paste.co.id Open in urlscan Pro
2606:4700:3034::681f:4ec2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paste.co.id/F3noLNPmdb
Submission: On September 25 via api (September 25th 2020, 6:58:30 pm UTC) from US

Summary HTTP 134 Redirects Links 39 Behaviour Indicators

Summary

This website contacted 30 IPs in 10 countries across 31 domains to perform 134 HTTP transactions. The main IP is 2606:4700:3034::681f:4ec2, located in United States and belongs to CLOUDFLARENET, US. The main domain is paste.co.id.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 10th 2020. Valid for: a year.

This is the only time paste.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2606:4700:303... 2606:4700:3034::681f:4ec2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2606:4700::68... 2606:4700::6811:4e6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE)
5	139.45.196.10 139.45.196.10	9002 (RETN-AS) (RETN-AS)
10	139.45.196.209 139.45.196.209	9002 (RETN-AS) (RETN-AS)
3 39	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	109.203.125.88 109.203.125.88	31727 (NODE4-AS) (NODE4-AS)
1	173.249.18.21 173.249.18.21	51167 (CONTABO) (CONTABO)
13	103.16.198.218 103.16.198.218	131775 (IDNIC-JAL...) (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta)
2	35.190.91.111 35.190.91.111	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	216.58.205.230 216.58.205.230	15169 (GOOGLE) (GOOGLE)
2	139.45.196.25 139.45.196.25	9002 (RETN-AS) (RETN-AS)
3	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1 2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	35.157.226.135 35.157.226.135	16509 (AMAZON-02) (AMAZON-02)
2 2	18.197.99.6 18.197.99.6	16509 (AMAZON-02) (AMAZON-02)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1	23.105.245.4 23.105.245.4	7979 (SERVERS-COM) (SERVERS-COM)
1 1	99.86.243.97 99.86.243.97	16509 (AMAZON-02) (AMAZON-02)
2 2	54.229.128.207 54.229.128.207	16509 (AMAZON-02) (AMAZON-02)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	139.45.196.40 139.45.196.40	9002 (RETN-AS) (RETN-AS)
1	104.19.139.80 104.19.139.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
134	30

19 2606:4700:3034::681f:4ec2 (United States)

ASN13335 (CLOUDFLARENET, US)

paste.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:4e6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.196.10 (Ascension Island)

ASN9002 (RETN-AS, EU)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.196.209 (Ascension Island)

ASN9002 (RETN-AS, EU)

seeptoag.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 104.19.136.78 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.203.125.88 (Salford, United Kingdom)

ASN31727 (NODE4-AS, GB)
PTR: euk-88894.eukservers.com

www.qrcoder.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.249.18.21 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: berkas.co

berkas.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 103.16.198.218 (Indonesia)

ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID)
PTR: ip-103.16.198.218.rhzahra.com

analytics.rhzahra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.111 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 111.91.190.35.bc.googleusercontent.com

lovelydrum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.205.230 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f230.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.196.25 (Ascension Island)

ASN9002 (RETN-AS, EU)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.157.226.135 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-226-135.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.99.6 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-99-6.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.245.4 (Russian Federation)

ASN7979 (SERVERS-COM, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.243.97 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-97.vie50.r.cloudfront.net

cm.smadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.128.207 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-128-207.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.196.40 (Ascension Island)

ASN9002 (RETN-AS, EU)

onstunkyr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.139.80 (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	mgid.com 3 redirects jsc.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com c.mgid.com	575 KB
19	paste.co.id paste.co.id	455 KB
13	rhzahra.com analytics.rhzahra.com	13 KB
10	seeptoag.net seeptoag.net	92 KB
7	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	144 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	doubleclick.net 1 redirects ad.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net	2 KB
5	gstatic.com fonts.gstatic.com	49 KB
5	inpagepush.com inpagepush.com	28 KB
4	cloudflare.com cdnjs.cloudflare.com	50 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	googletagmanager.com www.googletagmanager.com	108 KB
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	adsrvr.org 2 redirects match.adsrvr.org	904 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com	2 KB
2	advertising.com 2 redirects pixel.advertising.com	730 B
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	279 B
2	google.de www.google.de adservice.google.de	1 KB
2	google.com www.google.com adservice.google.com	1 KB
2	rtmark.net my.rtmark.net	2 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	lovelydrum.com lovelydrum.com	30 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
1	steepto.com s-img.steepto.com	6 KB
1	onstunkyr.com onstunkyr.com	482 B
1	googletagservices.com www.googletagservices.com	27 KB
1	idealmedia.io cm.idealmedia.io	556 B
1	smadex.com 1 redirects cm.smadex.com	526 B
1	lentainform.com cm.lentainform.com	328 B
1	berkas.co berkas.co	4 KB
1	qrcoder.co.uk www.qrcoder.co.uk	672 B
134	31

	Domain	Requested by
19	s-img.mgid.com	paste.co.id
19	paste.co.id	paste.co.id cdnjs.cloudflare.com
13	analytics.rhzahra.com	paste.co.id analytics.rhzahra.com
10	seeptoag.net	paste.co.id seeptoag.net
6	cm.mgid.com	jsc.mgid.com paste.co.id
5	c.mgid.com	3 redirects
5	x.bidswitch.net	5 redirects
5	fonts.gstatic.com	fonts.googleapis.com
5	inpagepush.com	paste.co.id inpagepush.com
4	pagead2.googlesyndication.com	paste.co.id pagead2.googlesyndication.com
4	servicer.mgid.com	jsc.mgid.com
4	jsc.mgid.com	paste.co.id
4	cdnjs.cloudflare.com	paste.co.id
3	tpc.googlesyndication.com	lovelydrum.com pagead2.googlesyndication.com tpc.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	paste.co.id www.googletagmanager.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	match.adsrvr.org	2 redirects
2	ups.analytics.yahoo.com	1 redirects paste.co.id
2	pixel.advertising.com	2 redirects
2	my.rtmark.net	inpagepush.com paste.co.id
2	fonts.googleapis.com	paste.co.id
2	lovelydrum.com	paste.co.id lovelydrum.com
2	maxcdn.bootstrapcdn.com	paste.co.id maxcdn.bootstrapcdn.com
1	s-img.steepto.com
1	onstunkyr.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	cm.g.doubleclick.net	1 redirects
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	cm.idealmedia.io	paste.co.id
1	cm.smadex.com	1 redirects
1	cm.lentainform.com	paste.co.id
1	eus.rubiconproject.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	www.google.de	paste.co.id
1	www.google.com	paste.co.id
1	stats.g.doubleclick.net	www.google-analytics.com
1	ad.doubleclick.net	lovelydrum.com
1	cdn.mgid.com	paste.co.id
1	berkas.co	paste.co.id
1	www.qrcoder.co.uk	paste.co.id
134	44

This site contains links to these domains. Also see Links.

Domain
cookie-consent.app.forthe.top
widgets.mgid.com
www.mgid.com
pastelink.net
pasteshr.com
paiza.io
pasteio.com
paste.ofcode.org
www.avis.ne.jp
paste.ee
slexy.org
pastebin.com
paste2.org
bpa.st
notes.io
0paste.com
www.textsnip.com
ideone.com
bitbin.it
berkas.co

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-10` - `2021-07-10`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
inpagepush.com Let's Encrypt Authority X3	`2020-08-15` - `2020-11-13`	3 months	crt.sh
seeptoag.net Let's Encrypt Authority X3	`2020-07-07` - `2020-10-05`	3 months	crt.sh
qrcoder.co.uk cPanel, Inc. Certification Authority	`2020-07-29` - `2020-10-27`	3 months	crt.sh
berkas.co Let's Encrypt Authority X3	`2020-07-12` - `2020-10-10`	3 months	crt.sh
analytics.rhzahra.com Let's Encrypt Authority X3	`2020-09-09` - `2020-12-08`	3 months	crt.sh
lovelydrum.com Let's Encrypt Authority X3	`2020-09-04` - `2020-12-03`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.rtmark.net Let's Encrypt Authority X3	`2020-08-28` - `2020-11-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-05-27` - `2020-11-23`	6 months	crt.sh
*.lentainform.com Go Daddy Secure Certificate Authority - G2	`2020-01-09` - `2021-01-20`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
onstunkyr.com Let's Encrypt Authority X3	`2020-07-15` - `2020-10-13`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://paste.co.id/F3noLNPmdb
Frame ID: E9594F5BD0AA11F4ADDD63474EE0C243
Requests: 118 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: 127898D21F26EE104E3D1770DB974CDE
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1601060293395104069863
Frame ID: C19714CA0DE4D3A89EBF89084CE69707
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 900CCAA9FE0CD1D0FA3C194F4D8376B1
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: BB8D550C2CC25352A1BB79DFF65B1406
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200923/r20190131/zrt_lookup.html
Frame ID: FF74EF4D5911DAA6808A2534D9182EBF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1601060294&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&tp=site_kit&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fpaste.co.id%2FF3noLNPmdb&ea=0&flash=0&pra=5&wgl=1&dt=1601060294159&bpp=14&bdt=2674&idt=114&shv=r20200923&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4266856166520&frm=20&pv=2&ga_vid=429436922.1601060293&ga_sid=1601060294&ga_hid=1355587482&ga_fc=0&iag=0&icsg=3377710458195906&dssz=44&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067105&oid=3&pvsid=204092714234588&pem=793&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=131
Frame ID: 914B068D86AF208B220401D6B69E7A42
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html
Frame ID: 743C7C6A38603C2CE93680B54F8A4B38
Requests: 1 HTTP requests in this frame

Frame: https://s-img.mgid.com/g/3885456/328x328/0x0x908x605/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhiZWM4YzQ3YjhmMmU1YmZiNzM3M2ViNDhhOGI4OGRjLmpwZWc%2A.webp
Frame ID: 6910742CF4E92D0DD1DA3B4B23B5BA79
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

134
Requests

97 %
HTTPS

40 %
IPv6

31
Domains

44
Subdomains

30
IPs

10
Countries

1692 kB
Transfer

4351 kB
Size

5
Cookies

39 Outgoing links

These are links going to different origins than the main page.

URL: https://cookie-consent.app.forthe.top/why-websites-use-cookies/
Title: Learn More

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=paste.co.id&utm_medium=referral&utm_campaign=widgets&utm_content=997452

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/5097654/i/57333099/0/pp/1/1?h=6lwBp5nk1fkvx9hoT6CIpZEmpB303RJ0p8Zuo7LBwuyePfyB9UFhuy6d5hW9YHyC&rid=0f916b72-ff61-11ea-8173-d094662c24f7&tt=Direct&cpm=1&iv=11&fp=c96b83a4fc91b6fa84345d54b8141b61&muid=k8pczAm8hIWb

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/5523127/i/57333099/0/pp/2/1?h=6lwBp5nk1fkvx9hoT6CIpeKP0iK0gWUEspqSOMXzkjaZLz6GWDR3Xel-hYePd80a&rid=0f916b72-ff61-11ea-8173-d094662c24f7&tt=Direct&cpm=1&iv=11&fp=c96b83a4fc91b6fa84345d54b8141b61&muid=k8pczAm8hIWb

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/4003649/i/57333099/0/pp/3/1?h=6lwBp5nk1fkvx9hoT6CIpdRsnGcRImhvAopri2DnTobkCksNapOlnVUwoAMG8ymK&rid=0f916b72-ff61-11ea-8173-d094662c24f7&tt=Direct&cpm=1&iv=11&fp=c96b83a4fc91b6fa84345d54b8141b61&muid=k8pczAm8hIWb

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805532/i/57333099/0/pp/4/1?h=6lwBp5nk1fkvx9hoT6CIpWcwJiBQLEsgmplmOR-32w4HVVQOxEbvb6wLLSDNhrwd&rid=0f916b72-ff61-11ea-8173-d094662c24f7&tt=Direct&cpm=1&iv=11&fp=c96b83a4fc91b6fa84345d54b8141b61&muid=k8pczAm8hIWb

Search URL Search Domain Scan URL

URL: https://pastelink.net/1u3gz
Title: https://pastelink.net/1u3gz

Search URL Search Domain Scan URL

URL: https://pasteshr.com/lz6VRPPHGR
Title: https://pasteshr.com/lz6VRPPHGR

Search URL Search Domain Scan URL

URL: https://paiza.io/projects/_tPzda0wLZKyZ9ACczFUEA?language=php
Title: https://paiza.io/projects/_tPzda0wLZKyZ9ACczFUEA?language=php

Search URL Search Domain Scan URL

URL: https://pasteio.com/xIE6v7vxmCVC
Title: https://pasteio.com/xIE6v7vxmCVC

Search URL Search Domain Scan URL

URL: https://paste.ofcode.org/YNTRcw84FG4sPysA6gELF9
Title: https://paste.ofcode.org/YNTRcw84FG4sPysA6gELF9

Search URL Search Domain Scan URL

URL: http://www.avis.ne.jp/cgi-usr/pasoken_bbs.cgi?cmd=regist
Title: http://www.avis.ne.jp/cgi-usr/pasoken_bbs.cgi?cmd=regist

Search URL Search Domain Scan URL

URL: https://paste.ee/p/VUkK7
Title: https://paste.ee/p/VUkK7

Search URL Search Domain Scan URL

URL: https://slexy.org/view/s2eQRkEqHg
Title: https://slexy.org/view/s2eQRkEqHg

Search URL Search Domain Scan URL

URL: https://pastebin.com/DGrKJMvJ
Title: https://pastebin.com/DGrKJMvJ

Search URL Search Domain Scan URL

URL: https://paste2.org/UPtK2Nj7
Title: https://paste2.org/UPtK2Nj7

Search URL Search Domain Scan URL

URL: https://bpa.st/UFRA
Title: https://bpa.st/UFRA

Search URL Search Domain Scan URL

URL: https://notes.io/9TnT
Title: https://notes.io/9TnT

Search URL Search Domain Scan URL

URL: https://0paste.com/76588
Title: https://0paste.com/76588

Search URL Search Domain Scan URL

URL: http://www.textsnip.com/9ynex6
Title: http://www.textsnip.com/9ynex6

Search URL Search Domain Scan URL

URL: https://ideone.com/KeaGy7
Title: https://ideone.com/KeaGy7

Search URL Search Domain Scan URL

URL: https://bitbin.it/ILcPyzt4/
Title: https://bitbin.it/ILcPyzt4/

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=paste.co.id&utm_medium=referral&utm_campaign=widgets&utm_content=914924

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/6288128/i/126987/0/pp/1/1?h=E27ZnC1hCShRmYHccbosFCWRMIyTNNAUKGA9XE6aD5tPt_sk2SgD14Rh1opdluk_&rid=0f858468-ff61-11ea-862d-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&fp=c96b83a4fc91b6fa84345d54b8141b61&muid=k8pczAm8hIWb

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805572/i/126987/0/pp/2/1?h=E27ZnC1hCShRmYHccbosFNe6ATe2_4FvkjOZV_oOh3v83EocEzlagZarkTlnWrdd&rid=0f858468-ff61-11ea-862d-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11&fp=c96b83a4fc91b6fa84345d54b8141b61&muid=k8pczAm8hIWb

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/4409132/i/126987/0/pp/3/1?h=E27ZnC1hCShRmYHccbosFJ9f_FiFYXbjQXn--kMuCv0t0wv9olMevNWuimst8WzI&rid=0f858468-ff61-11ea-862d-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&iv=11&fp=c96b83a4fc91b6fa84345d54b8141b61&muid=k8pczAm8hIWb

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3959825/i/126987/0/pp/4/1?h=E27ZnC1hCShRmYHccbosFLQYWaL4wYR6l6WYzCjOYICm3HrGWg__nOoWQ6RhG0nv&rid=0f858468-ff61-11ea-862d-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&iv=11&fp=c96b83a4fc91b6fa84345d54b8141b61&muid=k8pczAm8hIWb

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=paste.co.id&utm_medium=referral&utm_campaign=widgets&utm_content=997454

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/5097644/i/57333101/0/pp/1/1?h=hR2pQ1HA3X67lVrkWZIeMT8QVTxtJW7yobEPDNCNhjg4pR1wOMs0uGxfM0oxANeP&rid=0f8ca5a4-ff61-11ea-8173-d094662c24f7&tt=Direct&cpm=1&iv=11&fp=c96b83a4fc91b6fa84345d54b8141b61&muid=k8pc0zpf2DWb

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/4023132/i/57333101/0/pp/2/1?h=hR2pQ1HA3X67lVrkWZIeMZCrfGyJ59--9vO_e_ct08Bjdgx2XiinJeQ1to5pGR58&rid=0f8ca5a4-ff61-11ea-8173-d094662c24f7&tt=Direct&cpm=1&iv=11&fp=c96b83a4fc91b6fa84345d54b8141b61&muid=k8pc0zpf2DWb

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805463/i/57333101/0/pp/3/1?h=hR2pQ1HA3X67lVrkWZIeMWhlYpEQkMacZr6PSGMczq3xRm68i2GaZjixV4sfzxBX&rid=0f8ca5a4-ff61-11ea-8173-d094662c24f7&tt=Direct&cpm=1&iv=11&fp=c96b83a4fc91b6fa84345d54b8141b61&muid=k8pc0zpf2DWb

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3859212/i/57333101/0/pp/4/1?h=hR2pQ1HA3X67lVrkWZIeMRIBhbiA5CLe0rwPDynVRqKoJfRFnqk2Und45nn42OKo&rid=0f8ca5a4-ff61-11ea-8173-d094662c24f7&tt=Direct&cpm=1&iv=11&fp=c96b83a4fc91b6fa84345d54b8141b61&muid=k8pc0zpf2DWb

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/6288128/i/57333101/0/pp/5/1?h=hR2pQ1HA3X67lVrkWZIeMSWRMIyTNNAUKGA9XE6aD5smMVG7xeAIMdTqaRim5aH6&rid=0f8ca5a4-ff61-11ea-8173-d094662c24f7&tt=Direct&cpm=1&iv=11&fp=c96b83a4fc91b6fa84345d54b8141b61&muid=k8pc0zpf2DWb

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/4060552/i/57333101/0/pp/6/1?h=hR2pQ1HA3X67lVrkWZIeMWmM7yMNq69aF31NtXn7QiFyvwA5Qy-lTVKUcupluA-_&rid=0f8ca5a4-ff61-11ea-8173-d094662c24f7&tt=Direct&cpm=1&iv=11&fp=c96b83a4fc91b6fa84345d54b8141b61&muid=k8pc0zpf2DWb

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=paste.co.id&utm_medium=referral&utm_campaign=widgets&utm_content=997457

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/5523139/i/57333104/0/pp/1/1?h=jATqVfe1mBX_lQAN3WhoCX8vHJ7iiG0B-alCPuORMvzF7LdRrcxNxYpf_73_AFDV&rid=0f7ef238-ff61-11ea-862d-d094662f8ab5&tt=Direct&cpm=1&iv=11&fp=c96b83a4fc91b6fa84345d54b8141b61

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805572/i/57333104/0/pp/2/1?h=jATqVfe1mBX_lQAN3WhoCde6ATe2_4FvkjOZV_oOh3vXGbQ5s_xH_ZAgjOskwPkp&rid=0f7ef238-ff61-11ea-862d-d094662f8ab5&tt=Direct&cpm=1&iv=11&fp=c96b83a4fc91b6fa84345d54b8141b61

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/4060561/i/57333104/0/pp/3/1?h=jATqVfe1mBX_lQAN3WhoCXUtjbUZwIzB8A1f6v-UumfWotM5XpnVcOln9RZX4LyG&rid=0f7ef238-ff61-11ea-862d-d094662f8ab5&tt=Direct&cpm=1&iv=11&fp=c96b83a4fc91b6fa84345d54b8141b61

Search URL Search Domain Scan URL

URL: https://berkas.co/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 90

https://x.bidswitch.net/sync?dsp_id=303&user_id=k8pc0zpf2DWb HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k8pc0zpf2DWb HTTP 302
https://pixel.advertising.com/ups/55859/sync?uid=4ba11a45-e1f5-4330-a16d-5edc476a4b21&_origin=1&gdpr=&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55859/sync?uid=4ba11a45-e1f5-4330-a16d-5edc476a4b21&_origin=1&gdpr=&gdpr_consent=&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55859/sync?uid=4ba11a45-e1f5-4330-a16d-5edc476a4b21&_origin=1&gdpr=&gdpr_consent=&apid=UP104a8059-ff61-11ea-9033-062f8d100868 HTTP 302
https://ups.analytics.yahoo.com/ups/55859/sync?uid=4ba11a45-e1f5-4330-a16d-5edc476a4b21&_origin=1&gdpr=&gdpr_consent=&apid=UP104a8059-ff61-11ea-9033-062f8d100868&verify=true

Request Chain 92

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=mgid&bds_param=4ba11a45-e1f5-4330-a16d-5edc476a4b21 HTTP 302
https://x.bidswitch.net/sync?dsp_id=340&user_id=f3296a3a-4176-42e3-bfa4-0e10f8e62a2d&expires=10&ssp=mgid&bsw_param=4ba11a45-e1f5-4330-a16d-5edc476a4b21 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=4ba11a45-e1f5-4330-a16d-5edc476a4b21&gdpr=&gdpr_consent=&us_privacy=

Request Chain 93

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=b3ce39e8-2a5a-428e-989d-a9a37a797e51&ttl=1603652293

Request Chain 95

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=zuu0WI7WoOs5JRaytSJn&pi=mgid&tc=1

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azhwYzB6cGYyRFdi&muidn=k8pc0zpf2DWb HTTP 302
https://cm.mgid.com/google?muidn=k8pc0zpf2DWb&google_ula={guid},5&google_gid=CAESEPlLLXZdH9ZyJOKltOZjg_U&google_cver=1

Request Chain 104

https://c.mgid.com/c?pv=2&v=0|0|0|vQ80wMyiqg4rRuNYXDav6i5lOvW0O2AKwiRTcQAj4CaPQp7RKGXfljy0MSaTam70&cid=218581&f=1&h2=Rc8X-LhO-VoTw7Wdsqs1hJjTTID0YbOXxhOebYXuIZk*&rid=z3509488zb5295256bcDKcp2ph2020092513h&psid=1_3509488&cp=154&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzM4ODU0NTYvMzI4eDMyOC8weDB4OTA4eDYwNS9hSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01Ua3RNRGN2TVRBeE9USTBMemhpWldNNFl6UTNZamhtTW1VMVltWmlOek0zTTJWaU5EaGhPR0k0T0dSakxtcHdaV2MqLndlYnA= HTTP 301
https://s-img.mgid.com/g/3885456/328x328/0x0x908x605/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhiZWM4YzQ3YjhmMmU1YmZiNzM3M2ViNDhhOGI4OGRjLmpwZWc%2A.webp

Request Chain 126

https://c.mgid.com/c?pv=2&v=0|0|0|vQ80wMyiqg4rRuNYXDav6i5lOvW0O2AKwiRTcQAj4CaPQp7RKGXfljy0MSaTam70&cid=218581&f=1&h2=Rc8X-LhO-VoTw7Wdsqs1hJjTTID0YbOXxhOebYXuIZk*&rid=z3509488zb5295256bcDKcp2ph2020092513h&psid=1_3509488&cp=154&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzM4ODU0NTYvMzI4eDMyOC8weDB4OTA4eDYwNS9hSFIwY0RvdkwybHRaMmh2YzNSekxtTnZiUzkwTHpJd01Ua3RNRGN2TVRBeE9USTBMemhpWldNNFl6UTNZamhtTW1VMVltWmlOek0zTTJWaU5EaGhPR0k0T0dSakxtcHdaV2MqLndlYnA= HTTP 301
https://s-img.mgid.com/g/3885456/328x328/0x0x908x605/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhiZWM4YzQ3YjhmMmU1YmZiNzM3M2ViNDhhOGI4OGRjLmpwZWc%2A.webp

Request Chain 131

https://c.mgid.com/c?pv=2&v=0|0|0|3K0FFsoK_N21OPr99mF92zJu2eyM8k1qYuhpUYDlMr-IjNdGXhJC-Dp0TViV-Ncn&cid=949756&f=1&h2=Rc8X-LhO-VoTw7Wdsqs1hJjTTID0YbOXxhOebYXuIZk*&rid=z3509488zb6445615bcDKcp2ph2020092513h&psid=3509488&cp=154&iub=aHR0cHM6Ly9zLWltZy5zdGVlcHRvLmNvbS9nLzM4MDU0ODQvMzI4eDMyOC8weDE2NHgyMDQ2eDEzNjQvYUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MFpXMXdMekl3TVRjdE1EWXRNakF2TVRBeE9USTBMMkl4WWpaaE5qTXhOek15WlRNek56STBaVEV6WWpOa05tVmlORFJoT1dNd0xtcHdaejkwUFRFME9UYzVPRFF6T1RBM01UVSoud2VicA== HTTP 301
https://s-img.steepto.com/g/3805484/328x328/0x164x2046x1364/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU%2A.webp

134 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request F3noLNPmdb Show response
paste.co.id/ 80 KB
23 KB 9504ms
9478ms Document
text/html 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.22 PleskLin
Resource Hash: bcd46836035cee8b827d5ba8387c104f0b84945e237a65c3e94d928fa1f6d57e

Request headers

:method: GET
:authority: paste.co.id
:scheme: https
:path: /F3noLNPmdb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 25 Sep 2020 18:58:11 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d7dfa4ef1bedac20d8afc17bdd1af1c3c1601060282; expires=Sun, 25-Oct-20 18:58:02 GMT; path=/; domain=.paste.co.id; HttpOnly; SameSite=Lax XSRF-TOKEN=eyJpdiI6ImdEaDRIZ1lYWVwvODVPbEZHOVlaUnZRPT0iLCJ2YWx1ZSI6ImRmU2dxdjJET3FwTWpyNG5VaWdENWJEWElyam5NakJLa1wvNW16S0duMG9IVzNLaDJrWGF5eXRKMVRKczhDTkhVIiwibWFjIjoiODc3MmYyYWUwNGVhYWE4YjYxYmRjMjY0ZThhODk3YjVjMTNhOGZkNTcwMzBlN2I4ZjliMDc4ZTY4OWU3ZDE1NiJ9; expires=Fri, 25-Sep-2020 20:58:11 GMT; Max-Age=7200; path=/ pasteshr_session=eyJpdiI6Im02Y3VXQStjK3RFa1dNNW1IK2RIQUE9PSIsInZhbHVlIjoiRGJHYVRmbE9haTNUNWM5Z3g3TWpNV2cwOFlCenh2bDlJVWZTXC91Q3l6ZTJSdXBnaHJYOTQrMzR5Qnc4VjREZGYiLCJtYWMiOiIwYWUyYjYxMzQwZTE3MmRjYWNiNDEwNGQ5MmE2MTZkOTc1NmU1OTdmMzZjZmJiODg0NThiNzhiM2Y1NTQxMWJiIn0%3D; expires=Fri, 25-Sep-2020 20:58:11 GMT; Max-Age=7200; path=/; httponly
vary: Accept-Encoding
x-powered-by: PHP/7.3.22 PleskLin
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
cf-cache-status: DYNAMIC
cf-request-id: 05683a369400001f35c93a3200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5d86f96a8cb61f35-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 2yqJvyfZ1Uh-2lN7LZ_VejZFsEM.js Show response
paste.co.id/cdn-cgi/apps/head/ 15 KB
5 KB 18ms
16ms Script
application/javascript 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/cdn-cgi/apps/head/2yqJvyfZ1Uh-2lN7LZ_VejZFsEM.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 748851c4d2e38c4f7587afb6b6e54dfc26e7329018d27911115f1840e251d4a8

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 104635
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 002FD69A3193EF01
x-amz-id-2: tQV2KULaRWnd3DQQdBNUNp+hR09mpQ2UJfSam8BYlfSL8xeLBidYerMumJYnzcYDI/VpaUz1mtI=
last-modified: Thu, 09 Apr 2020 07:01:53 GMT
server: cloudflare
etag: W/"b41983019dc124823e0cbe364e0a102d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: FzzEO.YKJ_vU2aF7romPpg.vx2TIcrhF
cf-request-id: 05683a5ba200001f35c927f200000001
cf-ray: 5d86f9a5d8d81f35-FRA

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 24ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
status: 200
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 bootstrap.min.css
paste.co.id/css/ 138 KB
19 KB 68ms
66ms Stylesheet
text/css 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/bootstrap.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 09 Aug 2020 16:39:12 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"22688-5ac747a546840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-ray: 5d86f9a5d8cc1f35-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 05683a5ba200001f35c927a200000001

GET
H2 200 mdb.min.css
paste.co.id/css/ 226 KB
23 KB 85ms
83ms Stylesheet
text/css 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/mdb.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 09 Aug 2020 16:39:12 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"38940-5ac747a548780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-ray: 5d86f9a5d8cf1f35-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 05683a5ba200001f35c927b200000001

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/ 15 KB
2 KB 32ms
16ms Stylesheet
text/css 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/select2.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1972743
content-security-policy-report-only: default-src https: data: wss: 'unsafe-eval' 'unsafe-inline'; report-uri https://cdnjs.cloudflare.com/cdn-cgi/beacon/csp?req_id=5d86f9a5ee16d6e5
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1624
cf-request-id: 05683a5bb40000d6e506305200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
etag: "5eb03fcb-3b5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5d86f9a5ee16d6e5-FRA
expires: Wed, 15 Sep 2021 18:58:11 GMT

GET
H2 200 special.min.css
paste.co.id/css/skins/ 3 KB
878 B 73ms
72ms Stylesheet
text/css 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/skins/special.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d801a7aee4bfe2c958fd643f0cbeec4594298233004ada814fbff90eeb0b1c0b

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 09 Aug 2020 16:39:12 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"bab-5ac747a548f50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-ray: 5d86f9a5d8d01f35-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 05683a5ba200001f35c927c200000001

GET
H2 200 app.min.css
paste.co.id/css/ 648 B
347 B 53ms
52ms Stylesheet
text/css 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/app.min.css?v=1.2
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 09 Aug 2020 16:39:12 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"288-5ac747a548f50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cf-ray: 5d86f9a5d8d31f35-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 05683a5ba200001f35c927d200000001

GET
H2 200 prism-okadia.css
paste.co.id/plugins/prismjs/ 9 KB
2 KB 18ms
17ms Stylesheet
text/css 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism-okadia.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 56e69505309ad13371b84dc4c0b215e3ec23919f59c5e61b6ed1add33d28a74b

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 3218
x-powered-by: PleskLin
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 05683a5ba200001f35c927e200000001
last-modified: Sun, 09 Aug 2020 16:39:13 GMT
server: cloudflare
etag: W/"326d-5ac747a631614"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-polished: origSize=12909
cf-ray: 5d86f9a5d8d71f35-FRA
cf-bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 54ms
32ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137362802-1

Requested by

Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

07476b5c3ce3d3558b34a4b7f07912679b7666fb308aa0d7268245a53797346d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36405
x-xss-protection: 0
last-modified: Fri, 25 Sep 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Sep 2020 18:58:11 GMT

GET
H/1.1 200
OK 3509488 Show response
inpagepush.com/400/ 68 KB
24 KB 208ms
74ms Script
application/javascript 139.45.196.10
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3509488

Requested by

Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.10 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

59c86e1031ece495bd0819e1d5791c91fa67d5008b18fc92647b87ef1630ca26

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 8632c03a41219436edb606336419b80a
Pragma: no-cache
Date: Fri, 25 Sep 2020 18:58:11 GMT
Content-Encoding: gzip
Vary: Origin
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK ntfc.php Show response
seeptoag.net/ 40 KB
12 KB 133ms
45ms Script
application/javascript 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/ntfc.php?p=3534037
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: 491512bb0496e53007b2c98044d50a78b08391efdfc87a8910de29cc4c0858cb

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Sep 2020 18:58:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Sep 2020 10:41:35 GMT
Server: nginx
ETag: W/"5f633d5f-9f0a"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 default-avatar.png
paste.co.id/img/ 7 KB
7 KB 85ms
83ms Image
image/png 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paste.co.id/img/default-avatar.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 09 Aug 2020 16:39:12 GMT
server: cloudflare
x-powered-by: PleskLin
etag: "1b2d-5ac747a5eb4fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 5d86f9a6bac91f35-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6957
cf-request-id: 05683a5c2e00001f35c928e200000001

GET
H2 200 paste.co.id.997452.js Show response
jsc.mgid.com/p/a/ 272 KB
76 KB 182ms
138ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4bfcf53349fb8feb7179cdf1d97655a5f5b8cedaf2c7b5fca235c800cb2090d

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 77F02272FF75AD89
cf-polished: origSize=279030
status: 200
last-modified: Thu, 17 Sep 2020 16:18:03 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: evHgw/InIdtRN3kAKvhxys+b/pFj64gH3PjUx8dURbfumqPOK8rvNO3OLgaPS2ZkvVoVK6xBxek=
cf-bgj: minify
server: cloudflare
etag: W/"f0b906f44d63d494b188b23ff3c527cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 05683a5c6000007383959e8200000001
cf-ray: 5d86f9a70d517383-CPH
expires: Fri, 25 Sep 2020 19:58:11 GMT

GET
H2 200 paste.co.id.914924.js Show response
jsc.mgid.com/p/a/ 272 KB
76 KB 149ms
106ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33ffcdb3f85341c72b342998172e37225f57b07d550010e7c6eb71cc911328bc

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 7Q6R5R8X5K5Z0Z8W
cf-polished: origSize=278161
status: 200
last-modified: Thu, 17 Sep 2020 14:21:43 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: i3ci98msP6LMmzE0KnnQGUCl8npE3HYCWJISqisjVvO9C3i/J3HuAzVhVifcnNsFZDje1hwpzeU=
cf-bgj: minify
server: cloudflare
etag: W/"920811e185793ee3375c38d829851715"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 05683a5c6000007383959e9200000001
cf-ray: 5d86f9a70d557383-CPH
expires: Fri, 25 Sep 2020 19:58:11 GMT

GET
H2 200 paste.co.id.997454.js Show response
jsc.mgid.com/p/a/ 273 KB
76 KB 171ms
127ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.997454.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c64875d5e62355564acbbe6ce89234e31456c9800dc02bd41e3903c6b6ba0e4d

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 054A8D600C09F203
cf-polished: origSize=279702
status: 200
last-modified: Thu, 17 Sep 2020 16:23:17 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: llwEZBroMlaQeTJWUOAT9GKt5upS5fT+DwiB5sX6t7yjqlotwq4C25KPBJ+PMImIMp4IRQrtqCU=
cf-bgj: minify
server: cloudflare
etag: W/"e5b4767965f562844b5f19be1057051b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 05683a5c6000007383959ea200000001
cf-ray: 5d86f9a70d587383-CPH
expires: Fri, 25 Sep 2020 19:58:11 GMT

GET
H2 200 paste.co.id.997457.js Show response
jsc.mgid.com/p/a/ 273 KB
76 KB 105ms
61ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.997457.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b76fe130b958529e2caa848e498a3b19f61349813a67d8045a03ed43063dc060

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: D774B2DA2F888F74
cf-polished: origSize=279670
status: 200
last-modified: Thu, 17 Sep 2020 16:13:28 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: niQ/80lDDeP206yNFENjHCwm2Z8v7wQRQchHVSL7p0Gu2E3NNhVWuUcyDhymLlUuXzDRyGzSITE=
cf-bgj: minify
server: cloudflare
etag: W/"389967501c6452a6bbdc5d86bd821438"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cf-request-id: 05683a5c6000007383959eb200000001
cf-ray: 5d86f9a70d5a7383-CPH
expires: Fri, 25 Sep 2020 19:58:11 GMT

GET
H/1.1 200
OK /
www.qrcoder.co.uk/api/v1/ 392 B
672 B 288ms
120ms Image
image/png 109.203.125.88
NODE4-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.qrcoder.co.uk/api/v1/?size=4&text=https%3A%2F%2Fpaste.co.id%2FF3noLNPmdb
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 109.203.125.88 Salford, United Kingdom, ASN31727 (NODE4-AS, GB),
Reverse DNS: euk-88894.eukservers.com
Software: Apache /
Resource Hash: f2d2fff7330777865db60662cacd85824bc584202657102ce7f2ee4337f09411

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Sep 2020 18:58:10 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Expires: 0

GET
H/1.1 200
OK logo.png
berkas.co/ds1/img/ 4 KB
4 KB 210ms
75ms Image
image/png 173.249.18.21
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://berkas.co/ds1/img/logo.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.249.18.21 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: berkas.co
Software: nginx/1.16.1 / RHZ SECURITY
Resource Hash: 5eb58957336c213965803eb8f38617c70deea70a22470a4e66a0712a870e9c09

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Sep 2020 18:58:11 GMT
ETag: "e5e-5a81d91e86dc0"
Last-Modified: Mon, 15 Jun 2020 11:17:19 GMT
Server: nginx/1.16.1
X-Powered-By: RHZ SECURITY
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3678

GET
H2 200 email-decode.min.js Show response
paste.co.id/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
858 B 7ms
7ms Script
application/javascript 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paste.co.id/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 14 Sep 2020 19:48:52 GMT
server: cloudflare
etag: W/"5f5fc924-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 5d86f9a649f51f35-FRA
cf-request-id: 05683a5bec00001f35c9284200000001
expires: Sun, 27 Sep 2020 18:58:11 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
29 KB 22ms
22ms Script
application/javascript 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":31536000,"success_fraction":0.01,"include_subdomains":true,"response_headers":["cf-ray"]}
age: 1442159
cf-ray: 5d86f9a65ed7d6e5-FRA
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 05683a5bf40000d6e506309200000001
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
etag: W/"5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"group":"cf-nel","max_age":31536000,"endpoints":[{"url":"https://gcp.nel.cloudflare.com/report?lkg-colo=fra&lkg-time=1601060291&lkg-ip=2a01:4f8:192:5414::2","weight":10}],"include_subdomains":true}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
timing-allow-origin: *
expires: Wed, 15 Sep 2021 18:58:11 GMT

GET
H2 200 bootstrap.min.js Show response
paste.co.id/js/ 50 KB
13 KB 82ms
82ms Script
application/javascript 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/bootstrap.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 09 Aug 2020 16:39:12 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"c75f-5ac747a6131b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-ray: 5d86f9a65a161f35-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 05683a5bf700001f35c9287200000001

GET
H2 200 mdb.min.js Show response
paste.co.id/js/ 204 KB
60 KB 94ms
90ms Script
application/javascript 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/mdb.min.js?v=2
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 09 Aug 2020 16:39:12 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"331d6-5ac747a612dcb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-ray: 5d86f9a6aac31f35-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 05683a5c2d00001f35c928a200000001

GET
H2 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/ 65 KB
15 KB 18ms
14ms Script
application/javascript 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/select2.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 66421
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15668
cf-request-id: 05683a5c2d0000d6e506316200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
etag: "5eb03fcb-1042e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5d86f9a6af95d6e5-FRA
expires: Wed, 15 Sep 2021 18:58:11 GMT

GET
H2 200 ads.js Show response
paste.co.id/js/ 22 B
334 B 64ms
61ms Script
application/javascript 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/ads.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-powered-by: PleskLin
status: 200
cf-int-pingora-origin-digest: {"ext_ip":"162.158.94.128","ext_port":26302,"upstream_rtt":8,"upstream_reused":false,"cipher":"ECDHE-RSA-AES128-GCM-SHA256","tls_version":"TLSv1.2","cert_digest":"DVU9OgSIeLxpH5nf4OPiWRNPAcTkD46hkbF/fXrbNuk","http_version":2}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 05683a5c2d00001f35c928b200000001
last-modified: Sun, 09 Aug 2020 16:39:12 GMT
server: cloudflare
etag: W/"16-5ac747a6131b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 5d86f9a6aac41f35-FRA
cf-bgj: minify

GET
H2 200 app.min.js Show response
paste.co.id/js/ 1 KB
752 B 70ms
67ms Script
application/javascript 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/app.min.js?v=1.5
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 09 Aug 2020 16:39:12 GMT
server: cloudflare
x-powered-by: PleskLin
etag: W/"5b0-5ac747a6125fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-ray: 5d86f9a6aac71f35-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 05683a5c2d00001f35c928c200000001

GET
H2 200 prism.js Show response
paste.co.id/plugins/prismjs/ 327 KB
113 KB 37ms
34ms Script
application/javascript 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7fb176a5a03a77422ae9f0180501ff1def1dbb2d80888d72f86642d9b575437f

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 3218
x-powered-by: PleskLin
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 05683a5c2d00001f35c928d200000001
last-modified: Sun, 09 Aug 2020 16:39:13 GMT
server: cloudflare
etag: W/"521a1-5ac747a630e44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-polished: origSize=336289
cf-ray: 5d86f9a6aac81f35-FRA
cf-bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 54ms
33ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-174907544-1

Requested by

Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a8c15698878e43b6389e8d6350a372280ef38ec057d1e2ab5654dcd756d378d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36406
x-xss-protection: 0
last-modified: Fri, 25 Sep 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Sep 2020 18:58:11 GMT

GET
H2 200 Rz2da77UT0usLVxL Show response
analytics.rhzahra.com/pixel/ 37 KB
12 KB 640ms
224ms Script
application/javascript 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.rhzahra.com/pixel/Rz2da77UT0usLVxL
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.21
Resource Hash: 4f54d42de3def75b2bda96fb39e07b143628a4127a39694935f715bb737665ab

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: cache
date: Fri, 25 Sep 2020 18:58:12 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.21
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=300
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
expires: Fri, 25 Sep 2020 19:03:12 GMT

GET
H2 200 99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add Show response
lovelydrum.com/ 94 KB
29 KB 357ms
261ms Script
text/javascript 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lovelydrum.com/99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add

Requested by

Host: paste.co.id
URL: https://paste.co.id/cdn-cgi/apps/head/2yqJvyfZ1Uh-2lN7LZ_VejZFsEM.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

111.91.190.35.bc.googleusercontent.com

Software

Resource Hash

be3e14591f5ac2a5f6f908ce2b44145f85ad56a5581d6ab933ae96e49405cd15

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "5618dd7349cae6f18812f8829b2929fdfb9bc1dbc2f071d4a08e9afad580aecf"
vary: Accept-Encoding, Accept-Language
x-hostname: urban
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, must-revalidate, max-age=21600
date: Fri, 25 Sep 2020 18:58:12 GMT
timing-allow-origin: *

GET
H2 200 ODDUj0AVpwTFCkac0C-t0V4Mg-4.js Show response
paste.co.id/cdn-cgi/apps/body/ 150 KB
42 KB 27ms
26ms Script
application/javascript 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/cdn-cgi/apps/body/ODDUj0AVpwTFCkac0C-t0V4Mg-4.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/cdn-cgi/apps/head/2yqJvyfZ1Uh-2lN7LZ_VejZFsEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c84459f0c92349eac14ab94fa19f3dace511b376e32e84cf3b41e96a67730ff

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 447622
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2E21344D9273CC35
x-amz-id-2: ozmOTpdw8+R0jXtzrQBC4g6WahvHGHEJFrkEMwD6F+hl/7uV9/2iN9NwYN7PaaHaJ0Hu9x1RC1k=
last-modified: Thu, 09 Apr 2020 07:01:53 GMT
server: cloudflare
etag: W/"a204e0ca2fbab92074b1b60e5111cc70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: jjfCmrRnJA2UeSB7s0B3k.91AXU7Ac5O
cf-request-id: 05683a5c2e00001f35c928f200000001
cf-ray: 5d86f9a6baca1f35-FRA

GET
H2 200 Roboto-Light.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 88ms
87ms Font
application/octet-stream 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Light.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
cf-cache-status: MISS
last-modified: Sun, 09 Aug 2020 16:39:12 GMT
server: cloudflare
x-powered-by: PleskLin
etag: "c0e4-5ac747a5a2501"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
status: 200
accept-ranges: bytes
cf-ray: 5d86f9a6bacc1f35-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49380
cf-request-id: 05683a5c2e00001f35c9290200000001

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 22ms
7ms Font
font/woff2 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://paste.co.id
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
status: 200
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 77171

GET
H2 200 Roboto-Regular.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 67ms
66ms Font
application/octet-stream 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Regular.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
cf-cache-status: MISS
last-modified: Sun, 09 Aug 2020 16:39:12 GMT
server: cloudflare
x-powered-by: PleskLin
etag: "c054-5ac747a5a05c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
status: 200
accept-ranges: bytes
cf-ray: 5d86f9a6bacd1f35-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49236
cf-request-id: 05683a5c2e00001f35c9291200000001

GET
H2 200 Roboto-Bold.woff2
paste.co.id/font/roboto/ 49 KB
49 KB 86ms
86ms Font
application/octet-stream 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Bold.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716

Request headers

Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:11 GMT
cf-cache-status: MISS
last-modified: Sun, 09 Aug 2020 16:39:12 GMT
server: cloudflare
x-powered-by: PleskLin
etag: "c338-5ac747a5a09a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
status: 200
accept-ranges: bytes
cf-ray: 5d86f9a6fb391f35-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49976
cf-request-id: 05683a5c5a00001f35c9294200000001

GET
DATA 200
OK truncated
/ 1 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13f49578079ce90bfc63c1d271af36739f07745ff0b709361ad2c1e43e53a39b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/ 10 KB
3 KB 11ms
11ms Script
application/javascript 2606:4700::6811:4e6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/plugins/prismjs/prism.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4e6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 792613
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2905
cf-request-id: 05683a5dcd0000d6e506339200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
etag: "5eb03e29-29a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5d86f9a94d35d6e5-FRA
expires: Wed, 15 Sep 2021 18:58:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
19 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137362802-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 1471
date: Fri, 25 Sep 2020 18:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Fri, 25 Sep 2020 20:33:41 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 51ms
38ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-174907544-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137362802-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8cdcd0806f2adf0227849068c25e749883e54e53a1c8fd2c1c13be7737027b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:12 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36541
x-xss-protection: 0
last-modified: Fri, 25 Sep 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Sep 2020 18:58:12 GMT

POST
H2 200 get-paste Show response
paste.co.id/ 1 KB
1 KB 2819ms
2819ms XHR
application/json 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/get-paste
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.22, PleskLin
Resource Hash: 31bb7aa213ee94bce1234e2b26f6252fa6e42bc080c168fa518ac55894087ee2

Request headers

Accept: */*
Referer: https://paste.co.id/F3noLNPmdb
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 25 Sep 2020 18:58:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-powered-by: PHP/7.3.22, PleskLin
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 05683a5df500001f35c92d2200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining: 58
content-type: application/json
cache-control: private, must-revalidate
x-ratelimit-limit: 60
cf-ray: 5d86f9a989dc1f35-FRA
expires: -1

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 39ms
19ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a20070fc475f7befb15e531f7212f19fa7502ee9a53fcabf36d42a09ac9260b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Sep 2020 18:16:24 GMT
server: ESF
date: Fri, 25 Sep 2020 18:58:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Sep 2020 18:58:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 35ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44c7a313987266137f475859395cfa30414abf12182bf74b06b33d804b0c29f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Sep 2020 17:52:54 GMT
server: ESF
date: Fri, 25 Sep 2020 18:58:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Sep 2020 18:58:12 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 30ms
29ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:12 GMT
content-encoding: br
cf-cache-status: HIT
age: 4835
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 05683a5e5e0000738395a07200000001
cf-ray: 5d86f9aa3a867383-CPH

GET
DATA 200
OK truncated
/ 575 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 400cf46f4296c8d1aae202531b893401d905ddd7f9aaaf7aaf52261f0621b24b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK zone Show response
seeptoag.net/ 695 B
1 KB 43ms
43ms Fetch
application/json 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/zone?pub=0&zone_id=3534037&is_mobile=false&domain=paste.co.id&var=&ymid=&var_3=

Requested by

Host: seeptoag.net
URL: https://seeptoag.net/ntfc.php?p=3534037

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

f703fbb43cf2d58d1d878a7b311af11c5f938a65a3fa36d6f0bb4e2ac6bbbc12

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: f3dc7c84653a306c8c6bed32b0710164
Date: Fri, 25 Sep 2020 18:58:12 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 695

GET
H/1.1 200
OK universal.min.js Show response
seeptoag.net/pfe/current/ 195 KB
58 KB 151ms
68ms Fetch
application/javascript 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/pfe/current/universal.min.js?v=3.1.266
Requested by: Host: seeptoag.net
URL: https://seeptoag.net/ntfc.php?p=3534037
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: 50e0260e0a464b99aab0bfb3e328d92257e882100e57ec29590e84253897f4e5

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Sep 2020 18:58:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Sep 2020 10:41:35 GMT
Server: nginx
ETag: W/"5f633d5f-30b68"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 31ms
12ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 09:06:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 381117
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 21 Sep 2021 09:06:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 24ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 09:06:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 381115
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Tue, 21 Sep 2021 09:06:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 09:06:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 381113
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Tue, 21 Sep 2021 09:06:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 7 KB
7 KB 21ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 09:06:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:40 GMT
server: sffe
age: 381118
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6720
x-xss-protection: 0
expires: Tue, 21 Sep 2021 09:06:14 GMT

GET
DATA 200
OK truncated
/ 418 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f96c53b9b03f4b4ab67841c2ffd39ec588c945206edb5d8f6e7725859e29f69d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 632 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/css?family=Open+Sans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 18:23:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 261294
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Wed, 22 Sep 2021 18:23:18 GMT

GET
H2 200 1 Show response
servicer.mgid.com/997457/ 2 KB
1 KB 56ms
54ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997457/1?w=255&h=714&p3_w=252&p3_h=210&cols=1&pv=5&cbuster=1601060292479632431564&uniqId=06161&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fpaste.co.id%2FF3noLNPmdb&pageView=1&pvid=174c6a1477f9e35a049&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997457.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3abe2568784c5bcff22fd1a13f48926b982735503853da160d70350a6ba2046

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d86f9ac1cd47383-CPH
content-type: application/x-javascript; charset=utf-8
cf-request-id: 05683a5f8b0000738395a13200000001

GET
H2 200 1 Show response
servicer.mgid.com/914924/ 3 KB
1 KB 60ms
60ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/914924/1?w=844&h=242&cols=2&pv=5&cbuster=1601060292520981370909&uniqId=0101d&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fpaste.co.id%2FF3noLNPmdb&pageView=0&pvid=174c6a147a890a23426&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49464dc838405f086fd1848a0ff1503b24d59b03149e12bd9f11fa156ae9f2df

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d86f9ac5d1c7383-CPH
content-type: application/x-javascript; charset=utf-8
cf-request-id: 05683a5fb40000738395a15200000001

GET
H2 200 Baai Show response
ad.doubleclick.net/ddm/adj/Bjvbku/ 11 B
653 B 157ms
61ms Script
text/javascript 216.58.205.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/Bjvbku/Baai

Requested by

Host: lovelydrum.com
URL: https://lovelydrum.com/99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s24-in-f230.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1 Show response
servicer.mgid.com/997454/ 4 KB
1 KB 53ms
53ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997454/1?w=840&h=513&p3_w=271&p3_h=217&cols=3&pv=5&cbuster=1601060292572111454085&uniqId=17f8e&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fpaste.co.id%2FF3noLNPmdb&pageView=0&pvid=174c6a147ddb4a7e8e2&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997454.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb3597c3ce6025373cb841863a330d33fd48dd32855e6eace9e3fed71fb5206d

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d86f9acad677383-CPH
content-type: application/x-javascript; charset=utf-8
cf-request-id: 05683a5fe80000738395a17200000001

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
203 B 13ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1355587482&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2FF3noLNPmdb&ul=en-us&de=UTF-8&dt=Untitled%20-%20Paste.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1297328939&gjid=326492958&cid=429436922.1601060293&tid=UA-137362802-1&_gid=69009142.1601060293&_r=1&gtm=2ou9g1&z=2005834421

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
67 B 13ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1355587482&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2FF3noLNPmdb&ul=en-us&de=UTF-8&dt=Untitled%20-%20Paste.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUABAAAAAC~&jid=1883361478&gjid=1601247917&cid=429436922.1601060293&tid=UA-174907544-1&_gid=69009142.1601060293&_r=1&gtm=2ou9g1&z=1620250862

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK gid.js Show response
my.rtmark.net/ 65 B
769 B 170ms
42ms XHR
application/json 139.45.196.25
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.25 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

25212be17b7f877ba6223b1d117b80b6ffb88965a991a9f190dd536216ab645a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Sep 2020 18:58:12 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 65

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 53ms
52ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?w=840&h=233&p3_w=201&p3_h=189&cols=4&pv=5&cbuster=1601060292604892097184&uniqId=16369&niet=4g&nisd=false&ref=&lu=https%3A%2F%2Fpaste.co.id%2FF3noLNPmdb&pageView=0&pvid=174c6a147fcb0248558&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1016019df2da17f7de94d379a3d67c449981b26875f177fa7c467ba50e33f8b7

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d86f9acddb57383-CPH
content-type: application/x-javascript; charset=utf-8
cf-request-id: 05683a60070000738395a18200000001

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame 1278 0
0 27ms
8ms Document
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: lovelydrum.com
URL: https://lovelydrum.com/99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/F3noLNPmdb
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/F3noLNPmdb

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1479
date: Mon, 21 Sep 2020 05:55:50 GMT
expires: Tue, 21 Sep 2021 05:55:50 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 392542
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
451 B 40ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-137362802-1&cid=429436922.1601060293&jid=1297328939&gjid=326492958&_gid=69009142.1601060293&_u=IEBAAUAAAAAAAC~&z=1790033256

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 25 Sep 2020 18:58:12 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 Rz2da77UT0usLVxL Show response
analytics.rhzahra.com/pixel-track/ 0
100 B 274ms
274ms XHR
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.rhzahra.com/pixel-track/Rz2da77UT0usLVxL
Requested by: Host: analytics.rhzahra.com
URL: https://analytics.rhzahra.com/pixel/Rz2da77UT0usLVxL
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.21
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:13 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.21
status: 200
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H3-Q050 200 Rz2da77UT0usLVxL
analytics.rhzahra.com/pixel-track/ Frame 0
0 424ms
218ms Other
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.rhzahra.com/pixel-track/Rz2da77UT0usLVxL
Protocol: H3-Q050
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.21
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
Sec-Fetch-Mode: cors

Response headers

status: 200
x-powered-by: PHP/7.3.21
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Fri, 25 Sep 2020 18:58:12 GMT
server: LiteSpeed

OPTIONS
H3-Q050 200 Rz2da77UT0usLVxL
analytics.rhzahra.com/pixel-track/ Frame 0
0 225ms
225ms Other
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.rhzahra.com/pixel-track/Rz2da77UT0usLVxL
Protocol: H3-Q050
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.21
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
Sec-Fetch-Mode: cors

Response headers

status: 200
x-powered-by: PHP/7.3.21
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Fri, 25 Sep 2020 18:58:13 GMT
server: LiteSpeed

POST
H3-Q050 200 Rz2da77UT0usLVxL Show response
analytics.rhzahra.com/pixel-track/ 0
77 B 244ms
244ms XHR
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.rhzahra.com/pixel-track/Rz2da77UT0usLVxL
Requested by: Host: analytics.rhzahra.com
URL: https://analytics.rhzahra.com/pixel/Rz2da77UT0usLVxL
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.21
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:13 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.21
status: 200
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
513 B 49ms
28ms Image
image/gif 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-137362802-1&cid=429436922.1601060293&jid=1297328939&_u=IEBAAUAAAAAAAC~&z=2043442431

Requested by

Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
513 B 48ms
29ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-137362802-1&cid=429436922.1601060293&jid=1297328939&_u=IEBAAUAAAAAAAC~&z=2043442431

Requested by

Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK 3509488
inpagepush.com/500/ Frame 0
0 179ms
54ms Other 139.45.196.10
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3509488?excludes=&oaid=0c8774c0a333458c83cb67c9b776bb87&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fpaste.co.id%2FF3noLNPmdb&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

HTTP/1.1

Server

139.45.196.10 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Fri, 25 Sep 2020 18:58:13 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Max-Age: 300
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *

GET
H/1.1 200
OK 3509488 Show response
inpagepush.com/500/ 2 KB
2 KB 259ms
257ms XHR
application/javascript 139.45.196.10
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.10 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

4a8a80d8dd6b2cb845389883bf9b9be528a6aa9733999d45dd1a978cfac0376a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 25 Sep 2020 18:58:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: b749b1727b2134b81abde20736ce484e
Pragma: no-cache
Server: nginx
Vary: Origin
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
841 B 87ms
79ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?cbuster=1601060293390287408768
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997457.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 831faae484fdc81b4de559bbf4a7809e9fdade0bc4d075e4e7e0bae29a733cc7

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 8eded378-7705-4b09-9b00-9ce143dd6f8e
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 05683a631f0000738395a32200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d86f9b1cd0f7383-CPH

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame C197 19 B
311 B 59ms
56ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1601060293395104069863
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997457.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 45d995c0-95fd-452a-aa60-9a084ccbb9af
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 05683a631f0000738395a31200000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d86f9b1cd0d7383-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc*.webp
s-img.mgid.com/g/5523139/492x277/135x0x1062x708/ 16 KB
16 KB 27ms
25ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5523139/492x277/135x0x1062x708/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e8212a25771bd0ebdaa265a7123eff8401736604b7709c06ec6817ae89d3e5f

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:13 GMT
cf-cache-status: HIT
age: 4353640
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16330
cf-request-id: 05683a632e0000738395a35200000001
last-modified: Tue, 07 Jul 2020 15:11:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d86f9b1ed207383-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMjEvMTAxOTI0LzlkOGQ4MjVjNTkxZGVkN2NmN2NhZjY3MDMwZWQyOGE3LmpwZz90PTE0OTAxMjQ3NDc5NDY*.webp
s-img.mgid.com/g/3805572/492x277/0x0x492x328/ 19 KB
19 KB 27ms
25ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805572/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMjEvMTAxOTI0LzlkOGQ4MjVjNTkxZGVkN2NmN2NhZjY3MDMwZWQyOGE3LmpwZz90PTE0OTAxMjQ3NDc5NDY*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 288f82e435d70c52e0524d62c668ce42a70909089ca12049f6b5f392db598316

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:13 GMT
cf-cache-status: HIT
x-mg-request-uuid: 60f0e518-4339-48ab-a6d3-762376d673ac
age: 4347692
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19098
cf-request-id: 05683a632e0000738395a34200000001
last-modified: Tue, 14 Jul 2020 20:49:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d86f9b1ed1f7383-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2QyNTMxNzcxZmI3YTU5MmRkNWViYjNjYzU5NDQyM2ExLmpwZWc*.webp
s-img.mgid.com/g/4060561/492x277/38x0x940x626/ 32 KB
32 KB 25ms
23ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4060561/492x277/38x0x940x626/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2QyNTMxNzcxZmI3YTU5MmRkNWViYjNjYzU5NDQyM2ExLmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce1a579cd14c5acee4d9dda29a63308be675228a1911cd3c27961cf9d9056104

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:13 GMT
cf-cache-status: HIT
x-mg-request-uuid: ddd6ca7f-50dd-4ba4-acdd-3d5bf164231d
age: 1902242
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32638
cf-request-id: 05683a632d0000738395a33200000001
last-modified: Tue, 28 Jul 2020 03:00:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d86f9b1ed1e7383-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc*.webp
s-img.mgid.com/g/6288128/370x200/0x155x900x600/ 5 KB
5 KB 27ms
24ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/6288128/370x200/0x155x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d373025d5e963bd365c0c4de97143053c8ab795e5b2f9995cd1405f42694f26

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:13 GMT
cf-cache-status: HIT
x-mg-request-uuid: 90064e81-c75f-4341-a5c4-60e651145093
age: 6744268
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4752
cf-request-id: 05683a63490000738395a36200000001
last-modified: Thu, 09 Jul 2020 16:56:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d86f9b20d687383-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMjEvMTAxOTI0LzlkOGQ4MjVjNTkxZGVkN2NmN2NhZjY3MDMwZWQyOGE3LmpwZz90PTE0OTAxMjQ3NDc5NDY*.webp
s-img.mgid.com/g/3805572/370x200/0x0x492x328/ 11 KB
11 KB 28ms
24ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805572/370x200/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDMtMjEvMTAxOTI0LzlkOGQ4MjVjNTkxZGVkN2NmN2NhZjY3MDMwZWQyOGE3LmpwZz90PTE0OTAxMjQ3NDc5NDY*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d06e2a86d4f58a769ed972042968870d44ecee028390f8a0571c4b17cc37168

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:13 GMT
cf-cache-status: HIT
age: 4627278
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11442
cf-request-id: 05683a63490000738395a37200000001
last-modified: Tue, 19 May 2020 09:45:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d86f9b20d6b7383-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTEwLzE3NTY4NS9lZTVmNGYyYjMzYzk5ZmJhOWU1N2M4YWJjNTU5ODg3Yy5qcGc*.webp
s-img.mgid.com/g/4409132/370x200/26x0x600x400/ 4 KB
4 KB 28ms
25ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4409132/370x200/26x0x600x400/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTEwLzE3NTY4NS9lZTVmNGYyYjMzYzk5ZmJhOWU1N2M4YWJjNTU5ODg3Yy5qcGc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ce56fba9ed966579a4cf13d1554d50f771e2fd6f533bc15b2c026b7348dae33

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:13 GMT
cf-cache-status: HIT
age: 8889622
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3980
cf-request-id: 05683a63490000738395a38200000001
last-modified: Tue, 29 Oct 2019 19:41:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d86f9b20d6d7383-CPH
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2JmNGFiNWZhMThjM2Y5ODY5ZWVlYjNhZDUyNGJlZTBhLmpwZWc*.webp
s-img.mgid.com/g/3959825/370x200/2x0x599x399/ 9 KB
9 KB 27ms
25ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3959825/370x200/2x0x599x399/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2JmNGFiNWZhMThjM2Y5ODY5ZWVlYjNhZDUyNGJlZTBhLmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 233aee6e2b932b7e2a739a602bac3171ede85ed399e1dd87f18dbbbd97d8b124

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:13 GMT
cf-cache-status: HIT
age: 7054446
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8704
cf-request-id: 05683a63490000738395a39200000001
last-modified: Thu, 06 Feb 2020 00:39:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d86f9b20d717383-CPH
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc*.webp
s-img.mgid.com/g/5097644/492x277/98x0x926x617/ 28 KB
28 KB 26ms
22ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097644/492x277/98x0x926x617/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U1M2U3NTNhYzIwNzIwNTQyNDE1NmZmODMzYmM4ODcwLmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33586aca39bc21fa9ecfc3d422c8896796493e9d3194a0b44acac66135ef30fb

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:13 GMT
cf-cache-status: HIT
age: 5171234
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28440
cf-request-id: 05683a63790000738395a3c200000001
last-modified: Tue, 07 Jul 2020 14:45:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d86f9b25dfa7383-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzQ5ODZhMWFmYzk1YmIzMzQ2NTRlNGM3MGVhZmVmM2VjLmpwZWc*.webp
s-img.mgid.com/g/4023132/492x277/0x0x1025x683/ 26 KB
26 KB 27ms
24ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4023132/492x277/0x0x1025x683/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzQ5ODZhMWFmYzk1YmIzMzQ2NTRlNGM3MGVhZmVmM2VjLmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfb78c55b36f24b9a220a7c99df932867bdb3faf91bc2808da3338ee1062379c

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:13 GMT
cf-cache-status: HIT
age: 4407390
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26862
cf-request-id: 05683a63790000738395a3d200000001
last-modified: Tue, 07 Jul 2020 14:47:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d86f9b25dfb7383-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMDcvMTAxOTI0L2NmYjM5MGE0NGZmZjhiOTczMTI0N2FjYTgyOTlkYTRkLmpwZz90PTE0OTE1ODc3OTE5NDE*.webp
s-img.mgid.com/g/3805463/492x277/0x0x492x328/ 6 KB
6 KB 29ms
26ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805463/492x277/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMDcvMTAxOTI0L2NmYjM5MGE0NGZmZjhiOTczMTI0N2FjYTgyOTlkYTRkLmpwZz90PTE0OTE1ODc3OTE5NDE*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e40471cdf8345289381b9436371a58cb241750aa4d6c11eb1f7cab590d3e7cd

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:13 GMT
cf-cache-status: HIT
x-mg-request-uuid: 32f39da8-318a-4829-9d6c-66029f8eb7a2
age: 2123380
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6400
cf-request-id: 05683a63790000738395a3e200000001
last-modified: Tue, 28 Jul 2020 01:48:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d86f9b25dfc7383-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2YxMzYwMmJkNzdjYzk1ZTlkMDM0Mjg0ZGUzMGM2NGI3LmpwZWc*.webp
s-img.mgid.com/g/3859212/492x277/0x0x1001x667/ 30 KB
31 KB 27ms
25ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3859212/492x277/0x0x1001x667/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2YxMzYwMmJkNzdjYzk1ZTlkMDM0Mjg0ZGUzMGM2NGI3LmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d9872802fb3827c82e49a61b9059876ff1ae2d55dbde99dfbfd738798e35a56

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:13 GMT
cf-cache-status: HIT
age: 4074945
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31216
cf-request-id: 05683a637a0000738395a3f200000001
last-modified: Tue, 07 Jul 2020 14:12:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d86f9b25dfe7383-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc*.webp
s-img.mgid.com/g/6288128/492x277/0x155x900x600/ 7 KB
7 KB 28ms
25ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/6288128/492x277/0x155x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d74b929ab65261edb824b614feac90c2c59aed350b471c3461b3b31438c6c2e5

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:13 GMT
cf-cache-status: HIT
x-mg-request-uuid: 5351d694-97dc-4952-b8ba-a211a7ac073f
age: 4463892
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6880
cf-request-id: 05683a637a0000738395a40200000001
last-modified: Thu, 09 Jul 2020 17:09:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d86f9b25dff7383-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzY2NmYxMDI0MTE0MjBiMWM0NWIxZWY3ZGRlNTRmMzVmLmpwZWc*.webp
s-img.mgid.com/g/4060552/492x277/0x0x571x380/ 10 KB
10 KB 28ms
26ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4060552/492x277/0x0x571x380/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzY2NmYxMDI0MTE0MjBiMWM0NWIxZWY3ZGRlNTRmMzVmLmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 575504be3cb52317e5c9a89c9d34d493aa6a3de88ce1d3d1514b1758a184bbac

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:13 GMT
cf-cache-status: HIT
x-mg-request-uuid: c524a00d-3dbf-47ea-9964-9bd979bdaa5a
age: 4301562
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10322
cf-request-id: 05683a637a0000738395a41200000001
last-modified: Tue, 07 Jul 2020 15:18:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d86f9b25e017383-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzJlODA0MzdhMTA4ZjUzMTgzMmJmNDc4NTJlYjk1MjQ3LmpwZWc*.webp
s-img.mgid.com/g/5097654/492x328/87x0x866x577/ 13 KB
13 KB 50ms
50ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5097654/492x328/87x0x866x577/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0LzJlODA0MzdhMTA4ZjUzMTgzMmJmNDc4NTJlYjk1MjQ3LmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a99a8d3f69c5bf2b9a273bd58032e9ecfb87c0ee809c536d34026ae672c62c53

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:13 GMT
cf-cache-status: HIT
age: 19631444
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13160
cf-request-id: 05683a63900000738395a45200000001
last-modified: Tue, 11 Feb 2020 13:32:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d86f9b28e367383-CPH
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2YxNjUyMzE5YWM2YTE2YTliYTUxZWFjMzEzMWU4NmUyLmpwZw**.webp
s-img.mgid.com/g/5523127/492x328/0x0x492x328/ 7 KB
7 KB 25ms
25ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5523127/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0L2YxNjUyMzE5YWM2YTE2YTliYTUxZWFjMzEzMWU4NmUyLmpwZw**.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0a686b1919006017fce58352875bf6b12dcc8520975f342a4245834c91a117c

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:13 GMT
cf-cache-status: HIT
age: 7055766
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7502
cf-request-id: 05683a638f0000738395a43200000001
last-modified: Tue, 07 Apr 2020 15:43:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d86f9b27e317383-CPH
cf-bgj: h2pri

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzFiNjBjMzU0ODU1YmZiODRmMTQ1MThiMjMwYzQ3ZTQwLmpwZWc*.webp
s-img.mgid.com/g/4003649/492x328/77x0x866x577/ 11 KB
11 KB 24ms
24ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4003649/492x328/77x0x866x577/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzFiNjBjMzU0ODU1YmZiODRmMTQ1MThiMjMwYzQ3ZTQwLmpwZWc*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19219054e77930eeee4131b7511eb37603baefffba9fd6bbca4dccdb398bd42b

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:13 GMT
cf-cache-status: HIT
age: 4077473
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10898
cf-request-id: 05683a638f0000738395a44200000001
last-modified: Tue, 19 May 2020 07:02:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d86f9b27e337383-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMTAvMTAxOTI0L2ZmMDczNjRiNzU1MjEzYWEzNmIwOGM5Nzk1NjBmMWQ5LmpwZz90PTE0OTQ0NDY1MDk4MTY*.webp
s-img.mgid.com/g/3805532/492x328/0x0x492x328/ 8 KB
8 KB 25ms
24ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805532/492x328/0x0x492x328/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDUtMTAvMTAxOTI0L2ZmMDczNjRiNzU1MjEzYWEzNmIwOGM5Nzk1NjBmMWQ5LmpwZz90PTE0OTQ0NDY1MDk4MTY*.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e15216092d4eea89569605ce7fe81040ec84a0f6d8943c66273ee11386814913

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:13 GMT
cf-cache-status: HIT
age: 3818785
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8168
cf-request-id: 05683a638f0000738395a42200000001
last-modified: Wed, 30 Oct 2019 06:57:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d86f9b27e307383-CPH
cf-bgj: h2pri

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 900C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

99ms
32ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?cbuster=1601060293390287408768
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://paste.co.id/F3noLNPmdb
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/F3noLNPmdb

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 19 Aug 2020 18:23:01 GMT
Content-Encoding: gzip
Content-Length: 9456
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=14206
Expires: Fri, 25 Sep 2020 22:54:59 GMT
Date: Fri, 25 Sep 2020 18:58:13 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Fri, 25 Sep 2020 18:58:13 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55859/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=k8pc0zpf2DWb
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=k8pc0zpf2DWb
https://pixel.advertising.com/ups/55859/sync?uid=4ba11a45-e1f5-4330-a16d-5edc476a4b21&_origin=1&gdpr=&gdpr_consent=
https://pixel.advertising.com/ups/55859/sync?uid=4ba11a45-e1f5-4330-a16d-5edc476a4b21&_origin=1&gdpr=&gdpr_consent=&verify=true
https://ups.analytics.yahoo.com/ups/55859/sync?uid=4ba11a45-e1f5-4330-a16d-5edc476a4b21&_origin=1&gdpr=&gdpr_consent=&apid=UP104a8059-ff61-11ea-9033-062f8d100868
https://ups.analytics.yahoo.com/ups/55859/sync?uid=4ba11a45-e1f5-4330-a16d-5edc476a4b21&_origin=1&gdpr=&gdpr_consent=&apid=UP104a8059-ff61-11ea-9033-062f8d100868&verify=true

0
963 B

34ms
34ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55859/sync?uid=4ba11a45-e1f5-4330-a16d-5edc476a4b21&_origin=1&gdpr=&gdpr_consent=&apid=UP104a8059-ff61-11ea-9033-062f8d100868&verify=true

Requested by

Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.113 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Sep 2020 18:58:14 GMT
Server: ATS/7.1.2.113
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Fri, 25 Sep 2020 18:58:13 GMT
Server: ATS/7.1.2.113
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55859/sync?uid=4ba11a45-e1f5-4330-a16d-5edc476a4b21&_origin=1&gdpr=&gdpr_consent=&apid=UP104a8059-ff61-11ea-9033-062f8d100868&verify=true
Connection: keep-alive
Content-Length: 0

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
328 B 156ms
44ms Image
image/gif 23.105.245.4
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=k8pc0zpf2DWb
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.105.245.4 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:13 GMT
server: nginx/1.19.0
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=mgid&bds_param=4ba11a45-e1f5-4330-a16d-5edc476a4b21
https://x.bidswitch.net/sync?dsp_id=340&user_id=f3296a3a-4176-42e3-bfa4-0e10f8e62a2d&expires=10&ssp=mgid&bsw_param=4ba11a45-e1f5-4330-a16d-5edc476a4b21
https://cm.mgid.com/m?cdsp=433145&c=4ba11a45-e1f5-4330-a16d-5edc476a4b21&gdpr=&gdpr_consent=&us_privacy=

43 B
308 B

55ms
54ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=4ba11a45-e1f5-4330-a16d-5edc476a4b21&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:14 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: cb0d07b7-34db-43bf-bf62-3b0cb176f744
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d86f9b5dc7e7383-CPH
content-type: image/gif
cf-request-id: 05683a65a20000738395a77200000001
server: cloudflare

Redirect headers

status: 302
date: Fri, 25 Sep 2020 18:58:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //cm.mgid.com/m?cdsp=433145&c=4ba11a45-e1f5-4330-a16d-5edc476a4b21&gdpr=&gdpr_consent=&us_privacy=
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=b3ce39e8-2a5a-428e-989d-a9a37a797e51&ttl=1603652293

43 B
291 B

82ms
81ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=b3ce39e8-2a5a-428e-989d-a9a37a797e51&ttl=1603652293
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:13 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 162ff77f-2f26-443a-bc03-369a397efcc6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d86f9b428ff7383-CPH
content-type: image/gif
cf-request-id: 05683a64990000738395a6a200000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:13 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=b3ce39e8-2a5a-428e-989d-a9a37a797e51&ttl=1603652293
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
556 B 154ms
48ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=k8pc0zpf2DWb
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:13 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d86f9b38cde10ef-CPH
content-type: image/gif
cf-request-id: 05683a6432000010ef1dbab200000001

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=zuu0WI7WoOs5JRaytSJn&pi=mgid&tc=1

43 B
298 B

85ms
83ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=zuu0WI7WoOs5JRaytSJn&pi=mgid&tc=1
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:13 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: f549e8ac-2689-456e-8d4b-f6fd604553a0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d86f9b418e07383-CPH
content-type: image/gif
cf-request-id: 05683a648b0000738395a68200000001
server: cloudflare

Redirect headers

status: 302
pragma: no-cache
date: Fri, 25 Sep 2020 18:58:13 GMT, Fri, 25 Sep 2020 18:58:13 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://cm.mgid.com/m?cdsp=501037&c=zuu0WI7WoOs5JRaytSJn&pi=mgid&tc=1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=azhwYzB6cGYyRFdi&muidn=k8pc0zpf2DWb
https://cm.mgid.com/google?muidn=k8pc0zpf2DWb&google_ula={guid},5&google_gid=CAESEPlLLXZdH9ZyJOKltOZjg_U&google_cver=1

0
391 B

76ms
51ms

Image
text/plain

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=k8pc0zpf2DWb&google_ula={guid},5&google_gid=CAESEPlLLXZdH9ZyJOKltOZjg_U&google_cver=1
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d86f9b418db7383-CPH
content-type: text/plain
cf-request-id: 05683a648b0000738395a67200000001

Redirect headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:13 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=k8pc0zpf2DWb&google_ula={guid},5&google_gid=CAESEPlLLXZdH9ZyJOKltOZjg_U&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK custom
seeptoag.net/ Frame 0
0 42ms
42ms Other
text/plain 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Fri, 25 Sep 2020 18:58:13 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
seeptoag.net/ 39 B
486 B 49ms
42ms Fetch
application/json 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 3b1b461f39f9551dfb3ad3bde58d4477
Date: Fri, 25 Sep 2020 18:58:13 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H/1.1 200
OK gid.js Show response
my.rtmark.net/ 65 B
769 B 175ms
54ms Fetch
application/json 139.45.196.25
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=584bf74f0eef41408c329cbd2c94b1ce&zoneId=3534037&checkDuplicate=true&ymid=&var=

Requested by

Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.25 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

5e28857b7a245b1c60fc9537b0c09f9d67610cb722ee8542ba4830e95dd30bf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Sep 2020 18:58:13 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 65

GET
H/1.1 200
OK defaultSkin.min.js Show response
seeptoag.net/pfe/current/ 56 KB
19 KB 46ms
46ms Fetch
application/javascript 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/pfe/current/defaultSkin.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Sep 2020 18:58:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Sep 2020 10:41:35 GMT
Server: nginx
ETag: W/"5f633d5f-de6b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ Frame BB8D 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H/1.1 200
OK custom
seeptoag.net/ Frame 0
0 41ms
41ms Other
text/plain 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Fri, 25 Sep 2020 18:58:13 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
seeptoag.net/ 39 B
486 B 42ms
42ms Fetch
application/json 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: efaab4fbc101ada9b42c0c9b4de12416
Date: Fri, 25 Sep 2020 18:58:13 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H2

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhiZWM4YzQ3YjhmMmU1YmZiNzM3M2ViNDhhOGI4OGRjLmpwZWc%2A.webp
s-img.mgid.com/g/3885456/328x328/0x0x908x605/
Redirect Chain

https://c.mgid.com/c?pv=2&v=0|0|0|vQ80wMyiqg4rRuNYXDav6i5lOvW0O2AKwiRTcQAj4CaPQp7RKGXfljy0MSaTam70&cid=218581&f=1&h2=Rc8X-LhO-VoTw7Wdsqs1hJjTTID0YbOXxhOebYXuIZk*&rid=z3509488zb5295256bcDKcp2ph20200...
https://s-img.mgid.com/g/3885456/328x328/0x0x908x605/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhiZWM4YzQ3YjhmMmU1YmZiNzM3M2ViNDhhOGI4OGRjLmpwZWc%2A.webp

8 KB
9 KB

26ms
25ms

Image
image/webp

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3885456/328x328/0x0x908x605/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhiZWM4YzQ3YjhmMmU1YmZiNzM3M2ViNDhhOGI4OGRjLmpwZWc%2A.webp
Requested by: Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a22d3e47bde4fee7d3a966360643f05948d7d926c2c19351364411b069bbd51

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:14 GMT
cf-cache-status: HIT
x-mg-request-uuid: 10f523a3-d11e-4e58-b953-f9801779409e
age: 978115
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8352
cf-request-id: 05683a65980000738395a76200000001
last-modified: Wed, 09 Sep 2020 05:11:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d86f9b5cc707383-CPH

Redirect headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:14 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: bd9af87f-608d-4342-be3a-eadc93fbcb97
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 301
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.mgid.com/g/3885456/328x328/0x0x908x605/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhiZWM4YzQ3YjhmMmU1YmZiNzM3M2ViNDhhOGI4OGRjLmpwZWc%2A.webp
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d86f9b4ca0c7383-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 05683a65000000738395a6e200000001
server: cloudflare

OPTIONS
H/1.1 200
OK custom
seeptoag.net/ Frame 0
0 41ms
41ms Other
text/plain 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Fri, 25 Sep 2020 18:58:14 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 128 KB
45 KB 41ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c2ae32ebcd7d313aca6ccc13ae85f9573971945f634d64cbd79e81a9843b0a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45178
x-xss-protection: 0
server: cafe
etag: 14035342786228302409
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 25 Sep 2020 18:58:14 GMT

POST
H/1.1 200
OK custom Show response
seeptoag.net/ 39 B
486 B 42ms
42ms Fetch
application/json 139.45.196.209
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/F3noLNPmdb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.209 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: b016e8b2755424f6a790e1f66f85da62
Date: Fri, 25 Sep 2020 18:58:14 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H2 200 v2qgqEkfw8HmjWwW6DNsZfZlpk_QpfuGaeCkv40sGu-iNetBwdc4pV1j084Q7B8Y4zxKT0YY Show response
lovelydrum.com/ 216 B
608 B 142ms
58ms Fetch
application/json 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lovelydrum.com/v2qgqEkfw8HmjWwW6DNsZfZlpk_QpfuGaeCkv40sGu-iNetBwdc4pV1j084Q7B8Y4zxKT0YY

Requested by

Host: lovelydrum.com
URL: https://lovelydrum.com/99ddcc8c23290c42513e885d1046f50ea6aff02470b00454d1950da36acbeb68864b13c1be94d760aca214bb5f8ea26aa7379e6a21547723e4ee7e557add

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

111.91.190.35.bc.googleusercontent.com

Software

Resource Hash

d59bf129cc345ea8169bbf0a98fb3b6c7a6fac7eab82869ec2c642ab5ae02566

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
status: 200
date: Fri, 25 Sep 2020 18:58:14 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: urban
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Fri, 25 Sep 2020 18:58:13 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200923/r20190131/ 229 KB
86 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200923/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54b6cf10b667bc74240725a385f0c33b9349f2d33dd14c9e89315fca83337b4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87838
x-xss-protection: 0
server: cafe
etag: 497831285299538397
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Sep 2020 18:58:14 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200923/r20190131/ Frame FF74 0
0 26ms
6ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200923/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200923/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/F3noLNPmdb
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkikLZrNtpJ4A078kbJSe0V-sPyuXthI6tIAtSO_-Tsz2EqL7sdhuGgY0xc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/F3noLNPmdb

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 24 Sep 2020 21:37:36 GMT
expires: Thu, 08 Oct 2020 21:37:36 GMT
content-type: text/html; charset=UTF-8
etag: 17942277541989656716
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4728
x-xss-protection: 0
age: 76838
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
890 B 37ms
16ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=paste.co.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200923/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 25 Sep 2020 18:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
890 B 34ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paste.co.id

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200923/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 25 Sep 2020 18:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 914B 0
0 75ms
74ms Document
text/html 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1601060294&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&tp=site_kit&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fpaste.co.id%2FF3noLNPmdb&ea=0&flash=0&pra=5&wgl=1&dt=1601060294159&bpp=14&bdt=2674&idt=114&shv=r20200923&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4266856166520&frm=20&pv=2&ga_vid=429436922.1601060293&ga_sid=1601060294&ga_hid=1355587482&ga_fc=0&iag=0&icsg=3377710458195906&dssz=44&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067105&oid=3&pvsid=204092714234588&pem=793&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=131

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200923/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1601060294&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&tp=site_kit&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fpaste.co.id%2FF3noLNPmdb&ea=0&flash=0&pra=5&wgl=1&dt=1601060294159&bpp=14&bdt=2674&idt=114&shv=r20200923&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4266856166520&frm=20&pv=2&ga_vid=429436922.1601060293&ga_sid=1601060294&ga_hid=1355587482&ga_fc=0&iag=0&icsg=3377710458195906&dssz=44&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067105&oid=3&pvsid=204092714234588&pem=793&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=131
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/F3noLNPmdb
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkikLZrNtpJ4A078kbJSe0V-sPyuXthI6tIAtSO_-Tsz2EqL7sdhuGgY0xc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/F3noLNPmdb

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 25 Sep 2020 18:58:14 GMT
server: cafe
content-length: 540
x-xss-protection: 0
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 47ms
34ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200923&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200923/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e05ceca5c3e53e5e5fab7884522ddb799226656aaa72e8621ccc0f359ab72ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 25 Sep 2020 18:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6770
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200923/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3b142f2fc1b181088ebc5bd873a725bba5e4ea24b20874e7880b163f778765e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600860702447659"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27610
x-xss-protection: 0
expires: Fri, 25 Sep 2020 18:58:14 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200923/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcdc54759ab0ead6a9c0f35707e01926c8c4e13c6ce7ad59477a81a9e4acd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600730918364481"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5975
x-xss-protection: 0
expires: Fri, 25 Sep 2020 18:58:14 GMT

OPTIONS
H3-Q050 200 Rz2da77UT0usLVxL
analytics.rhzahra.com/pixel-track/ Frame 0
0 215ms
215ms Other
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.rhzahra.com/pixel-track/Rz2da77UT0usLVxL
Protocol: H3-Q050
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.21
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
Sec-Fetch-Mode: cors

Response headers

status: 200
x-powered-by: PHP/7.3.21
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Fri, 25 Sep 2020 18:58:14 GMT
server: LiteSpeed

POST
H3-Q050 200 Rz2da77UT0usLVxL Show response
analytics.rhzahra.com/pixel-track/ 0
101 B 1176ms
280ms XHR
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.rhzahra.com/pixel-track/Rz2da77UT0usLVxL
Requested by: Host: analytics.rhzahra.com
URL: https://analytics.rhzahra.com/pixel/Rz2da77UT0usLVxL
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.21
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:15 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.21
status: 200
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/216/ Frame 743C 0
0 6ms
5ms Document
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/216/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/F3noLNPmdb
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paste.co.id/F3noLNPmdb

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4674
date: Fri, 25 Sep 2020 17:59:10 GMT
expires: Sat, 25 Sep 2021 17:59:10 GMT
last-modified: Mon, 21 Sep 2020 21:29:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3544
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
22 B 39ms
39ms Image
image/gif 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=216&t=2&li=gda_r20200923&jk=204092714234588&bg=!ZGelZ39YJJj7NYcAKS0CAAAAVVIAAAANCgB_SwSQgkEWr8IiBVTdKty5qEky8mRgwIs4Vbeip-ckfDb68GobJsENVjdpZMjYys40e5JzG4ON7BOow01rHLb2xWXfGxK8KccnHuYsUWihLhg8fEQtEY5ULRnAyJrTFaIOp61TdnMLHuIiHBkh0nlqO6YS2Rt9RKrxmrPabtIHE5kByc7N00AaQupklzxY1vC_1PRSaQM4kXPtLledDPnKUniC7KNsnNLcEzgsyiSzpt6A44Y0bhw7nb5_DZmAFK3ERLPJgWdF159-nF2sqYghv13lpPWAgcVwcoIdoVM60H6zLEyaM0Doro4PE3BNy0115i16B9JEpewai4MiBDP4j6NCo9FFsjCEwrDvLl2JGNjaNBWu4MR4m76yjHTtQHMHcBYkuqfa7w9a0O1FfiPe9zthuxuwg0FBXboNfwHR0nYSUlN_N4I2R93zBsaiXSUiUrrnwDoR8gMBWQmJ06X98I316PXoHoxdZahcr-erdF1yzsEA1mGSOs3h8byv7K-dZjr7nEJ0mJclHKw0iZPK8iGiuSXbeBJ_aWtBLeqGRwkzo2HNwhBonsg6-ETfdd3NtdrpPhb3KwQxi071NCpfwH__C0H8nCPGjJDMrrbs2wQgvlW9ArntCD0oeYrjNuSdToRsjnZdOw_tJYL9NXTP41J4KTmoCmWkd1fhEjFqCUsRkwM2jFcA3J_zQJcviv0gkG65MhUNZuCp7anaa8IgUrzQjSHD4zlQs9UhUd898TbdKsqxPfE94YcH1yuZ4zZa6M7NhHKf-QQNoes

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 c
c.mgid.com/ 43 B
156 B 156ms
155ms Image
image/gif 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=202|134|8|6lwBp5nk1fkvx9hoT6CIpdRsnGcRImhvAopri2DnTobkCksNapOlnVUwoAMG8ymK&fw=1&extjs=66046&v=202|134|8|6lwBp5nk1fkvx9hoT6CIpWcwJiBQLEsgmplmOR-32w4HVVQOxEbvb6wLLSDNhrwd&v=202|134|8|6lwBp5nk1fkvx9hoT6CIpeKP0iK0gWUEspqSOMXzkjaZLz6GWDR3Xel-hYePd80a&v=202|134|40|6lwBp5nk1fkvx9hoT6CIpZEmpB303RJ0p8Zuo7LBwuyePfyB9UFhuy6d5hW9YHyC&imgdim=1&cid=997452&h2=Rc8X-LhO-VoTw7Wdsqs1hJjTTID0YbOXxhOebYXuIZk*&rid=0f916b72-ff61-11ea-8173-d094662c24f7&tt=Direct&pageImp=1&muid=k8pc0zpf2DWb&cbuster=1601060294612545576503&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:14 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: a5f70e84-a5b7-4c2b-b199-c17baa466f78
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d86f9b96ad37383-CPH
content-type: image/gif
cf-request-id: 05683a67df0000738395ae5200000001
server: cloudflare

GET
H2 200 c
c.mgid.com/ 43 B
155 B 149ms
149ms Image
image/gif 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=153|83|8|E27ZnC1hCShRmYHccbosFCWRMIyTNNAUKGA9XE6aD5tPt_sk2SgD14Rh1opdluk_&fw=1&extjs=66046&v=153|83|8|E27ZnC1hCShRmYHccbosFNe6ATe2_4FvkjOZV_oOh3v83EocEzlagZarkTlnWrdd&v=153|83|8|E27ZnC1hCShRmYHccbosFJ9f_FiFYXbjQXn--kMuCv0t0wv9olMevNWuimst8WzI&v=153|83|8|E27ZnC1hCShRmYHccbosFLQYWaL4wYR6l6WYzCjOYICm3HrGWg__nOoWQ6RhG0nv&imgdim=1&cid=914924&h2=Rc8X-LhO-VoTw7Wdsqs1hJjTTID0YbOXxhOebYXuIZk*&rid=0f858468-ff61-11ea-862d-d094662f8ab5&tt=Direct&pageImp=0&muid=k8pc0zpf2DWb&cbuster=1601060294614412275142&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:14 GMT
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-mg-request-uuid: 1e7bd5f1-b21e-4dfb-a9fc-0e0ac2191756
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d86f9b96ad77383-CPH
content-type: image/gif
cf-request-id: 05683a67e10000738395ae7200000001
server: cloudflare

OPTIONS
H3-Q050 200 Rz2da77UT0usLVxL
analytics.rhzahra.com/pixel-track/ Frame 0
0 256ms
256ms Other
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.rhzahra.com/pixel-track/Rz2da77UT0usLVxL
Protocol: H3-Q050
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.21
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
Sec-Fetch-Mode: cors

Response headers

status: 200
x-powered-by: PHP/7.3.21
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Fri, 25 Sep 2020 18:58:15 GMT
server: LiteSpeed

POST
H3-Q050 200 Rz2da77UT0usLVxL Show response
analytics.rhzahra.com/pixel-track/ 0
77 B 247ms
238ms XHR
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.rhzahra.com/pixel-track/Rz2da77UT0usLVxL
Requested by: Host: analytics.rhzahra.com
URL: https://analytics.rhzahra.com/pixel/Rz2da77UT0usLVxL
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.21
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:15 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.21
status: 200
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK 9_PKE5fs-R-W_n3ANVTJ0H9Rnv11FWnK8bcfoPVYKhiQP-RdQNCdfw8dUdSu-o1evQY9u_IwansUfk7War7hw1xDzeqO2DDI5GSA4KqkWASDCOg2uGqTdzu82wqHP50JnQF3ieJXsEpI_EVZNVPhShu5JJTa9aR96N7UaBPYZnbu8zi8UidVGEhcBXmcAuZ90IqxJ...
onstunkyr.com/impression/ 43 B
482 B 173ms
45ms Image
image/gif 139.45.196.40
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onstunkyr.com/impression/9_PKE5fs-R-W_n3ANVTJ0H9Rnv11FWnK8bcfoPVYKhiQP-RdQNCdfw8dUdSu-o1evQY9u_IwansUfk7War7hw1xDzeqO2DDI5GSA4KqkWASDCOg2uGqTdzu82wqHP50JnQF3ieJXsEpI_EVZNVPhShu5JJTa9aR96N7UaBPYZnbu8zi8UidVGEhcBXmcAuZ90IqxJZ2ZBKolQVV9uZdujvKlqjR_CpjhXwBXYEo3NRUxHewe202jA54jUwuh_SfRRfPGrWIFyEDTGm1RL3lerXndPvnmPeu2DAU9cT-WSNfImFg0AH0Iosn0fq7-Clzr?z=3509488&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&pl=https%3A%2F%2Fpaste.co.id%2FF3noLNPmdb&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.40 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 34b9c37fd4a71f647132642b64300ce0
Pragma: no-cache
Date: Fri, 25 Sep 2020 18:58:22 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: image/gif
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Vary: Origin
Content-Length: 43
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhiZWM4YzQ3YjhmMmU1YmZiNzM3M2ViNDhhOGI4OGRjLmpwZWc%2A.webp
s-img.mgid.com/g/3885456/328x328/0x0x908x605/ Frame 6910
Redirect Chain

https://c.mgid.com/c?pv=2&v=0|0|0|vQ80wMyiqg4rRuNYXDav6i5lOvW0O2AKwiRTcQAj4CaPQp7RKGXfljy0MSaTam70&cid=218581&f=1&h2=Rc8X-LhO-VoTw7Wdsqs1hJjTTID0YbOXxhOebYXuIZk*&rid=z3509488zb5295256bcDKcp2ph20200...
https://s-img.mgid.com/g/3885456/328x328/0x0x908x605/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhiZWM4YzQ3YjhmMmU1YmZiNzM3M2ViNDhhOGI4OGRjLmpwZWc%2A.webp

8 KB
8 KB

25ms
25ms

Image
image/webp

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3885456/328x328/0x0x908x605/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhiZWM4YzQ3YjhmMmU1YmZiNzM3M2ViNDhhOGI4OGRjLmpwZWc%2A.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a22d3e47bde4fee7d3a966360643f05948d7d926c2c19351364411b069bbd51

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:22 GMT
cf-cache-status: HIT
x-mg-request-uuid: 10f523a3-d11e-4e58-b953-f9801779409e
age: 978123
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8352
cf-request-id: 05683a863d0000738395800200000001
last-modified: Wed, 09 Sep 2020 05:11:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d86f9e9fc187383-CPH

Redirect headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:22 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 1eb6954e-768e-4cb5-a8f3-ed4890447f2e
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 301
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.mgid.com/g/3885456/328x328/0x0x908x605/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhiZWM4YzQ3YjhmMmU1YmZiNzM3M2ViNDhhOGI4OGRjLmpwZWc%2A.webp
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d86f9e97b607383-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 05683a85e60000738395bff200000001
server: cloudflare

POST
H3-Q050 200 Rz2da77UT0usLVxL Show response
analytics.rhzahra.com/pixel-track/ 0
102 B 278ms
278ms XHR
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.rhzahra.com/pixel-track/Rz2da77UT0usLVxL
Requested by: Host: analytics.rhzahra.com
URL: https://analytics.rhzahra.com/pixel/Rz2da77UT0usLVxL
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.21
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:23 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.21
status: 200
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H2 200 Rz2da77UT0usLVxL
analytics.rhzahra.com/pixel-track/ Frame 0
0 610ms
212ms Other
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.rhzahra.com/pixel-track/Rz2da77UT0usLVxL
Protocol: H2
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.21
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
Sec-Fetch-Mode: cors

Response headers

status: 200
x-powered-by: PHP/7.3.21
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Fri, 25 Sep 2020 18:58:22 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H/1.1 200
OK 3509488 Show response
inpagepush.com/500/ 2 KB
2 KB 326ms
241ms XHR
application/javascript 139.45.196.10
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3509488?excludes=5295256&oaid=0c8774c0a333458c83cb67c9b776bb87&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=8&pl=https%3A%2F%2Fpaste.co.id%2FF3noLNPmdb&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.10 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

d929ab79e7a40c4ef8cd9bfb91c68bcb90a16cc7a139903b4c9477a7796dc74a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 25 Sep 2020 18:58:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 6bb6f8d4f61ac2fc473377912c795c0a
Pragma: no-cache
Server: nginx
Vary: Origin
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H/1.1 200
OK 3509488
inpagepush.com/500/ Frame 0
0 124ms
42ms Other 139.45.196.10
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Server

139.45.196.10 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Fri, 25 Sep 2020 18:58:22 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Max-Age: 300
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *

GET
H2

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU%2A.webp
s-img.steepto.com/g/3805484/328x328/0x164x2046x1364/
Redirect Chain

https://c.mgid.com/c?pv=2&v=0|0|0|3K0FFsoK_N21OPr99mF92zJu2eyM8k1qYuhpUYDlMr-IjNdGXhJC-Dp0TViV-Ncn&cid=949756&f=1&h2=Rc8X-LhO-VoTw7Wdsqs1hJjTTID0YbOXxhOebYXuIZk*&rid=z3509488zb6445615bcDKcp2ph20200...
https://s-img.steepto.com/g/3805484/328x328/0x164x2046x1364/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU%2A.webp

5 KB
6 KB

66ms
24ms

Image
image/webp

104.19.139.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/3805484/328x328/0x164x2046x1364/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU%2A.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.139.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebff93aae82af8ec3f7f2623c6afe7944c31910be70cb849c1fcec06f10b27dd

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 18:58:23 GMT
cf-cache-status: HIT
x-mg-request-uuid: c35cb013-7bed-4420-8bb5-0c6ed4d08bfe
age: 373561
status: 200
content-length: 5260
cf-request-id: 05683a88b10000d8a5013ad200000001
last-modified: Fri, 18 Sep 2020 21:22:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5d86f9ededd6d8a5-CPH
expires: Sat, 25 Sep 2021 18:58:23 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:22 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 3dd4051e-0862-4fe0-9c8a-812efe4739ae
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 301
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.steepto.com/g/3805484/328x328/0x164x2046x1364/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2IxYjZhNjMxNzMyZTMzNzI0ZTEzYjNkNmViNDRhOWMwLmpwZz90PTE0OTc5ODQzOTA3MTU%2A.webp
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d86f9ed48e57383-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 05683a88510000738395812200000001
server: cloudflare

POST
H3-Q050 200 Rz2da77UT0usLVxL Show response
analytics.rhzahra.com/pixel-track/ 0
78 B 235ms
234ms XHR
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.rhzahra.com/pixel-track/Rz2da77UT0usLVxL
Requested by: Host: analytics.rhzahra.com
URL: https://analytics.rhzahra.com/pixel/Rz2da77UT0usLVxL
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.21
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/F3noLNPmdb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 18:58:23 GMT
server: LiteSpeed
x-powered-by: PHP/7.3.21
status: 200
access-control-allow-methods: POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H3-Q050 200 Rz2da77UT0usLVxL
analytics.rhzahra.com/pixel-track/ Frame 0
0 220ms
219ms Other
text/html 103.16.198.218
IDNIC-JALANET-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.rhzahra.com/pixel-track/Rz2da77UT0usLVxL
Protocol: H3-Q050
Server: 103.16.198.218 , Indonesia, ASN131775 (IDNIC-JALANET-AS-ID PT. Jupiter Jala Arta, ID),
Reverse DNS: ip-103.16.198.218.rhzahra.com
Software: LiteSpeed / PHP/7.3.21
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
Sec-Fetch-Mode: cors

Response headers

status: 200
x-powered-by: PHP/7.3.21
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type
content-type: text/html; charset=UTF-8
content-length: 0
date: Fri, 25 Sep 2020 18:58:23 GMT
server: LiteSpeed

POST Rz2da77UT0usLVxL
analytics.rhzahra.com/pixel-track/ 0
0

OPTIONS Rz2da77UT0usLVxL
analytics.rhzahra.com/pixel-track/ Frame 0
0

POST Rz2da77UT0usLVxL
analytics.rhzahra.com/pixel-track/ 0
0

OPTIONS Rz2da77UT0usLVxL
analytics.rhzahra.com/pixel-track/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics.rhzahra.com
URL: https://analytics.rhzahra.com/pixel-track/Rz2da77UT0usLVxL

Domain: analytics.rhzahra.com
URL: https://analytics.rhzahra.com/pixel-track/Rz2da77UT0usLVxL

Domain: analytics.rhzahra.com
URL: https://analytics.rhzahra.com/pixel-track/Rz2da77UT0usLVxL

Domain: analytics.rhzahra.com
URL: https://analytics.rhzahra.com/pixel-track/Rz2da77UT0usLVxL

Verdicts & Comments Add Verdict or Comment

266 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
paste.co.id/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22KYhtMNF5p%22%7D%2C%22C914924%22%3A%7B%22page%22%3A1%2C%22time%22%3A1601060293414%7D%2C%22C997454%22%3A%7B%22page%22%3A1%2C%22time%22%3A1601060293461%7D%2C%22C997452%22%3A%7B%22page%22%3A1%2C%22time%22%3A1601060293487%7D%2C%22C997457%22%3A%7B%22page%22%3A1%2C%22time%22%3A1601060293385%7D%7D
.paste.co.id/	1970-01-19 12:44:20	Name: _gat_gtag_UA_174907544_1 Value: 1
.paste.co.id/	1970-01-19 12:44:20	Name: _gat_gtag_UA_137362802_1 Value: 1
.paste.co.id/	1970-01-19 12:45:46	Name: _gid Value: GA1.3.69009142.1601060293
.paste.co.id/	1970-01-20 06:15:32	Name: _ga Value: GA1.3.429436922.1601060293

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.997457.js(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.997454.js(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://paste.co.id/F3noLNPmdb(Line 485) Message: complete

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.de
ams.creativecdn.com
analytics.rhzahra.com
berkas.co
c.mgid.com
cdn.mgid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cm.smadex.com
creativecdn.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
inpagepush.com
jsc.mgid.com
lovelydrum.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
my.rtmark.net
onstunkyr.com
pagead2.googlesyndication.com
paste.co.id
pixel.advertising.com
s-img.mgid.com
s-img.steepto.com
secure-assets.rubiconproject.com
seeptoag.net
servicer.mgid.com
stats.g.doubleclick.net
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.qrcoder.co.uk
x.bidswitch.net
analytics.rhzahra.com
103.16.198.218
104.111.230.142
104.16.221.74
104.19.136.78
104.19.139.80
109.203.125.88
139.45.196.10
139.45.196.209
139.45.196.25
139.45.196.40
172.217.18.162
173.249.18.21
18.156.0.31
18.197.99.6
185.184.8.30
2001:4de0:ac19::1:b:1a
216.58.205.230
23.105.245.4
2606:4700:3034::681f:4ec2
2606:4700::6811:4e6b
2a00:1450:4001:800::2003
2a00:1450:4001:802::200a
2a00:1450:4001:806::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:817::2001
2a00:1450:4001:817::2002
2a00:1450:4001:819::2004
2a00:1450:4001:81a::2008
2a00:1450:4001:820::200e
2a00:1450:400c:c0c::9b
35.157.226.135
35.190.91.111
54.229.128.207
99.86.243.97
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669
07476b5c3ce3d3558b34a4b7f07912679b7666fb308aa0d7268245a53797346d
0d06e2a86d4f58a769ed972042968870d44ecee028390f8a0571c4b17cc37168
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1016019df2da17f7de94d379a3d67c449981b26875f177fa7c467ba50e33f8b7
13f49578079ce90bfc63c1d271af36739f07745ff0b709361ad2c1e43e53a39b
140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
19219054e77930eeee4131b7511eb37603baefffba9fd6bbca4dccdb398bd42b
1fcdc54759ab0ead6a9c0f35707e01926c8c4e13c6ce7ad59477a81a9e4acd47
233aee6e2b932b7e2a739a602bac3171ede85ed399e1dd87f18dbbbd97d8b124
25212be17b7f877ba6223b1d117b80b6ffb88965a991a9f190dd536216ab645a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
288f82e435d70c52e0524d62c668ce42a70909089ca12049f6b5f392db598316
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d373025d5e963bd365c0c4de97143053c8ab795e5b2f9995cd1405f42694f26
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
31bb7aa213ee94bce1234e2b26f6252fa6e42bc080c168fa518ac55894087ee2
33586aca39bc21fa9ecfc3d422c8896796493e9d3194a0b44acac66135ef30fb
33ffcdb3f85341c72b342998172e37225f57b07d550010e7c6eb71cc911328bc
400cf46f4296c8d1aae202531b893401d905ddd7f9aaaf7aaf52261f0621b24b
44c7a313987266137f475859395cfa30414abf12182bf74b06b33d804b0c29f9
491512bb0496e53007b2c98044d50a78b08391efdfc87a8910de29cc4c0858cb
49464dc838405f086fd1848a0ff1503b24d59b03149e12bd9f11fa156ae9f2df
4a22d3e47bde4fee7d3a966360643f05948d7d926c2c19351364411b069bbd51
4a8a80d8dd6b2cb845389883bf9b9be528a6aa9733999d45dd1a978cfac0376a
4ce56fba9ed966579a4cf13d1554d50f771e2fd6f533bc15b2c026b7348dae33
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f54d42de3def75b2bda96fb39e07b143628a4127a39694935f715bb737665ab
50e0260e0a464b99aab0bfb3e328d92257e882100e57ec29590e84253897f4e5
54b6cf10b667bc74240725a385f0c33b9349f2d33dd14c9e89315fca83337b4e
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
56e69505309ad13371b84dc4c0b215e3ec23919f59c5e61b6ed1add33d28a74b
575504be3cb52317e5c9a89c9d34d493aa6a3de88ce1d3d1514b1758a184bbac
59c86e1031ece495bd0819e1d5791c91fa67d5008b18fc92647b87ef1630ca26
5c2ae32ebcd7d313aca6ccc13ae85f9573971945f634d64cbd79e81a9843b0a3
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e28857b7a245b1c60fc9537b0c09f9d67610cb722ee8542ba4830e95dd30bf2
5e40471cdf8345289381b9436371a58cb241750aa4d6c11eb1f7cab590d3e7cd
5eb58957336c213965803eb8f38617c70deea70a22470a4e66a0712a870e9c09
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6a8c15698878e43b6389e8d6350a372280ef38ec057d1e2ab5654dcd756d378d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
748851c4d2e38c4f7587afb6b6e54dfc26e7329018d27911115f1840e251d4a8
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e8212a25771bd0ebdaa265a7123eff8401736604b7709c06ec6817ae89d3e5f
7fb176a5a03a77422ae9f0180501ff1def1dbb2d80888d72f86642d9b575437f
8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b
831faae484fdc81b4de559bbf4a7809e9fdade0bc4d075e4e7e0bae29a733cc7
83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045
8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716
8c84459f0c92349eac14ab94fa19f3dace511b376e32e84cf3b41e96a67730ff
8cdcd0806f2adf0227849068c25e749883e54e53a1c8fd2c1c13be7737027b08
8d9872802fb3827c82e49a61b9059876ff1ae2d55dbde99dfbfd738798e35a56
8e05ceca5c3e53e5e5fab7884522ddb799226656aaa72e8621ccc0f359ab72ca
900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
a20070fc475f7befb15e531f7212f19fa7502ee9a53fcabf36d42a09ac9260b2
a3abe2568784c5bcff22fd1a13f48926b982735503853da160d70350a6ba2046
a99a8d3f69c5bf2b9a273bd58032e9ecfb87c0ee809c536d34026ae672c62c53
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
b31062abec9d4536524232f02801803517829af29b44c85b59696d52bc7107cc
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
b76fe130b958529e2caa848e498a3b19f61349813a67d8045a03ed43063dc060
bcd46836035cee8b827d5ba8387c104f0b84945e237a65c3e94d928fa1f6d57e
be3e14591f5ac2a5f6f908ce2b44145f85ad56a5581d6ab933ae96e49405cd15
c0a686b1919006017fce58352875bf6b12dcc8520975f342a4245834c91a117c
c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
c64875d5e62355564acbbe6ce89234e31456c9800dc02bd41e3903c6b6ba0e4d
ce1a579cd14c5acee4d9dda29a63308be675228a1911cd3c27961cf9d9056104
d3b142f2fc1b181088ebc5bd873a725bba5e4ea24b20874e7880b163f778765e
d4bfcf53349fb8feb7179cdf1d97655a5f5b8cedaf2c7b5fca235c800cb2090d
d59bf129cc345ea8169bbf0a98fb3b6c7a6fac7eab82869ec2c642ab5ae02566
d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517
d74b929ab65261edb824b614feac90c2c59aed350b471c3461b3b31438c6c2e5
d801a7aee4bfe2c958fd643f0cbeec4594298233004ada814fbff90eeb0b1c0b
d929ab79e7a40c4ef8cd9bfb91c68bcb90a16cc7a139903b4c9477a7796dc74a
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfb78c55b36f24b9a220a7c99df932867bdb3faf91bc2808da3338ee1062379c
e15216092d4eea89569605ce7fe81040ec84a0f6d8943c66273ee11386814913
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb3597c3ce6025373cb841863a330d33fd48dd32855e6eace9e3fed71fb5206d
ebff93aae82af8ec3f7f2623c6afe7944c31910be70cb849c1fcec06f10b27dd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f2d2fff7330777865db60662cacd85824bc584202657102ce7f2ee4337f09411
f703fbb43cf2d58d1d878a7b311af11c5f938a65a3fa36d6f0bb4e2ac6bbbc12
f96c53b9b03f4b4ab67841c2ffd39ec588c945206edb5d8f6e7725859e29f69d
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

paste.co.id Open in urlscan Pro 2606:4700:3034::681f:4ec2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

134 Requests

97 %HTTPS

40 %IPv6

31 Domains

44 Subdomains

30 IPs

10 Countries

1692 kBTransfer

4351 kBSize

5 Cookies

39 Outgoing links

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paste.co.id Open in urlscan Pro
2606:4700:3034::681f:4ec2 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

97 %
HTTPS

40 %
IPv6

31
Domains

44
Subdomains

30
IPs

10
Countries

1692 kB
Transfer

4351 kB
Size

5
Cookies

134 HTTP transactions
5 data transactions