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
77 B 471ms
471ms XHR
text/html 2405:4240:1:2::3
TMK-AS-AP PT Tele...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2405:4240:1:2::3 -, , ASN135370 (TMK-AS-AP PT Telematika Mitrakreasi, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.26
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:48 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.26
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H3-Q050 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 478ms
296ms Other
text/html 2405:4240:1:2::3
TMK-AS-AP PT Tele...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Server: 2405:4240:1:2::3 -, , ASN135370 (TMK-AS-AP PT Telematika Mitrakreasi, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.26
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.26
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Thu, 11 Feb 2021 09:19:48 GMT
server: LiteSpeed

OPTIONS
H3-Q050 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 228ms
228ms Other
text/html 2405:4240:1:2::3
TMK-AS-AP PT Tele...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Server: 2405:4240:1:2::3 -, , ASN135370 (TMK-AS-AP PT Telematika Mitrakreasi, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.26
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.26
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Thu, 11 Feb 2021 09:19:48 GMT
server: LiteSpeed

POST
H3-Q050 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
102 B 305ms
304ms XHR
text/html 2405:4240:1:2::3
TMK-AS-AP PT Tele...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2405:4240:1:2::3 -, , ASN135370 (TMK-AS-AP PT Telematika Mitrakreasi, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.26
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:49 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.26
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
44 B 15ms
15ms Image
image/gif 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-174907544-1&cv=1&v=3&t=t&pid=691998500&rv=230&e=gtm.js&eid=2&u=CAAC&tc=1&tr=5rep&ti=1rep&z=0

Requested by

Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:48 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
63 B 12ms
12ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1597678325&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2F3wkFHWaVQT&ul=en-us&de=UTF-8&dt=Untitled%20-%20Paste.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=933662441&gjid=49214421&cid=845736198.1613035189&tid=UA-137362802-1&_gid=375256245.1613035189&_r=1&gtm=2ou230&z=956904908

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
24 B 12ms
12ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1597678325&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2F3wkFHWaVQT&ul=en-us&de=UTF-8&dt=Untitled%20-%20Paste.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUABAAAAAC~&jid=1892956247&gjid=80140088&cid=845736198.1613035189&tid=UA-174907544-1&_gid=375256245.1613035189&_r=1&gtm=2ou230&z=567483231

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 5 KB
5 KB 41ms
39ms Image
image/png 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5087
x-xss-protection: 0
expires: Thu, 11 Feb 2021 09:19:48 GMT

GET
H3-Q050 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 41ms
40ms Image
image/png 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5969
x-xss-protection: 0
expires: Thu, 11 Feb 2021 09:19:48 GMT

GET
H3-Q050 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 13 KB
13 KB 42ms
41ms Image
image/png 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13504
x-xss-protection: 0
expires: Thu, 11 Feb 2021 09:19:48 GMT

GET
H3-Q050 200 googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 7 KB
7 KB 41ms
40ms Image
image/png 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
expires: Thu, 11 Feb 2021 09:19:48 GMT

GET
H3-Q050 200 googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 4 KB
4 KB 42ms
40ms Image
image/png 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3934
x-xss-protection: 0
expires: Thu, 11 Feb 2021 09:19:48 GMT

GET
H2 200 c
c.mgid.com/ 43 B
155 B 156ms
156ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=414|107|8|mB4ARl87ngXTlHWTLpvjTR6DBmVBcD8p-htkT7PehW43JYiX4rJepdlDrHEdcg59&fw=1&extjs=66044&v=414|107|8|mB4ARl87ngXTlHWTLpvjTYrqLZS5l3LJFa1nWh5hZnOf1XSnHUnK8jtPl3OwMjWj&v=414|108|8|mB4ARl87ngXTlHWTLpvjTTKXvocw8m23hsCs-rkfkOMKChw5KRE3pMDwQY9WhTEQ&v=414|108|8|mB4ARl87ngXTlHWTLpvjTU9f3wghoXbn9g3DfseEzMoBeoFV9sjf2Ri2z9Zd1GWm&cid=914924&h2=71Qx9xsxXZn9VkabdW_pyzLEnn3-qRAcQl2_4jf7ivw*&rid=48f66402-6c4a-11eb-b699-d094662f8ab5&tt=Direct&iv=11&pageImp=1&muid=l1bLHBiJd4j1&cbuster=1613035188799915449118&tpl=0
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:48 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: c75b4b90-38aa-437f-9ad3-eb27e943310b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61fcfd8a2bba1e91-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0831fcca5b00001e91f89be000000001
server: cloudflare

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
85 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-137362802-1&cid=845736198.1613035189&jid=933662441&gjid=49214421&_gid=375256245.1613035189&_u=IEBAAUAAAAAAAC~&z=886338563

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 11 Feb 2021 09:19:48 GMT
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK custom
seeptoag.net/ Frame 0
0 14ms
14ms Other
text/plain 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 11 Feb 2021 09:19:48 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
seeptoag.net/ 39 B
486 B 15ms
15ms Fetch
application/json 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 41cc8d94bd38359ab4c01627d5dc4283
Date: Thu, 11 Feb 2021 09:19:48 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 52ms
15ms Fetch
application/json 139.45.196.87
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=a3c9a43a0665450abdd9a545db1faa0e&zoneId=3534037&checkDuplicate=true&ymid=&var=

Requested by

Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.87 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4c0329fa80258ea92a5cfa19e276bc7574d698321f70bdd3e22d10ca99ae727c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:48 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
142 B 18ms
17ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-137362802-1&cid=845736198.1613035189&jid=933662441&_u=IEBAAUAAAAAAAC~&z=1747901371

Requested by

Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
483 B 66ms
52ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-137362802-1&cid=845736198.1613035189&jid=933662441&_u=IEBAAUAAAAAAAC~&z=1747901371

Requested by

Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c
c.mgid.com/ 43 B
155 B 135ms
134ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=202|219|40|nbZFRYia4tJXbMMNPsyQCiBX2rE1PA_Kyep65uEc9vx60jBlU3KP1QcAbUUXXgh_&fw=1&extjs=66044&v=202|219|8|nbZFRYia4tJXbMMNPsyQCgyTLjJM0opF7GHR6N70-LRRJucaLOSHrErFh4kIlWDL&v=202|219|8|nbZFRYia4tJXbMMNPsyQCuXnmm5Q9Lv3jZG57x1OP0oJRsGUKnsfsAbFg64VckI_&v=202|219|8|nbZFRYia4tJXbMMNPsyQCs1YhRkAEQBsDBsGlTLquUeJkKYhNV4TRdgBLErfBVSZ&cid=997452&h2=71Qx9xsxXZn9VkabdW_pyzLEnn3-qRAcQl2_4jf7ivw*&rid=491ac2f7-6c4a-11eb-9e2e-d094662c24f7&tt=Direct&iv=11&pageImp=0&muid=l1bLHBiJd4j1&cbuster=1613035188850967972575&tpl=0
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:48 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 24c6909c-23b4-40c4-afc5-3dcaa1e8a6f4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61fcfd8a5c331e91-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0831fcca7b00001e91b43b0000000001
server: cloudflare

GET
H/1.1 200
OK defaultSkin.min.js Show response
seeptoag.net/pfe/current/ 56 KB
19 KB 20ms
19ms Fetch
application/javascript 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/pfe/current/defaultSkin.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Feb 2021 09:19:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Feb 2021 09:55:25 GMT
Server: nginx
ETag: W/"601a730d-de6b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ Frame 0E7E 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H/1.1 200
OK custom
seeptoag.net/ Frame 0
0 15ms
14ms Other
text/plain 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 11 Feb 2021 09:19:48 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
seeptoag.net/ 39 B
486 B 16ms
15ms Fetch
application/json 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: a5eae81f6aa6365df777cc5b1324cffa
Date: Thu, 11 Feb 2021 09:19:48 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

OPTIONS
H/1.1 200
OK custom
seeptoag.net/ Frame 0
0 15ms
14ms Other
text/plain 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 11 Feb 2021 09:19:49 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
seeptoag.net/ 39 B
486 B 15ms
15ms Fetch
application/json 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/3wkFHWaVQT

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 12a262a8d65a62b0e11019bb88f10f42
Date: Thu, 11 Feb 2021 09:19:49 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
44 B 15ms
15ms Image
image/gif 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=UA-174907544-1&cv=1&v=3&t=t&pid=691998500&rv=230&es=1&e=gtm.load&eid=14&u=CAAC&tc=1&z=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:49 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3-Q050 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 220ms
220ms Other
text/html 2405:4240:1:2::3
TMK-AS-AP PT Tele...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Server: 2405:4240:1:2::3 -, , ASN135370 (TMK-AS-AP PT Telematika Mitrakreasi, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.26
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.26
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Thu, 11 Feb 2021 09:19:49 GMT
server: LiteSpeed

POST
H2 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
87 B 1562ms
289ms XHR
text/html 2405:4240:1:2::3
TMK-AS-AP PT Tele...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2405:4240:1:2::3 -, , ASN135370 (TMK-AS-AP PT Telematika Mitrakreasi, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.26
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:51 GMT
server: LiteSpeed
access-control-allow-headers: Content-Type
x-powered-by: PHP/7.3.26
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 c
c.mgid.com/ 43 B
257 B 137ms
136ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?pv=3&v=90|196|24|nbZFRYia4tJXbMMNPsyQCvObjBsjhnoQoBP3ay6d-eyLWwDkEq1c2ZmPvIuF9BWX&fw=1&extjs=66044&v=90|196|24|nbZFRYia4tJXbMMNPsyQCnrXB2bQYPwMvpgBduYUo9VdCC2evFUrlcRBXTtaG7XQ&cid=997452&h2=71Qx9xsxXZn9VkabdW_pyzLEnn3-qRAcQl2_4jf7ivw*&rid=491ee0b5-6c4a-11eb-bf14-d094662c1c35&tt=Direct&iv=11&pageImp=0&muid=l1bLHBiJd4j1&cbuster=1613035189766480185200&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:49 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 6cd50aff-fa83-405d-91b3-a5738e6412f9
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 61fcfd9019131e91-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0831fcce0f00001e91b4001000000001
server: cloudflare

OPTIONS
H/1.1 200
OK add
o.wowreality.info/api/log/ Frame 0
0 46ms
14ms Other 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Protocol: HTTP/1.1
Server: 139.45.195.254 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 11 Feb 2021 09:19:50 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://paste.co.id

POST
H/1.1 200
OK add Show response
o.wowreality.info/api/log/ 0
398 B 60ms
29ms XHR
text/plain 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Requested by: Host: static.lalaping.com
URL: https://static.lalaping.com/online.js?ver=2.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

Date: Thu, 11 Feb 2021 09:19:50 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length: 0

OPTIONS
H2 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 399ms
282ms Other
text/html 2405:4240:1:2::3
TMK-AS-AP PT Tele...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H2
Server: 2405:4240:1:2::3 -, , ASN135370 (TMK-AS-AP PT Telematika Mitrakreasi, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.26
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.26
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Thu, 11 Feb 2021 09:19:51 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

POST
H3-Q050 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
101 B 277ms
271ms XHR
text/html 2405:4240:1:2::3
TMK-AS-AP PT Tele...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2405:4240:1:2::3 -, , ASN135370 (TMK-AS-AP PT Telematika Mitrakreasi, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.26
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:51 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.26
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 3IDfB-HU49_XsNBpf_Qcou_-s58CxC-QqOswBJQNOxF0chvnafCM2EZYVn2mU9HJj0b0dp6irfoJ7YzfJMFVmh1ON6v4H2HfNd5wqmv_mooO3JO937WNFnGp0POnOmhZ1gIDxgenFsnaQdli_hHZxpOaD7cqlM0TgDHWK7iJU9fkpCaOYrEMz2WhLB0=
dutorterraom.com/impression/ 43 B
326 B 50ms
15ms Image
image/gif 139.45.196.93
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dutorterraom.com/impression/3IDfB-HU49_XsNBpf_Qcou_-s58CxC-QqOswBJQNOxF0chvnafCM2EZYVn2mU9HJj0b0dp6irfoJ7YzfJMFVmh1ON6v4H2HfNd5wqmv_mooO3JO937WNFnGp0POnOmhZ1gIDxgenFsnaQdli_hHZxpOaD7cqlM0TgDHWK7iJU9fkpCaOYrEMz2WhLB0=?z=3509488&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fpaste.co.id%2F3wkFHWaVQT&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.93 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-trace-id: e0ccf6d7bd19b6723a1aa07cc37700b3
pragma: no-cache
date: Thu, 11 Feb 2021 09:19:56 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
content-length: 43
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 0276441336168.png
littlecdn.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/ Frame CB39 6 KB
7 KB 11ms
11ms Image
image/png 2606:4700:10::6816:1874
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/contents/s/2a/a3/91/e7f052d79c0c021ef2fff38db2/0276441336168.png
Requested by: Host: inpagepush.com
URL: https://inpagepush.com/400/3509488
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b3e928c0bf59b7e48ad949290f60585d1cbe2f43fe80aa8b560af4c7ff5d159

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 09:19:56 GMT
cf-cache-status: HIT
age: 2245
content-length: 6498
cf-request-id: 0831fcea2100001e47989ee000000001
last-modified: Fri, 07 Feb 2020 15:37:35 GMT
server: cloudflare
etag: "5e3d843f-1962"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 61fcfdbd08881e47-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 204 3509488 Show response
inpagepush.com/500/ 0
440 B 28ms
28ms XHR
text/plain 139.45.196.72
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3509488?excludes=6762719&oaid=a14787aea8f544f29abcd12552a1847b&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&pl=https%3A%2F%2Fpaste.co.id%2F3wkFHWaVQT&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.72 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 22e970ae612390e651975be2a9fda596
pragma: no-cache
date: Thu, 11 Feb 2021 09:19:57 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H2 200 3509488
inpagepush.com/500/ Frame 0
0 16ms
15ms Other 139.45.196.72
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

139.45.196.72 , Ascension Island, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 11 Feb 2021 09:19:57 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://paste.co.id
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

POST
H3-Q050 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
102 B 282ms
281ms XHR
text/html 2405:4240:1:2::3
TMK-AS-AP PT Tele...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2405:4240:1:2::3 -, , ASN135370 (TMK-AS-AP PT Telematika Mitrakreasi, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.26
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:58 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.26
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H3-Q050 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 230ms
229ms Other
text/html 2405:4240:1:2::3
TMK-AS-AP PT Tele...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Server: 2405:4240:1:2::3 -, , ASN135370 (TMK-AS-AP PT Telematika Mitrakreasi, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.26
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.26
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Thu, 11 Feb 2021 09:19:57 GMT
server: LiteSpeed

POST
H3-Q050 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
102 B 241ms
241ms XHR
text/html 2405:4240:1:2::3
TMK-AS-AP PT Tele...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2405:4240:1:2::3 -, , ASN135370 (TMK-AS-AP PT Telematika Mitrakreasi, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.26
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:19:59 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.26
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H3-Q050 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 224ms
224ms Other
text/html 2405:4240:1:2::3
TMK-AS-AP PT Tele...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Server: 2405:4240:1:2::3 -, , ASN135370 (TMK-AS-AP PT Telematika Mitrakreasi, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.26
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.26
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Thu, 11 Feb 2021 09:19:58 GMT
server: LiteSpeed

POST
H2 200 nBAyUxs7QGbhHKnC Show response
arnalyze.net/pixel-track/ 0
109 B 466ms
466ms XHR
text/html 2405:4240:1:2::3
TMK-AS-AP PT Tele...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2405:4240:1:2::3 -, , ASN135370 (TMK-AS-AP PT Telematika Mitrakreasi, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.26
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:20:00 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.26
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H3-Q050 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 252ms
252ms Other
text/html 2405:4240:1:2::3
TMK-AS-AP PT Tele...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H3-Q050
Server: 2405:4240:1:2::3 -, , ASN135370 (TMK-AS-AP PT Telematika Mitrakreasi, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.26
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.26
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Thu, 11 Feb 2021 09:19:59 GMT
server: LiteSpeed

POST
H2 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ 0
111 B 300ms
300ms XHR
text/html 2405:4240:1:2::3
TMK-AS-AP PT Tele...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Requested by: Host: arnalyze.net
URL: https://arnalyze.net/pixel/nBAyUxs7QGbhHKnC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2405:4240:1:2::3 -, , ASN135370 (TMK-AS-AP PT Telematika Mitrakreasi, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.26
Resource Hash

Request headers

Referer: https://paste.co.id/3wkFHWaVQT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 09:20:01 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.26
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H2 200 nBAyUxs7QGbhHKnC
arnalyze.net/pixel-track/ Frame 0
0 223ms
223ms Other
text/html 2405:4240:1:2::3
TMK-AS-AP PT Tele...

General

Check archive.org

Show headers Download Go to

Full URL: https://arnalyze.net/pixel-track/nBAyUxs7QGbhHKnC
Protocol: H2
Server: 2405:4240:1:2::3 -, , ASN135370 (TMK-AS-AP PT Telematika Mitrakreasi, ID),
Reverse DNS
Software: LiteSpeed / PHP/7.3.26
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-powered-by: PHP/7.3.26
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Thu, 11 Feb 2021 09:20:00 GMT
server: LiteSpeed

Verdicts & Comments Add Verdict or Comment

198 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paste.co.id/	1970-01-19 16:03:55	Name: _gat_gtag_UA_137362802_1 Value: 1
.paste.co.id/	1970-01-19 16:03:55	Name: _gat_gtag_UA_174907544_1 Value: 1
.paste.co.id/	1970-01-20 09:35:07	Name: _ga Value: GA1.3.845736198.1613035189
paste.co.id/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%225I73rKev*%22%7D%2C%22C914924%22%3A%7B%22page%22%3A1%2C%22time%22%3A1613035187546%7D%2C%22C997452%22%3A%7B%22page%22%3A1%2C%22time%22%3A1613035187625%7D%7D
paste.co.id/	1970-01-19 16:04:02	Name: pasteshr_session Value: eyJpdiI6IjZ1WTlqUDRMTWx1V2ptWTBVbGZibnc9PSIsInZhbHVlIjoiV294RG01S2FNM0tVMDRLcXNjZHc5QlNhZHEwWUlZZjFRY3h1RnQ3dHp0OHpUVER6eHpLdTBYNmVtZXdsNGJ1YSIsIm1hYyI6ImY5ZDcwMjcyNTU4MzUxODRkOGFhMDc3YjFhZjFkOGUwMzEzYmM4MDc1MDk3NDc5NmI5OWM4ODMxOTRlZGM3OWIifQ%3D%3D
.paste.co.id/	1970-01-19 16:05:21	Name: _gid Value: GA1.3.375256245.1613035189
paste.co.id/	1970-01-19 16:04:02	Name: XSRF-TOKEN Value: eyJpdiI6IjB4XC93TzAwbHdOZEZOZWREWEdudlhBPT0iLCJ2YWx1ZSI6Ink3OFBLZ2wxVk4wN2J1QTY4WjA5QWhzSG5xMFJlRjhPYUhhYW1EZjlTSnM5c3NSOCs0cDJTZFRreUJlRVZtc0kiLCJtYWMiOiJjMTkzZTUzOWU3OGExMDRjYzcwNTk5ZTk4NGE3NTYwZGYwZTE3YWE3MzljOWUzOWRjYjhjYTEzODFlOTA1MjMzIn0%3D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js(Line 1) Message: [object HTMLImageElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ams.creativecdn.com
arnalyze.net
bedrapiona.com
berkas.co
c.mgid.com
cdn.mgid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
dutorterraom.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
green.erne.co
iclickcdn.com
inpagepush.com
jsc.mgid.com
littlecdn.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
my.rtmark.net
o.wowreality.info
onmarshtompor.com
paste.co.id
s-img.mgid.com
secure-assets.rubiconproject.com
seeptoag.net
servicer.mgid.com
simage2.pubmatic.com
static.lalaping.com
stats.g.doubleclick.net
toglooman.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.qrcoder.co.uk
x.bidswitch.net
104.16.221.74
104.19.133.78
104.19.216.61
109.203.125.88
139.45.195.167
139.45.195.254
139.45.196.209
139.45.196.72
139.45.196.87
139.45.196.93
139.45.197.48
139.45.197.8
142.250.185.130
173.249.18.21
185.184.8.30
185.64.190.80
2001:4de0:ac19::1:b:1b
2001:4de0:ac19::1:b:3a
23.37.42.132
2405:4240:1:2::3
2606:4700:10::6816:1874
2606:4700:20::681a:87b
2606:4700:20::681a:c76
2606:4700::6810:135e
2a00:1450:4001:800::2008
2a00:1450:4001:800::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2003
2a00:1450:4001:828::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2004
2a00:1450:400c:c04::9d
34.246.61.84
35.156.158.150
5.189.137.168
94.23.171.206
061105649a68170ec0c32f8fdcbeea091be65a304098f3c896220d4ab251c5a1
073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669
0b3e928c0bf59b7e48ad949290f60585d1cbe2f43fe80aa8b560af4c7ff5d159
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
116e11b0e60d3fbee191c04447957deeaac6bc02604b29abefa1bf0b3a7ab3bb
140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c
153232d7a63e1f452827ba72a1fddd4b964a322ae067c29301c4cede21f0d043
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
21cf7d5414983345b3d5c1147034569482b98e355b02ce419f085935ac405407
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
297b33ba930feb975c6869804a999ec114c2235b151d019e4e844902f3ce41c4
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
2ac05781d1a4eec5d40e9b668ee97489a3c6adc8104e4f7610ce2f07b02cb2e7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
2fb04f90ff1f264f35ed17a2c748377b0a9a7b31abd3537f00053ce48fd2d205
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
31db7727102c35cddba7987bbaa137b08eaf9ff7e7bd9a03b6b4daa9ccfe377e
32288afbbd582a50540b8ff709114b8ecc273d16be5364e4e5e0ad9f8904630a
36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6
40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3
416ad5ca4d012266fa88ed4a3941d48cb2638e931a9634b4de9434abf2e7572e
453f9df9106e4568ca9baf1eaf5b4e427db1dd360b2a03c103044c292abf4afc
4c0329fa80258ea92a5cfa19e276bc7574d698321f70bdd3e22d10ca99ae727c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
532ebb63b21f25cd2321d533fa378e22801af099c6b8b115d66f5fb2a9b9f482
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5daad4259f68bcc772ed930cc61d9a4ca65b26f4fc6f14390f87f3d162e3e33a
5ea5a16c6c568ee4e7e0935c48bb53411911f73e24ee7dc7f7ad6f9feb811ce1
5eb58957336c213965803eb8f38617c70deea70a22470a4e66a0712a870e9c09
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f51dacdee8bd8ec54a1f90450b98954c322ea13c8efc8682f99caeeaac96f6c
73064e713837f4253032748be12a1ebf69bc97946854460521008e3c4fdbeaed
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7bd926d6d570248d95edc9c52fdf5e242823ab3bb383fe38dcf85721402bdce5
8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b
83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045
8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716
900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93
9021446be5708f0cc01d535420b4b7f2692c813939262aa7bf57889cbe6aa5b7
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75
976772d64052b8a91bfc0448e8e5653477618071a4b64758a7f2b4bc7db3d96d
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
a8228818bcb7fb0de8785755c0fc687dd0073736e333b36430f1f401c4a54d55
a99fcdcb14d086d4be997f4e643343db10d511bc07439d9cebf2a7c77fda0314
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa26dacced73f4559cbfef850bb5020eb8f5225021ccce2bc54fe4c0645b0bbd
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
ac75635ed39dcdc8c915c37dc8bdabd76b96452a2ef424bcd0e316fa08b610dc
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a
b0a3d1224b3c29f3f96d00e58bd4fcbe177be1208d3e44d7ae40ec2f43ed9df0
b3bf17896b19ccc5536ea62170aa8d8d28e3f89a13d024eeff8e4e88f4cf3676
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
b8c3f71afbeeed7e2dd4c4f436a8f1b75b8cc09a9849ef2f842016500d0f4788
c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
c7f62ba05dc6245204c88c0b20ef0d78bb14f36d23f9531d08710b02d8929299
cf44440b5a5d9f372b338ca5859fa02f7a8997b19bfe709fff0bd40a6d6f7f79
cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58
d50ed89d7bef91de44d84358afd57151f1022cfc0a40e85c48c21e7313012ea2
d6288ae95bae940aa16ee045e4fdaae0a5f074914ac9cac19148bf051fea4613
d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517
d801a7aee4bfe2c958fd643f0cbeec4594298233004ada814fbff90eeb0b1c0b
d9c2702d0420ba6e4e78c7d97f28beb8e764fb215a3625e12b3044e24d4a664e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e332d4376f93d507785c0e40ebb393158f9b2177332aea644f8f61c0a22bb7d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e56b63116ab202ceed714b293abc2113659eea150b8537b8d848ca6e55308f63
ea0cb8726787299cf57adacc1a64df97f338eb47442d9a2131f949c684c1475e
ea7f2ca477f401d156ad0c717510e50626344b11f62f17d4f92ffc7e987a5a4c
edd9844fa890c361761b8a06d0051b3fe0eb83a3f317042e6de0abcfa89c10e9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6cb2c4c9c079acc6d20bb301334911ce189df64c8db2efb2ea1b99df30f206c
f6cd37b7a2b881dbef06e1c01f3429be87e66bfac29c65ecac06612f2a8638ea
fb948a83c0273180b468b91a1f0d700f9945fe4d1f7e7b5b81e4ce163c3c60d3
fbe28a1b807c1e7e6c98e4c5900817dc26fe9ee04cd549d97c9cdb057003ab78
ff33bb71ebddf644ff2b2b2da49311440572ec957c1675ef2799ec80a884bba6
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

paste.co.id Open in urlscan Pro 5.189.137.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

133 Requests

100 %HTTPS

42 %IPv6

33 Domains

41 Subdomains

32 IPs

10 Countries

1466 kBTransfer

3506 kBSize

7 Cookies

45 Outgoing links

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paste.co.id Open in urlscan Pro
5.189.137.168 Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

100 %
HTTPS

42 %
IPv6

33
Domains

41
Subdomains

32
IPs

10
Countries

1466 kB
Transfer

3506 kB
Size

7
Cookies

133 HTTP transactions
3 data transactions