paste.co.id Open in urlscan Pro
5.189.137.168 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paste.co.id/lyEzHIQswT
Submission Tags: falconsandbox
Submission: On April 30 via api (April 30th 2021, 1:34:17 am UTC) from US

Summary HTTP 137 Redirects Links 60 Behaviour Indicators

Summary

This website contacted 40 IPs in 6 countries across 37 domains to perform 137 HTTP transactions. The main IP is 5.189.137.168, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is paste.co.id.
TLS certificate: Issued by R3 on April 21st 2021. Valid for: 3 months.

This is the only time paste.co.id was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	5.189.137.168 5.189.137.168	51167 (CONTABO) (CONTABO)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
6	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
10	139.45.196.145 139.45.196.145	9002 (RETN-AS) (RETN-AS)
23	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	109.203.125.88 109.203.125.88	31727 (NODE4-AS) (NODE4-AS)
1	173.249.18.21 173.249.18.21	51167 (CONTABO) (CONTABO)
2	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4b09	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.197.234 139.45.197.234	9002 (RETN-AS) (RETN-AS)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	139.45.196.136 139.45.196.136	9002 (RETN-AS) (RETN-AS)
5	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
3	139.45.197.243 139.45.197.243	9002 (RETN-AS) (RETN-AS)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1 3	99.84.144.111 99.84.144.111	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4b21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1 1	23.79.143.124 23.79.143.124	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	3.124.46.162 3.124.46.162	16509 (AMAZON-02) (AMAZON-02)
2 2	34.239.68.98 34.239.68.98	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:444... 2600:1f18:444a:4680:7493:838e:3006:4686	14618 (AMAZON-AES) (AMAZON-AES)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
6	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	47.252.78.131 47.252.78.131	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	52.18.54.41 52.18.54.41	16509 (AMAZON-02) (AMAZON-02)
1	104.19.217.61 104.19.217.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	139.45.197.156 139.45.197.156	9002 (RETN-AS) (RETN-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
1	139.45.197.14 139.45.197.14	9002 (RETN-AS) (RETN-AS)
137	40

16 5.189.137.168 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi465240.contaboserver.net

paste.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.196.145 (United Kingdom)

ASN9002 (RETN-AS, GB)

seeptoag.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.203.125.88 (United Kingdom)

ASN31727 (NODE4-AS, GB)
PTR: euk-88894.eukservers.com

www.qrcoder.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.249.18.21 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: berkas.co

berkas.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4b09 (United States)

ASN13335 (CLOUDFLARENET, US)

iclickcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.234 (United Kingdom)

ASN9002 (RETN-AS, GB)

bedrapiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.196.136 (United Kingdom)

ASN9002 (RETN-AS, GB)

pseepsie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

toglooman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)

onmarshtompor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.84.144.111 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-144-111.txl52.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4b21 (United States)

ASN13335 (CLOUDFLARENET, US)

static.lalaping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.79.143.124 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.124.46.162 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.239.68.98 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:444a:4680:7493:838e:3006:4686 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.133.78 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.252.78.131 (United States) 1 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

event.clientgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.54.41 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-54-41.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.217.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.156 (United Kingdom)

ASN9002 (RETN-AS, GB)

static.cdnativepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

o.wowreality.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.14 (United Kingdom)

ASN9002 (RETN-AS, GB)

dutorterraom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	mgid.com jsc.mgid.com cdn.mgid.com c.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com	340 KB
16	paste.co.id paste.co.id	410 KB
10	seeptoag.net seeptoag.net	66 KB
9	google.com adservice.google.com www.google.com	37 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	202 KB
6	inpagepush.com inpagepush.com	63 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	toglooman.com toglooman.com	124 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	7 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	gstatic.com fonts.gstatic.com	60 KB
4	cloudflare.com cdnjs.cloudflare.com	49 KB
3	cdnativepush.com static.cdnativepush.com	20 KB
3	liadm.com 2 redirects i.liadm.com i6.liadm.com	2 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	rtmark.net my.rtmark.net	2 KB
3	google.de adservice.google.de www.google.de	1 KB
3	onmarshtompor.com onmarshtompor.com	1 KB
3	pseepsie.com pseepsie.com	46 KB
2	wowreality.info o.wowreality.info	398 B
2	adsrvr.org 2 redirects match.adsrvr.org	905 B
2	creativecdn.com 2 redirects creativecdn.com	687 B
2	googleapis.com fonts.googleapis.com	2 KB
2	googletagmanager.com www.googletagmanager.com	70 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
1	dutorterraom.com dutorterraom.com	326 B
1	lentainform.com cm.lentainform.com	623 B
1	clientgear.com 1 redirects event.clientgear.com	258 B
1	idealmedia.io cm.idealmedia.io	557 B
1	lalaping.com static.lalaping.com	33 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	googleadservices.com partner.googleadservices.com	640 B
1	bedrapiona.com bedrapiona.com	2 KB
1	iclickcdn.com iclickcdn.com	19 KB
1	berkas.co berkas.co	4 KB
1	qrcoder.co.uk www.qrcoder.co.uk
137	37

	Domain	Requested by
16	paste.co.id	paste.co.id cdnjs.cloudflare.com
12	s-img.mgid.com	paste.co.id
10	seeptoag.net	paste.co.id seeptoag.net
7	www.google.com	paste.co.id tpc.googlesyndication.com
6	cm.mgid.com	jsc.mgid.com paste.co.id
6	inpagepush.com	paste.co.id iclickcdn.com inpagepush.com
6	pagead2.googlesyndication.com	paste.co.id pagead2.googlesyndication.com tpc.googlesyndication.com
5	x.bidswitch.net	5 redirects
5	toglooman.com	iclickcdn.com toglooman.com
4	fonts.gstatic.com	fonts.googleapis.com
4	c.mgid.com	jsc.mgid.com paste.co.id
4	cdnjs.cloudflare.com	paste.co.id
3	static.cdnativepush.com	paste.co.id inpagepush.com
3	sb.scorecardresearch.com	1 redirects jsc.mgid.com paste.co.id
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	my.rtmark.net	inpagepush.com onmarshtompor.com paste.co.id
3	servicer.mgid.com	jsc.mgid.com
3	onmarshtompor.com	iclickcdn.com
3	pseepsie.com	iclickcdn.com pseepsie.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	o.wowreality.info	static.lalaping.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	match.adsrvr.org	2 redirects
2	creativecdn.com	2 redirects
2	i.liadm.com	2 redirects
2	eus.rubiconproject.com	cm.mgid.com eus.rubiconproject.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	cdn.mgid.com	paste.co.id
2	fonts.googleapis.com	paste.co.id
2	www.googletagmanager.com	paste.co.id www.googletagmanager.com
2	jsc.mgid.com	paste.co.id
2	maxcdn.bootstrapcdn.com	paste.co.id maxcdn.bootstrapcdn.com
1	dutorterraom.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	cm.lentainform.com	paste.co.id
1	event.clientgear.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	cm.idealmedia.io	paste.co.id
1	i6.liadm.com	paste.co.id
1	secure-assets.rubiconproject.com	1 redirects
1	www.google.de	paste.co.id
1	static.lalaping.com	toglooman.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	bedrapiona.com	iclickcdn.com
1	iclickcdn.com	paste.co.id
1	berkas.co	paste.co.id
1	www.qrcoder.co.uk	paste.co.id
137	50

This site contains links to these domains. Also see Links.

Domain
widgets.mgid.com
www.mgid.com
www.imdb.com
berkas.co

Subject Issuer	Validity	Valid
www.paste.co.id R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
inpagepush.com R3	`2021-04-02` - `2021-07-01`	3 months	crt.sh
seeptoag.net R3	`2021-03-04` - `2021-06-02`	3 months	crt.sh
qrcoder.co.uk cPanel, Inc. Certification Authority	`2021-03-14` - `2021-06-12`	3 months	crt.sh
berkas.co R3	`2021-04-27` - `2021-07-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
bedrapiona.com R3	`2021-04-06` - `2021-07-05`	3 months	crt.sh
pseepsie.com R3	`2021-03-09` - `2021-06-07`	3 months	crt.sh
toglooman.com R3	`2021-03-13` - `2021-06-11`	3 months	crt.sh
onmarshtompor.com R3	`2021-04-06` - `2021-07-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.liadm.com Amazon	`2020-11-30` - `2021-12-29`	a year	crt.sh
cdnativepush.com R3	`2021-04-25` - `2021-07-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
wowreality.info R3	`2021-02-06` - `2021-05-07`	3 months	crt.sh
dutorterraom.com R3	`2021-04-27` - `2021-07-26`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://paste.co.id/lyEzHIQswT
Frame ID: 3F08A328BC9E64E5E5A0D5A00C615945
Requests: 118 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/zrt_lookup.html
Frame ID: 1251CC43B7FC543A0F18FCEE4A9614BF
Requests: 1 HTTP requests in this frame

Frame: https://onmarshtompor.com/fac.php?OAID=24587bff2895429780482857a7e099a1&oaidts=1619746436
Frame ID: 2668C403B07C3CE7A868E3847210424A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1619746437&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619746436741&bpp=18&bdt=437&idt=554&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1553142138650&frm=20&pv=2&ga_vid=105621175.1619746437&ga_sid=1619746437&ga_hid=210655917&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060743&oid=3&pvsid=756054456240608&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=579
Frame ID: 455DC05906A9B79FA2A788B7AECF130A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=1213588912&adf=2125710545&pi=t.aa~a.2711115096~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1619746437&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619746437763&bpp=4&bdt=1459&idt=5&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9af2596cc1a5f56d-2241f9d6f6c70018%3AT%3D1619746437%3ART%3D1619746437%3AS%3DALNI_MZFEBwMhbwwQF3onSYKPfin8_4ryg&prev_fmts=0x0&nras=2&correlator=1553142138650&frm=20&pv=1&ga_vid=105621175.1619746437&ga_sid=1619746437&ga_hid=210655917&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060743&oid=3&pvsid=756054456240608&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=qJ7LrOuHS3&p=https%3A//paste.co.id&dtd=17
Frame ID: 5FDEFBB9DF246BFAB02BA9F3421106DE
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1619746437802352546799
Frame ID: CF606397F432C4A2B9BB50156A312A0F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: E0EFDB8309AC38E27CED90932169E4CB
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: 09E95D5F430A7A14E73033315BDF9675
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 65F05DF30AEF8A8385C0EFAB5781387D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F5A26871BD1399FB003692A71B04D4C9
Requests: 1 HTTP requests in this frame

Frame: https://static.cdnativepush.com/contents/s/48/15/4b/38ca44eafd323cd4fd273702f6/0625425773465.png
Frame ID: D32D9586E3BA71CCEBFD0967E8567914
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

137
Requests

100 %
HTTPS

39 %
IPv6

37
Domains

50
Subdomains

40
IPs

6
Countries

1705 kB
Transfer

4255 kB
Size

9
Cookies

60 Outgoing links

These are links going to different origins than the main page.

URL: https://widgets.mgid.com/?utm_source=paste.co.id&utm_medium=referral&utm_campaign=widgets&utm_content=997452
Title:

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy
Title:

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193526/i/57333099/0/pp/1/1?h=hKwf3onwIOmx9n-WfHQtqCgtFzCuBeCy9iutwYi7KXJPhEOIPpDj4hfxjOw02n1j&rid=21e9baa4-a954-11eb-91aa-d094662c1c35&tt=Direct&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193528/i/57333099/0/pp/2/1?h=hKwf3onwIOmx9n-WfHQtqMm4IbSViogtnwpEZhlBxBeFMnr9VcjaUNR7If7yMBD8&rid=21e9baa4-a954-11eb-91aa-d094662c1c35&tt=Direct&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164915/i/57333099/0/pp/3/1?h=hKwf3onwIOmx9n-WfHQtqL6MVIOWvh_aMEoovxxLFpvRSWn2JClAuQVF_BdFeiHl&rid=21e9baa4-a954-11eb-91aa-d094662c1c35&tt=Direct&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164926/i/57333099/0/pp/4/1?h=hKwf3onwIOmx9n-WfHQtqIgPE32NXWWdYnGFdAp3lcpU7-o77RpSGIBdo9_d5wfz&rid=21e9baa4-a954-11eb-91aa-d094662c1c35&tt=Direct&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.imdb.com/user/ur108624636/lists
Title: https://www.imdb.com/user/ur108624636/lists

Search URL Search Domain Scan URL

URL: https://www.imdb.com/user/ur108624693/lists
Title: https://www.imdb.com/user/ur108624693/lists

Search URL Search Domain Scan URL

URL: https://www.imdb.com/user/ur108624800/lists
Title: https://www.imdb.com/user/ur108624800/lists

Search URL Search Domain Scan URL

URL: https://www.imdb.com/user/ur108624510/lists
Title: https://www.imdb.com/user/ur108624510/lists

Search URL Search Domain Scan URL

URL: https://www.imdb.com/user/ur108624576/lists
Title: https://www.imdb.com/user/ur108624576/lists

Search URL Search Domain Scan URL

URL: https://www.imdb.com/user/ur108624235/lists
Title: https://www.imdb.com/user/ur108624235/lists

Search URL Search Domain Scan URL

URL: https://www.imdb.com/user/ur108624345/lists
Title: https://www.imdb.com/user/ur108624345/lists

Search URL Search Domain Scan URL

URL: https://www.imdb.com/user/ur108624436/lists
Title: https://www.imdb.com/user/ur108624436/lists

Search URL Search Domain Scan URL

URL: https://www.imdb.com/user/ur100400864/lists
Title: https://www.imdb.com/user/ur100400864/lists

Search URL Search Domain Scan URL

URL: https://www.imdb.com/user/ur107804755/lists
Title: https://www.imdb.com/user/ur107804755/lists

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965439/
Title: https://www.imdb.com/list/ls097965439/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965466/
Title: https://www.imdb.com/list/ls097965466/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965425/
Title: https://www.imdb.com/list/ls097965425/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965428/
Title: https://www.imdb.com/list/ls097965428/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965490/
Title: https://www.imdb.com/list/ls097965490/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097947519/
Title: https://www.imdb.com/list/ls097947519/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097947536/
Title: https://www.imdb.com/list/ls097947536/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097947538/
Title: https://www.imdb.com/list/ls097947538/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097947565/
Title: https://www.imdb.com/list/ls097947565/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097947569/
Title: https://www.imdb.com/list/ls097947569/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965678/
Title: https://www.imdb.com/list/ls097965678/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965611/
Title: https://www.imdb.com/list/ls097965611/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965638/
Title: https://www.imdb.com/list/ls097965638/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965669/
Title: https://www.imdb.com/list/ls097965669/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965677/
Title: https://www.imdb.com/list/ls097965677/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965683/
Title: https://www.imdb.com/list/ls097965683/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965202/
Title: https://www.imdb.com/list/ls097965202/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965251/
Title: https://www.imdb.com/list/ls097965251/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965270/
Title: https://www.imdb.com/list/ls097965270/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965279/
Title: https://www.imdb.com/list/ls097965279/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965269/
Title: https://www.imdb.com/list/ls097965269/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965226/
Title: https://www.imdb.com/list/ls097965226/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965240/
Title: https://www.imdb.com/list/ls097965240/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965295/
Title: https://www.imdb.com/list/ls097965295/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097965285/
Title: https://www.imdb.com/list/ls097965285/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097917403/
Title: https://www.imdb.com/list/ls097917403/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097917408/
Title: https://www.imdb.com/list/ls097917408/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097917453/
Title: https://www.imdb.com/list/ls097917453/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097917459/
Title: https://www.imdb.com/list/ls097917459/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097917471/
Title: https://www.imdb.com/list/ls097917471/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097917256/
Title: https://www.imdb.com/list/ls097917256/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097917259/
Title: https://www.imdb.com/list/ls097917259/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097917277/
Title: https://www.imdb.com/list/ls097917277/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097917210/
Title: https://www.imdb.com/list/ls097917210/

Search URL Search Domain Scan URL

URL: https://www.imdb.com/list/ls097917214/
Title: https://www.imdb.com/list/ls097917214/

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164840/i/57333099/0/pp/1/1?h=hKwf3onwIOmx9n-WfHQtqNqGKdhn2_IfPSahlJCdpZEc8WL78FKD97P3cug7HDsA&rid=21ed0bf1-a954-11eb-91aa-d094662c1c35&tt=Direct&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193518/i/57333099/0/pp/2/1?h=hKwf3onwIOmx9n-WfHQtqB7atdMgHrmjbNBx4PYjYgo3kh558ZAS_BXfWl80TK8w&rid=21ed0bf1-a954-11eb-91aa-d094662c1c35&tt=Direct&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164849/i/57333099/0/pp/3/1?h=hKwf3onwIOmx9n-WfHQtqDIdRfsank2YI8Lh79Nzy872QAK90xoeQZ5dSB-Wm202&rid=21ed0bf1-a954-11eb-91aa-d094662c1c35&tt=Direct&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164870/i/57333099/0/pp/4/1?h=hKwf3onwIOmx9n-WfHQtqB149ivDSAdJcsaChVERF1WonxG-vCXhR2U_GT8ntm-H&rid=21ed0bf1-a954-11eb-91aa-d094662c1c35&tt=Direct&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193535/i/57333099/0/pp/1/1?h=hKwf3onwIOmx9n-WfHQtqM3vgbqyHHq_UkW_50gGwC8PxqWoP-lBDW3tejZNjIH8&rid=21f103c2-a954-11eb-affa-d094662f8ab5&tt=Direct&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8164889/i/57333099/0/pp/2/1?h=hKwf3onwIOmx9n-WfHQtqIrqLZS5l3LJFa1nWh5hZnNwajbLkYrozRZk0ljU07le&rid=21f103c2-a954-11eb-affa-d094662f8ab5&tt=Direct&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193516/i/57333099/0/pp/3/1?h=hKwf3onwIOmx9n-WfHQtqB6DBmVBcD8p-htkT7PehW4CBJe2doNLVyZYegJvY0lI&rid=21f103c2-a954-11eb-affa-d094662f8ab5&tt=Direct&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/8193493/i/57333099/0/pp/4/1?h=hKwf3onwIOmx9n-WfHQtqPSyonNtjfAfyJ2QCl3ohJJHso0vCASrXclH0mcD5g0C&rid=21f103c2-a954-11eb-affa-d094662f8ab5&tt=Direct&gbpp=1&abd=1&iv=11&ct=1

Search URL Search Domain Scan URL

URL: https://berkas.co/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 98

https://x.bidswitch.net/sync?dsp_id=303&user_id=l3tVAkOX8wxi HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l3tVAkOX8wxi HTTP 302
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=8b197032-a0e0-42e1-a082-fbc180e18e22 HTTP 303
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=8b197032-a0e0-42e1-a082-fbc180e18e22&_li_chk=true&previous_uuid=c6c608ffb0974cc894dcb18a0fc78be8 HTTP 303
https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=8b197032-a0e0-42e1-a082-fbc180e18e22

Request Chain 100

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDN0VkFrT1g4d3hp&muidn=l3tVAkOX8wxi HTTP 302
https://cm.mgid.com/google?muidn=l3tVAkOX8wxi&google_ula={guid},5&google_gid=CAESEP3F1jPvy_Z-wZhZ8uXh6yU&google_cver=1

Request Chain 101

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=mgid&bsw_custom_parameter=8b197032-a0e0-42e1-a082-fbc180e18e22 HTTP 302
https://x.bidswitch.net/sync?dsp_id=257&user_id=mkd32ef232-b07d-495e-b661-e35986e5ef94&expires=7&user_group=5&ssp=mgid&bsw_param=8b197032-a0e0-42e1-a082-fbc180e18e22 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=8b197032-a0e0-42e1-a082-fbc180e18e22&gdpr=&gdpr_consent=&us_privacy=

Request Chain 102

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=WZ4tAk1Liq6VQ9JoE3kh&pi=mgid&tc=1

Request Chain 103

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=ee7d0966-c16d-4cc3-91fe-4ef4417e0c3a&ttl=1622338438

Request Chain 105

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1619746438080&ns_c=UTF-8&cv=3.5&c8=user%2Fur107804755%2Flists%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1619746438080&ns_c=UTF-8&cv=3.5&c8=user%2Fur107804755%2Flists%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&c9=

137 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request lyEzHIQswT Show response
paste.co.id/ 85 KB
23 KB 3340ms
3214ms Document
text/html 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/lyEzHIQswT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed / PHP/7.3.24
Resource Hash: c44b0e97587314c73ebd650f505d0f4aff908efc01fa8aa5976b8396be780d71

Request headers

:method: GET
:authority: paste.co.id
:scheme: https
:path: /lyEzHIQswT
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by: PHP/7.3.24
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
set-cookie: XSRF-TOKEN=eyJpdiI6IktJbjU1SHdEVUFyUlJpaVBETkEzbVE9PSIsInZhbHVlIjoiTHZaS3FRXC9URjdJdlVQd1JRXC95V2JZNDNyZ0VDRTFLd3JxcSt1SGVGOWNTUHQ5Y0ExUk92Wm5GM014WFBlV0tZIiwibWFjIjoiN2E4M2Y5MGUyYWY1OTk5ODFiMjBiYWQ1NmU2Y2M2NWU0OGZlNzk3ZTJkY2QyODAyYTJkMGExZWQwZTAwOTI0YiJ9; expires=Fri, 30-Apr-2021 03:33:56 GMT; Max-Age=7200; path=/; secure pasteshr_session=eyJpdiI6Im9BN2paTEhQbVhTQjNDUldIRE5XQkE9PSIsInZhbHVlIjoidmVjNExxdWJ1M1wvSDZibysySFAxRlwvXC9pdkZxK25qdmpzaHpRY0NmZjJ3anZCQXhhd1lQU2QwQWhkWjhIZE1rUSIsIm1hYyI6ImFiZjkxMDgzZDc1ZmRhMjE2MmZlNzQ2ODRkOGVlN2I0ZDE0MDczNmM5Mjc3MmYwMzJkYzdiNzY1M2I1YzA0MjUifQ%3D%3D; expires=Fri, 30-Apr-2021 03:33:56 GMT; Max-Age=7200; path=/; httponly; secure
content-encoding: br
vary: Accept-Encoding
date: Fri, 30 Apr 2021 01:33:56 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 29ms
14ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617
age: 3299792
cdn-cachedat: 2021-03-11 11:57:51
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c2024cfe000016eadc917000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 50f270cef956c80b14f61fa9ad96c573
cf-ray: 647d065b39ff16ea-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-Q050 200 bootstrap.min.css
paste.co.id/css/ 138 KB
18 KB 143ms
62ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/bootstrap.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

:path: /css/bootstrap.min.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IktJbjU1SHdEVUFyUlJpaVBETkEzbVE9PSIsInZhbHVlIjoiTHZaS3FRXC9URjdJdlVQd1JRXC95V2JZNDNyZ0VDRTFLd3JxcSt1SGVGOWNTUHQ5Y0ExUk92Wm5GM014WFBlV0tZIiwibWFjIjoiN2E4M2Y5MGUyYWY1OTk5ODFiMjBiYWQ1NmU2Y2M2NWU0OGZlNzk3ZTJkY2QyODAyYTJkMGExZWQwZTAwOTI0YiJ9; pasteshr_session=eyJpdiI6Im9BN2paTEhQbVhTQjNDUldIRE5XQkE9PSIsInZhbHVlIjoidmVjNExxdWJ1M1wvSDZibysySFAxRlwvXC9pdkZxK25qdmpzaHpRY0NmZjJ3anZCQXhhd1lQU2QwQWhkWjhIZE1rUSIsIm1hYyI6ImFiZjkxMDgzZDc1ZmRhMjE2MmZlNzQ2ODRkOGVlN2I0ZDE0MDczNmM5Mjc3MmYwMzJkYzdiNzY1M2I1YzA0MjUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/lyEzHIQswT
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/lyEzHIQswT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
content-encoding: br
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 18785
expires: Fri, 07 May 2021 01:33:56 GMT

GET
H3-Q050 200 mdb.min.css
paste.co.id/css/ 226 KB
23 KB 138ms
57ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/mdb.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045

Request headers

:path: /css/mdb.min.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IktJbjU1SHdEVUFyUlJpaVBETkEzbVE9PSIsInZhbHVlIjoiTHZaS3FRXC9URjdJdlVQd1JRXC95V2JZNDNyZ0VDRTFLd3JxcSt1SGVGOWNTUHQ5Y0ExUk92Wm5GM014WFBlV0tZIiwibWFjIjoiN2E4M2Y5MGUyYWY1OTk5ODFiMjBiYWQ1NmU2Y2M2NWU0OGZlNzk3ZTJkY2QyODAyYTJkMGExZWQwZTAwOTI0YiJ9; pasteshr_session=eyJpdiI6Im9BN2paTEhQbVhTQjNDUldIRE5XQkE9PSIsInZhbHVlIjoidmVjNExxdWJ1M1wvSDZibysySFAxRlwvXC9pdkZxK25qdmpzaHpRY0NmZjJ3anZCQXhhd1lQU2QwQWhkWjhIZE1rUSIsIm1hYyI6ImFiZjkxMDgzZDc1ZmRhMjE2MmZlNzQ2ODRkOGVlN2I0ZDE0MDczNmM5Mjc3MmYwMzJkYzdiNzY1M2I1YzA0MjUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/lyEzHIQswT
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/lyEzHIQswT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
content-encoding: br
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 23078
expires: Fri, 07 May 2021 01:33:56 GMT

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/ 15 KB
2 KB 27ms
12ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/select2.min.css

Requested by

Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1775377
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1624
cf-request-id: 09c2024d00000053734396d000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-3b5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Tujy0r1ujb%2FDHBUa4bmiHku1Qar3thkgsIxmWfHxP6rtTRj%2BT5Q7FZ0YxxqIyZx7YsAgxiZ1m35b6bpETI938rk5uW8kgFC%2BgegmW8Db7vCD383AG%2BdnrCPi8IdE5DVHhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 647d065b3c285373-FRA
expires: Wed, 20 Apr 2022 01:33:56 GMT

GET
H3-Q050 200 special.min.css
paste.co.id/css/skins/ 3 KB
823 B 154ms
74ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/skins/special.min.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: d801a7aee4bfe2c958fd643f0cbeec4594298233004ada814fbff90eeb0b1c0b

Request headers

:path: /css/skins/special.min.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IktJbjU1SHdEVUFyUlJpaVBETkEzbVE9PSIsInZhbHVlIjoiTHZaS3FRXC9URjdJdlVQd1JRXC95V2JZNDNyZ0VDRTFLd3JxcSt1SGVGOWNTUHQ5Y0ExUk92Wm5GM014WFBlV0tZIiwibWFjIjoiN2E4M2Y5MGUyYWY1OTk5ODFiMjBiYWQ1NmU2Y2M2NWU0OGZlNzk3ZTJkY2QyODAyYTJkMGExZWQwZTAwOTI0YiJ9; pasteshr_session=eyJpdiI6Im9BN2paTEhQbVhTQjNDUldIRE5XQkE9PSIsInZhbHVlIjoidmVjNExxdWJ1M1wvSDZibysySFAxRlwvXC9pdkZxK25qdmpzaHpRY0NmZjJ3anZCQXhhd1lQU2QwQWhkWjhIZE1rUSIsIm1hYyI6ImFiZjkxMDgzZDc1ZmRhMjE2MmZlNzQ2ODRkOGVlN2I0ZDE0MDczNmM5Mjc3MmYwMzJkYzdiNzY1M2I1YzA0MjUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/lyEzHIQswT
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/lyEzHIQswT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
content-encoding: br
last-modified: Wed, 24 Apr 2019 12:08:22 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 776
expires: Fri, 07 May 2021 01:33:56 GMT

GET
H3-Q050 200 app.min.css
paste.co.id/css/ 648 B
264 B 154ms
74ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/css/app.min.css?v=1.2
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b

Request headers

:path: /css/app.min.css?v=1.2
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IktJbjU1SHdEVUFyUlJpaVBETkEzbVE9PSIsInZhbHVlIjoiTHZaS3FRXC9URjdJdlVQd1JRXC95V2JZNDNyZ0VDRTFLd3JxcSt1SGVGOWNTUHQ5Y0ExUk92Wm5GM014WFBlV0tZIiwibWFjIjoiN2E4M2Y5MGUyYWY1OTk5ODFiMjBiYWQ1NmU2Y2M2NWU0OGZlNzk3ZTJkY2QyODAyYTJkMGExZWQwZTAwOTI0YiJ9; pasteshr_session=eyJpdiI6Im9BN2paTEhQbVhTQjNDUldIRE5XQkE9PSIsInZhbHVlIjoidmVjNExxdWJ1M1wvSDZibysySFAxRlwvXC9pdkZxK25qdmpzaHpRY0NmZjJ3anZCQXhhd1lQU2QwQWhkWjhIZE1rUSIsIm1hYyI6ImFiZjkxMDgzZDc1ZmRhMjE2MmZlNzQ2ODRkOGVlN2I0ZDE0MDczNmM5Mjc3MmYwMzJkYzdiNzY1M2I1YzA0MjUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/lyEzHIQswT
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/lyEzHIQswT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
content-encoding: br
last-modified: Fri, 05 Jun 2020 17:06:52 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 217
expires: Fri, 07 May 2021 01:33:56 GMT

GET
H3-Q050 200 prism-okadia.css
paste.co.id/plugins/prismjs/ 13 KB
3 KB 154ms
74ms Stylesheet
text/css 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism-okadia.css
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6

Request headers

:path: /plugins/prismjs/prism-okadia.css
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IktJbjU1SHdEVUFyUlJpaVBETkEzbVE9PSIsInZhbHVlIjoiTHZaS3FRXC9URjdJdlVQd1JRXC95V2JZNDNyZ0VDRTFLd3JxcSt1SGVGOWNTUHQ5Y0ExUk92Wm5GM014WFBlV0tZIiwibWFjIjoiN2E4M2Y5MGUyYWY1OTk5ODFiMjBiYWQ1NmU2Y2M2NWU0OGZlNzk3ZTJkY2QyODAyYTJkMGExZWQwZTAwOTI0YiJ9; pasteshr_session=eyJpdiI6Im9BN2paTEhQbVhTQjNDUldIRE5XQkE9PSIsInZhbHVlIjoidmVjNExxdWJ1M1wvSDZibysySFAxRlwvXC9pdkZxK25qdmpzaHpRY0NmZjJ3anZCQXhhd1lQU2QwQWhkWjhIZE1rUSIsIm1hYyI6ImFiZjkxMDgzZDc1ZmRhMjE2MmZlNzQ2ODRkOGVlN2I0ZDE0MDczNmM5Mjc3MmYwMzJkYzdiNzY1M2I1YzA0MjUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paste.co.id
referer: https://paste.co.id/lyEzHIQswT
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/lyEzHIQswT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
content-encoding: br
last-modified: Tue, 29 Jan 2019 22:43:52 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3349
expires: Fri, 07 May 2021 01:33:56 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
48 KB 45ms
23ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3df28cede092d9f3eb4ced65063bc126e298b7e03c1f587a3f42dadc6909dbfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48362
x-xss-protection: 0
server: cafe
etag: 11736008493392425597
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 01:33:56 GMT

GET
H2 200 3509488 Show response
inpagepush.com/400/ 82 KB
29 KB 190ms
81ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3509488

Requested by

Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

a1362e2010a9c67e3ccdd9408414d9936c9505231f03907473112a9bfb29342b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 9c57762160278b17189e068ae8546554
pragma: no-cache
date: Fri, 30 Apr 2021 01:33:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK ntfc.php Show response
seeptoag.net/ 14 KB
6 KB 181ms
52ms Script
application/javascript 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/ntfc.php?p=3534037
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 031f00b22a8c37dc6f3a8ea8e33f3d958a579bb1fcddc00c9409a24d1e07c259

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 01:33:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:48:58 GMT
Server: nginx
ETag: W/"6086a8aa-380b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H3-Q050 200 default-avatar.png
paste.co.id/img/ 7 KB
7 KB 63ms
60ms Image
image/png 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paste.co.id/img/default-avatar.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517

Request headers

:path: /img/default-avatar.png
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IktJbjU1SHdEVUFyUlJpaVBETkEzbVE9PSIsInZhbHVlIjoiTHZaS3FRXC9URjdJdlVQd1JRXC95V2JZNDNyZ0VDRTFLd3JxcSt1SGVGOWNTUHQ5Y0ExUk92Wm5GM014WFBlV0tZIiwibWFjIjoiN2E4M2Y5MGUyYWY1OTk5ODFiMjBiYWQ1NmU2Y2M2NWU0OGZlNzk3ZTJkY2QyODAyYTJkMGExZWQwZTAwOTI0YiJ9; pasteshr_session=eyJpdiI6Im9BN2paTEhQbVhTQjNDUldIRE5XQkE9PSIsInZhbHVlIjoidmVjNExxdWJ1M1wvSDZibysySFAxRlwvXC9pdkZxK25qdmpzaHpRY0NmZjJ3anZCQXhhd1lQU2QwQWhkWjhIZE1rUSIsIm1hYyI6ImFiZjkxMDgzZDc1ZmRhMjE2MmZlNzQ2ODRkOGVlN2I0ZDE0MDczNmM5Mjc3MmYwMzJkYzdiNzY1M2I1YzA0MjUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: paste.co.id
referer: https://paste.co.id/lyEzHIQswT
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/lyEzHIQswT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
last-modified: Wed, 28 Nov 2018 16:58:44 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6957
expires: Fri, 07 May 2021 01:33:56 GMT

GET
H2 200 paste.co.id.997452.js Show response
jsc.mgid.com/p/a/ 279 KB
69 KB 228ms
163ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eff3e7a084be3c610ab7c8e6f65f858cdcd98d797fa1a3051551b2c618165af

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: EB0G96VDT7BSC3A5
cf-polished: origSize=285671
last-modified: Sat, 24 Apr 2021 05:54:59 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: WFiL7zR+4utb7mEWm5ehIK0n/BbsfBigXn+qbBOs0idGg7/2jT0pGyFFFo8MQtOWMCjGq0uMyys=
cf-bgj: minify
server: cloudflare
etag: W/"a2e60b0a1a6d38111104a70d121a5f4d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 09c2024e4200001d0efd027000000001
cf-ray: 647d065d3dd81d0e-CPH
expires: Fri, 30 Apr 2021 04:33:56 GMT

GET
H2 200 paste.co.id.914924.js Show response
jsc.mgid.com/p/a/ 278 KB
69 KB 140ms
74ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c66349b55d5d119b585c2ddf90e9f934d4a2ea9277001e5276763b9db4d99ae7

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: PA38FM0919HEX2Z1
cf-polished: origSize=285004
last-modified: Thu, 22 Apr 2021 10:47:26 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: YKQyMdxJhcppqsLGYQTUlRenuV+fGWvMCkJ6nsC8h8AJTQU1sm2wPPi+rgZKl/L7RRvMhGvmRro=
cf-bgj: minify
server: cloudflare
etag: W/"736e373c39b5239eab92f19d9014a4a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 09c2024e4300001d0e55215000000001
cf-ray: 647d065d3dd91d0e-CPH
expires: Fri, 30 Apr 2021 04:33:56 GMT

GET
H/1.1 403
Forbidden /
www.qrcoder.co.uk/api/v1/ 0
0 229ms
64ms Image
text/html 109.203.125.88
NODE4-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.qrcoder.co.uk/api/v1/?size=4&text=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 109.203.125.88 , United Kingdom, ASN31727 (NODE4-AS, GB),
Reverse DNS: euk-88894.eukservers.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK logo.png
berkas.co/ds1/img/ 4 KB
4 KB 179ms
51ms Image
image/png 173.249.18.21
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://berkas.co/ds1/img/logo.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.249.18.21 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: berkas.co
Software: nginx/1.16.1 / RHZ SECURITY
Resource Hash: 5eb58957336c213965803eb8f38617c70deea70a22470a4e66a0712a870e9c09

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 01:33:56 GMT
ETag: "e5e-5a81d91e86dc0"
Last-Modified: Mon, 15 Jun 2020 11:17:19 GMT
Server: nginx/1.16.1
X-Powered-By: RHZ SECURITY
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3678

GET
H3-29 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 85 KB
28 KB 22ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3298897
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27433
cf-request-id: 09c2024d9b0000d6b562301000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zSL5y8EZugOVn2eMdRRurthHMPaC9bWBgQtXMkDocnPLCoa7j%2BkIaM8yt65BUx3BFEuSxwF83x6UoNMSVVjDi5CMVcjeS0lej%2FcC5C0gG3amitQUKMjs%2FBd0jwDwPNX%2FIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 647d065c2fa6d6b5-FRA
expires: Wed, 20 Apr 2022 01:33:56 GMT

GET
H3-Q050 200 bootstrap.min.js Show response
paste.co.id/js/ 50 KB
13 KB 52ms
52ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/bootstrap.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

:path: /js/bootstrap.min.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IktJbjU1SHdEVUFyUlJpaVBETkEzbVE9PSIsInZhbHVlIjoiTHZaS3FRXC9URjdJdlVQd1JRXC95V2JZNDNyZ0VDRTFLd3JxcSt1SGVGOWNTUHQ5Y0ExUk92Wm5GM014WFBlV0tZIiwibWFjIjoiN2E4M2Y5MGUyYWY1OTk5ODFiMjBiYWQ1NmU2Y2M2NWU0OGZlNzk3ZTJkY2QyODAyYTJkMGExZWQwZTAwOTI0YiJ9; pasteshr_session=eyJpdiI6Im9BN2paTEhQbVhTQjNDUldIRE5XQkE9PSIsInZhbHVlIjoidmVjNExxdWJ1M1wvSDZibysySFAxRlwvXC9pdkZxK25qdmpzaHpRY0NmZjJ3anZCQXhhd1lQU2QwQWhkWjhIZE1rUSIsIm1hYyI6ImFiZjkxMDgzZDc1ZmRhMjE2MmZlNzQ2ODRkOGVlN2I0ZDE0MDczNmM5Mjc3MmYwMzJkYzdiNzY1M2I1YzA0MjUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/lyEzHIQswT
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/lyEzHIQswT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
content-encoding: br
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13321
expires: Fri, 07 May 2021 01:33:56 GMT

GET
H3-Q050 200 mdb.min.js Show response
paste.co.id/js/ 204 KB
60 KB 52ms
52ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/mdb.min.js?v=2
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669

Request headers

:path: /js/mdb.min.js?v=2
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IktJbjU1SHdEVUFyUlJpaVBETkEzbVE9PSIsInZhbHVlIjoiTHZaS3FRXC9URjdJdlVQd1JRXC95V2JZNDNyZ0VDRTFLd3JxcSt1SGVGOWNTUHQ5Y0ExUk92Wm5GM014WFBlV0tZIiwibWFjIjoiN2E4M2Y5MGUyYWY1OTk5ODFiMjBiYWQ1NmU2Y2M2NWU0OGZlNzk3ZTJkY2QyODAyYTJkMGExZWQwZTAwOTI0YiJ9; pasteshr_session=eyJpdiI6Im9BN2paTEhQbVhTQjNDUldIRE5XQkE9PSIsInZhbHVlIjoidmVjNExxdWJ1M1wvSDZibysySFAxRlwvXC9pdkZxK25qdmpzaHpRY0NmZjJ3anZCQXhhd1lQU2QwQWhkWjhIZE1rUSIsIm1hYyI6ImFiZjkxMDgzZDc1ZmRhMjE2MmZlNzQ2ODRkOGVlN2I0ZDE0MDczNmM5Mjc3MmYwMzJkYzdiNzY1M2I1YzA0MjUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/lyEzHIQswT
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/lyEzHIQswT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
content-encoding: br
last-modified: Tue, 29 Jan 2019 22:15:46 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 60877
expires: Fri, 07 May 2021 01:33:56 GMT

GET
H3-29 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/ 65 KB
16 KB 16ms
12ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/js/select2.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3298005
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15668
cf-request-id: 09c2024de90000d6b57d877000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-1042e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oWEQSwJLeniUylv6u4PjjzEjnrIYUlTyZML1nXmE3ezgrSn9Ur6c7vlSyWwf5g4%2FYeNKSHGdVpJTUyr6Dk7S5RwtsV6uNm9RwaYXgp%2BBnfQOXbA4%2BZaSWajvGzMHpQZGaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 647d065caff6d6b5-FRA
expires: Wed, 20 Apr 2022 01:33:56 GMT

GET
H3-Q050 200 ads.js Show response
paste.co.id/js/ 22 B
68 B 62ms
59ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/ads.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140

Request headers

:path: /js/ads.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IktJbjU1SHdEVUFyUlJpaVBETkEzbVE9PSIsInZhbHVlIjoiTHZaS3FRXC9URjdJdlVQd1JRXC95V2JZNDNyZ0VDRTFLd3JxcSt1SGVGOWNTUHQ5Y0ExUk92Wm5GM014WFBlV0tZIiwibWFjIjoiN2E4M2Y5MGUyYWY1OTk5ODFiMjBiYWQ1NmU2Y2M2NWU0OGZlNzk3ZTJkY2QyODAyYTJkMGExZWQwZTAwOTI0YiJ9; pasteshr_session=eyJpdiI6Im9BN2paTEhQbVhTQjNDUldIRE5XQkE9PSIsInZhbHVlIjoidmVjNExxdWJ1M1wvSDZibysySFAxRlwvXC9pdkZxK25qdmpzaHpRY0NmZjJ3anZCQXhhd1lQU2QwQWhkWjhIZE1rUSIsIm1hYyI6ImFiZjkxMDgzZDc1ZmRhMjE2MmZlNzQ2ODRkOGVlN2I0ZDE0MDczNmM5Mjc3MmYwMzJkYzdiNzY1M2I1YzA0MjUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/lyEzHIQswT
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/lyEzHIQswT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
last-modified: Sat, 14 Mar 2020 00:25:06 GMT
server: LiteSpeed
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 22
expires: Fri, 07 May 2021 01:33:56 GMT

GET
H3-Q050 200 app.min.js Show response
paste.co.id/js/ 1 KB
688 B 62ms
59ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/js/app.min.js?v=1.5
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93

Request headers

:path: /js/app.min.js?v=1.5
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IktJbjU1SHdEVUFyUlJpaVBETkEzbVE9PSIsInZhbHVlIjoiTHZaS3FRXC9URjdJdlVQd1JRXC95V2JZNDNyZ0VDRTFLd3JxcSt1SGVGOWNTUHQ5Y0ExUk92Wm5GM014WFBlV0tZIiwibWFjIjoiN2E4M2Y5MGUyYWY1OTk5ODFiMjBiYWQ1NmU2Y2M2NWU0OGZlNzk3ZTJkY2QyODAyYTJkMGExZWQwZTAwOTI0YiJ9; pasteshr_session=eyJpdiI6Im9BN2paTEhQbVhTQjNDUldIRE5XQkE9PSIsInZhbHVlIjoidmVjNExxdWJ1M1wvSDZibysySFAxRlwvXC9pdkZxK25qdmpzaHpRY0NmZjJ3anZCQXhhd1lQU2QwQWhkWjhIZE1rUSIsIm1hYyI6ImFiZjkxMDgzZDc1ZmRhMjE2MmZlNzQ2ODRkOGVlN2I0ZDE0MDczNmM5Mjc3MmYwMzJkYzdiNzY1M2I1YzA0MjUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/lyEzHIQswT
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/lyEzHIQswT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
content-encoding: br
last-modified: Sat, 14 Mar 2020 00:34:12 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 639
expires: Fri, 07 May 2021 01:33:56 GMT

GET
H3-Q050 200 prism.js Show response
paste.co.id/plugins/prismjs/ 328 KB
115 KB 63ms
59ms Script
application/javascript 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/plugins/prismjs/prism.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a

Request headers

:path: /plugins/prismjs/prism.js
pragma: no-cache
cookie: XSRF-TOKEN=eyJpdiI6IktJbjU1SHdEVUFyUlJpaVBETkEzbVE9PSIsInZhbHVlIjoiTHZaS3FRXC9URjdJdlVQd1JRXC95V2JZNDNyZ0VDRTFLd3JxcSt1SGVGOWNTUHQ5Y0ExUk92Wm5GM014WFBlV0tZIiwibWFjIjoiN2E4M2Y5MGUyYWY1OTk5ODFiMjBiYWQ1NmU2Y2M2NWU0OGZlNzk3ZTJkY2QyODAyYTJkMGExZWQwZTAwOTI0YiJ9; pasteshr_session=eyJpdiI6Im9BN2paTEhQbVhTQjNDUldIRE5XQkE9PSIsInZhbHVlIjoidmVjNExxdWJ1M1wvSDZibysySFAxRlwvXC9pdkZxK25qdmpzaHpRY0NmZjJ3anZCQXhhd1lQU2QwQWhkWjhIZE1rUSIsIm1hYyI6ImFiZjkxMDgzZDc1ZmRhMjE2MmZlNzQ2ODRkOGVlN2I0ZDE0MDczNmM5Mjc3MmYwMzJkYzdiNzY1M2I1YzA0MjUifQ%3D%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paste.co.id
referer: https://paste.co.id/lyEzHIQswT
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paste.co.id/lyEzHIQswT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
content-encoding: br
last-modified: Sat, 24 Nov 2018 17:17:38 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 117930
expires: Fri, 07 May 2021 01:33:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 32ms
28ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-174907544-1

Requested by

Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3162031f39233876ba2e771083fc9610dce8dee37dfb4734ba66ececbec9b60a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35851
x-xss-protection: 0
last-modified: Fri, 30 Apr 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Apr 2021 01:33:56 GMT

GET
H2 200 tag.min.js Show response
iclickcdn.com/ 56 KB
19 KB 34ms
16ms Script
application/javascript 2606:4700:20::ac43:4b09
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iclickcdn.com/tag.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ff25efa17b3ef606970b0dfaea5635df630694c14abc9ca2ab14266267015ff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
timing-allow-origin: *
age: 14911
access-control-allow-methods: GET, POST, OPTIONS
cf-request-id: 09c2024dfa000005bf4eb46000000001
x-trace-id: e242f1d180593a48e1d96d16a85f175d
pragma: no-cache
last-modified: Thu, 29 Apr 2021 09:56:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xPaLIeQiSMNDrooL%2BvjKcGX%2Be215UXYFgGsZGICLEHtGpHgJTL%2Fjwnz7qYR4ri9pSddovGd9Vxev5BK%2FXKiaKboNSbaIe7tmBh9J95WeQ7JTUxFwQq1w2Oc2"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 647d065ccbba05bf-FRA
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Fri, 30 Apr 2021 21:25:25 GMT

GET
H3-Q050 200 Roboto-Light.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 67ms
64ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Light.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75

Request headers

sec-fetch-mode: cors
origin: https://paste.co.id
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6IktJbjU1SHdEVUFyUlJpaVBETkEzbVE9PSIsInZhbHVlIjoiTHZaS3FRXC9URjdJdlVQd1JRXC95V2JZNDNyZ0VDRTFLd3JxcSt1SGVGOWNTUHQ5Y0ExUk92Wm5GM014WFBlV0tZIiwibWFjIjoiN2E4M2Y5MGUyYWY1OTk5ODFiMjBiYWQ1NmU2Y2M2NWU0OGZlNzk3ZTJkY2QyODAyYTJkMGExZWQwZTAwOTI0YiJ9; pasteshr_session=eyJpdiI6Im9BN2paTEhQbVhTQjNDUldIRE5XQkE9PSIsInZhbHVlIjoidmVjNExxdWJ1M1wvSDZibysySFAxRlwvXC9pdkZxK25qdmpzaHpRY0NmZjJ3anZCQXhhd1lQU2QwQWhkWjhIZE1rUSIsIm1hYyI6ImFiZjkxMDgzZDc1ZmRhMjE2MmZlNzQ2ODRkOGVlN2I0ZDE0MDczNmM5Mjc3MmYwMzJkYzdiNzY1M2I1YzA0MjUifQ%3D%3D
:path: /font/roboto/Roboto-Light.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: paste.co.id
referer: https://paste.co.id/css/mdb.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 49380
expires: Fri, 07 May 2021 01:33:56 GMT

GET
H3-29 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 22ms
21ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://paste.co.id
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617, 617
age: 383085
cdn-cachedat: 2021-04-25 14:59:11
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
cf-request-id: 09c2024ded00002b89371bc000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: ad23ed6858a4b4a150ba80a4f4e1ddc8
accept-ranges: bytes
cf-ray: 647d065ca82c2b89-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-Q050 200 Roboto-Regular.woff2
paste.co.id/font/roboto/ 48 KB
48 KB 76ms
74ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Regular.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0

Request headers

sec-fetch-mode: cors
origin: https://paste.co.id
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6IktJbjU1SHdEVUFyUlJpaVBETkEzbVE9PSIsInZhbHVlIjoiTHZaS3FRXC9URjdJdlVQd1JRXC95V2JZNDNyZ0VDRTFLd3JxcSt1SGVGOWNTUHQ5Y0ExUk92Wm5GM014WFBlV0tZIiwibWFjIjoiN2E4M2Y5MGUyYWY1OTk5ODFiMjBiYWQ1NmU2Y2M2NWU0OGZlNzk3ZTJkY2QyODAyYTJkMGExZWQwZTAwOTI0YiJ9; pasteshr_session=eyJpdiI6Im9BN2paTEhQbVhTQjNDUldIRE5XQkE9PSIsInZhbHVlIjoidmVjNExxdWJ1M1wvSDZibysySFAxRlwvXC9pdkZxK25qdmpzaHpRY0NmZjJ3anZCQXhhd1lQU2QwQWhkWjhIZE1rUSIsIm1hYyI6ImFiZjkxMDgzZDc1ZmRhMjE2MmZlNzQ2ODRkOGVlN2I0ZDE0MDczNmM5Mjc3MmYwMzJkYzdiNzY1M2I1YzA0MjUifQ%3D%3D
:path: /font/roboto/Roboto-Regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: paste.co.id
referer: https://paste.co.id/css/mdb.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 49236
expires: Fri, 07 May 2021 01:33:56 GMT

GET
H3-Q050 200 Roboto-Bold.woff2
paste.co.id/font/roboto/ 49 KB
49 KB 51ms
51ms Font
font/woff2 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/font/roboto/Roboto-Bold.woff2
Requested by: Host: paste.co.id
URL: https://paste.co.id/css/mdb.min.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716

Request headers

sec-fetch-mode: cors
origin: https://paste.co.id
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: XSRF-TOKEN=eyJpdiI6IktJbjU1SHdEVUFyUlJpaVBETkEzbVE9PSIsInZhbHVlIjoiTHZaS3FRXC9URjdJdlVQd1JRXC95V2JZNDNyZ0VDRTFLd3JxcSt1SGVGOWNTUHQ5Y0ExUk92Wm5GM014WFBlV0tZIiwibWFjIjoiN2E4M2Y5MGUyYWY1OTk5ODFiMjBiYWQ1NmU2Y2M2NWU0OGZlNzk3ZTJkY2QyODAyYTJkMGExZWQwZTAwOTI0YiJ9; pasteshr_session=eyJpdiI6Im9BN2paTEhQbVhTQjNDUldIRE5XQkE9PSIsInZhbHVlIjoidmVjNExxdWJ1M1wvSDZibysySFAxRlwvXC9pdkZxK25qdmpzaHpRY0NmZjJ3anZCQXhhd1lQU2QwQWhkWjhIZE1rUSIsIm1hYyI6ImFiZjkxMDgzZDc1ZmRhMjE2MmZlNzQ2ODRkOGVlN2I0ZDE0MDczNmM5Mjc3MmYwMzJkYzdiNzY1M2I1YzA0MjUifQ%3D%3D
:path: /font/roboto/Roboto-Bold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: paste.co.id
referer: https://paste.co.id/css/mdb.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://paste.co.id
Referer: https://paste.co.id/css/mdb.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
last-modified: Thu, 08 Nov 2018 15:15:02 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 49976
expires: Fri, 07 May 2021 01:33:56 GMT

GET
H2 200 / Show response
bedrapiona.com/5/3724584/ 3 KB
2 KB 240ms
132ms XHR
application/json 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/3724584/?oo=1
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 3ed701c1f69c39826ef0ce4f62237c3329a15b0987724ff0b49c7650790559a2

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 47b4ebb890c88efaf3f208595bde54fb
pragma: no-cache, no-cache
date: Fri, 30 Apr 2021 01:33:54 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://paste.co.id
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/ 223 KB
82 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4712388827405335&plah=paste.co.id&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09a0099bf7fefd4d080249360f6a41730158897b2c1613fe50eea9c5520eb9d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84347
x-xss-protection: 0
server: cafe
etag: 8033165652557143678
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 01:33:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/ Frame 1251 10 KB
5 KB 58ms
5ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210428/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 30 Apr 2021 01:17:06 GMT
expires: Fri, 14 May 2021 01:17:06 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 1010
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/ 10 KB
4 KB 16ms
16ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/plugins/prismjs/prism.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3298864
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2905
cf-request-id: 09c2024fea0000d6b5723d0000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e29-29a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BeZWeVuicnWyygvThfO0aF9rPj2z3O8n6MDrNS8YajMQqL0eWjGUrK%2BMcyyktfRTZRk4DUI7cFEeEXVsWUSR7%2F4paJVNibnFxRC8zS6wZh0lMBInldtio4MAtgmMXqilew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 647d065fda26d6b5-FRA
expires: Wed, 20 Apr 2022 01:33:57 GMT

GET
H2 200 3724582 Show response
inpagepush.com/400/ 82 KB
29 KB 62ms
61ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3724582

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4d6283e374a7a7a13eeea4784cd4a7daaa6dd0ea995dd95052ff6c09af6a310f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: d4a721fc16e2fb35c0dee507710042a1
pragma: no-cache
date: Fri, 30 Apr 2021 01:33:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK tag.min.js Show response
pseepsie.com/pfe/current/ 14 KB
6 KB 164ms
52ms Script
application/javascript 139.45.196.136
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pseepsie.com/pfe/current/tag.min.js?z=4022315
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.136 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7c45c9bf3189b8c7a74c01957bd346d229e623aaa4cc215560499e83887b2d10

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 01:33:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:48:58 GMT
Server: nginx
ETag: W/"6086a8aa-380a"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 1 Show response
toglooman.com/ 7 KB
4 KB 165ms
53ms Script
text/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/1?z=3724583
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: ce05d31875267ec6843d521534b8caff63650ffb99e890e99096862577b5a1f2

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:57 GMT
content-encoding: gzip
x-sc: zzR2wE0Ae6263Y5XcZvcJ2bquagFlZdHa40l-yAXNF3_CE4PQviD66bkV0vg1ufrLB65YYFuTpkiTcCfxpMqX2Ic6u4=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fac.php Show response
onmarshtompor.com/ Frame 2668 203 B
811 B 160ms
51ms Document
text/html 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/fac.php?OAID=24587bff2895429780482857a7e099a1&oaidts=1619746436

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

9ca8263f2c0cc38b5a8063185d49ae8567f65bbebdf8df5c7e706bb1e3289f00

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onmarshtompor.com
:scheme: https
:path: /fac.php?OAID=24587bff2895429780482857a7e099a1&oaidts=1619746436
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

server: nginx
date: Fri, 30 Apr 2021 01:33:51 GMT
content-type: text/html; charset=utf8
content-length: 203
x-trace-id: 1d450b614560a5ab42197213260cfd30
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
set-cookie: OAID=24587bff2895429780482857a7e099a1; expires=Sat, 30 Apr 2022 01:33:57 GMT; path=/; secure; SameSite=None oaidts=1619746436; expires=Sat, 30 Apr 2022 01:33:57 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff

POST
H3-Q050 200 get-paste Show response
paste.co.id/ 3 KB
1 KB 752ms
752ms XHR
application/json 5.189.137.168
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://paste.co.id/get-paste
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 5.189.137.168 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi465240.contaboserver.net
Software: LiteSpeed / PHP/7.3.24
Resource Hash: ae337cc04d8d39b2fe8897cceddd711ad2443b88743afcf8ef3e95163ed22a70

Request headers

sec-fetch-mode: cors
origin: https://paste.co.id
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: XSRF-TOKEN=eyJpdiI6IktJbjU1SHdEVUFyUlJpaVBETkEzbVE9PSIsInZhbHVlIjoiTHZaS3FRXC9URjdJdlVQd1JRXC95V2JZNDNyZ0VDRTFLd3JxcSt1SGVGOWNTUHQ5Y0ExUk92Wm5GM014WFBlV0tZIiwibWFjIjoiN2E4M2Y5MGUyYWY1OTk5ODFiMjBiYWQ1NmU2Y2M2NWU0OGZlNzk3ZTJkY2QyODAyYTJkMGExZWQwZTAwOTI0YiJ9; pasteshr_session=eyJpdiI6Im9BN2paTEhQbVhTQjNDUldIRE5XQkE9PSIsInZhbHVlIjoidmVjNExxdWJ1M1wvSDZibysySFAxRlwvXC9pdkZxK25qdmpzaHpRY0NmZjJ3anZCQXhhd1lQU2QwQWhkWjhIZE1rUSIsIm1hYyI6ImFiZjkxMDgzZDc1ZmRhMjE2MmZlNzQ2ODRkOGVlN2I0ZDE0MDczNmM5Mjc3MmYwMzJkYzdiNzY1M2I1YzA0MjUifQ%3D%3D; __PPU_BACKCLCK_3724584=true
content-length: 63
:path: /get-paste
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: paste.co.id
referer: https://paste.co.id/lyEzHIQswT
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://paste.co.id/lyEzHIQswT
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 30 Apr 2021 01:33:57 GMT
content-encoding: br
server: LiteSpeed
x-powered-by: PHP/7.3.24
vary: Accept-Encoding
content-type: application/json
x-ratelimit-remaining: 58
cache-control: no-cache, private
x-ratelimit-limit: 60
set-cookie: XSRF-TOKEN=eyJpdiI6IjJOalNWUXVcL01ZOUdNcTJpWk41Y09nPT0iLCJ2YWx1ZSI6IlZnZzVQZmlIWU1DcEtUTVliZlE5MDR0WkJXMDVmMjRtcWRYOFRnXC9Sa2Nid0o0cGJ4RkVlZ0Voa094RENnWkx0IiwibWFjIjoiNzliOTk1MWE1MzdlZDdhMjJjZTAyMGVjN2U4MDNmNGFmMTNmNDc5OTQxNDMwMGVlNjY2NmU4MzkzNGQzZGUzNyJ9; expires=Fri, 30-Apr-2021 03:33:57 GMT; Max-Age=7200; path=/; secure pasteshr_session=eyJpdiI6Im1EY0FtV2tqXC9EeThueHBMZEw4UHZRPT0iLCJ2YWx1ZSI6InhZSVFyM0hvWUlRSGs4aUpuWDVtVzByM3dNZHNMRkN1N1hLWlF4SkNFM04wanVlV2hjOWs1NTZkTktGZFwvTlhTIiwibWFjIjoiOWZjMTM2YTY4NTM4MzliZmI2MWI2NTk4NzkwY2I2OTBiMjlmNzY5MjhjN2EwNjQ4YmIyNTI0YzdmMGYzMjUyYiJ9; expires=Fri, 30-Apr-2021 03:33:57 GMT; Max-Age=7200; path=/; httponly; secure
content-length: 455

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 46ms
32ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-137362802-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-174907544-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3248be3438142ce651b1109b664870b66c21fc28e8c5695654917a9cf66607dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35864
x-xss-protection: 0
last-modified: Fri, 30 Apr 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Apr 2021 01:33:57 GMT

GET
H/1.1 200
OK zone Show response
seeptoag.net/ 717 B
1 KB 53ms
53ms Fetch
application/json 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/zone?pub=0&zone_id=3534037&is_mobile=false&domain=paste.co.id&var=&ymid=&var_3=

Requested by

Host: seeptoag.net
URL: https://seeptoag.net/ntfc.php?p=3534037

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

6c72f8e8f83cc5336e5aa688c0a9e141d7d3ec5f59e705ea46f9ed601178f065

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Trace-Id: ad99d050751b4ebada2276a9559e888a
Date: Fri, 30 Apr 2021 01:33:57 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 717

GET
H/1.1 200
OK universal.min.js Show response
seeptoag.net/pfe/current/ 107 KB
38 KB 186ms
82ms Fetch
application/javascript 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/pfe/current/universal.min.js?v=3.1.291
Requested by: Host: seeptoag.net
URL: https://seeptoag.net/ntfc.php?p=3534037
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 62dadcf91b790af18b75663d3b07dc5099824148a32cc71c8e4d8fa99aabc745

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 01:33:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:48:58 GMT
Server: nginx
ETag: W/"6086a8aa-1ab55"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b24778ddf954b52d774d1620e1f7a371a0366c6b431cb979c11e0bf4fc6caa5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 30 Apr 2021 00:10:40 GMT
server: ESF
date: Fri, 30 Apr 2021 01:33:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Apr 2021 01:33:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
619 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 30 Apr 2021 00:14:11 GMT
server: ESF
date: Fri, 30 Apr 2021 01:33:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Apr 2021 01:33:57 GMT

GET
H2 200 MGID_plus.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 37ms
35ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2303
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: B9201827F81D32DC
x-amz-id-2: oKgOzNf5arXSuLpawmQDb8wF7AHHBYdedIxY85YAn8qIfNXdz81xtOQ1yH8O6og8UfPiWO7QqMs=
last-modified: Tue, 23 Feb 2021 16:22:15 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag: W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-request-id: 09c202508900001d0e51062000000001
cf-ray: 647d0660dfcc1d0e-CPH
expires: Sat, 01 May 2021 01:33:57 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1011 B 36ms
35ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:57 GMT
content-encoding: br
cf-cache-status: HIT
age: 2303
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 1D76EA8A206ECCA7
x-amz-id-2: lDknoZ+PjBnoUXPCB23wx2Qe85exuRo8TYxKWQhUypnILC9L/y8Csv7mWGGtYjTXsNVPMSG83Fo=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-request-id: 09c202508900001d0e2d33f000000001
cf-ray: 647d0660dfce1d0e-CPH
expires: Sat, 01 May 2021 01:33:57 GMT

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 532ebb63b21f25cd2321d533fa378e22801af099c6b8b115d66f5fb2a9b9f482

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
640 B 186ms
65ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=paste.co.id&callback=_gfp_s_&client=ca-pub-4712388827405335

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4712388827405335&plah=paste.co.id&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ebc0610ef7904623b283f5b8872166aff2309963a7c645c3be1eacc13311a30f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 34ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=paste.co.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 01:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 35ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paste.co.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 01:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 455D 3 KB
639 B 89ms
87ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1619746437&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619746436741&bpp=18&bdt=437&idt=554&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1553142138650&frm=20&pv=2&ga_vid=105621175.1619746437&ga_sid=1619746437&ga_hid=210655917&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060743&oid=3&pvsid=756054456240608&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=579

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f47c370f381d424292fc7b38dd98801aafa6d76b3f6895013d6ed2880559e31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&adk=1812271804&adf=3025194257&lmt=1619746437&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619746436741&bpp=18&bdt=437&idt=554&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1553142138650&frm=20&pv=2&ga_vid=105621175.1619746437&ga_sid=1619746437&ga_hid=210655917&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060743&oid=3&pvsid=756054456240608&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=579
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 30 Apr 2021 01:33:57 GMT
server: cafe
content-length: 616
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Apr-2021 01:48:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Apr 2021 01:33:57 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76a6cc9369273b7e5f07285be49006b00775eefeefd725334e4235c4c29c9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619631702402874"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28201
x-xss-protection: 0
expires: Fri, 30 Apr 2021 01:33:57 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
306 B 160ms
158ms Script
text/plain 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1619746437371651257746&uniqId=0be3f&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&lu=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&pageView=1&site=414527&pvid=179206938fb939644ad&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 647d0661b8511d0e-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c202511400001d0e21b44000000001

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 01:50:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 258200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Wed, 27 Apr 2022 01:50:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:35:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 35908
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Fri, 29 Apr 2022 15:35:29 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 12:08:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 566716
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Sat, 23 Apr 2022 12:08:41 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paste.co.id
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:15:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 274717
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 26 Apr 2022 21:15:20 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
151 B 144ms
143ms Script
text/plain 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?w=844&h=249&cols=2&pv=5&cbuster=1619746437523867539434&uniqId=1672f&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&lu=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&pageView=0&site=414527&pvid=179206939939b71d313&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.914924.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:57 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 647d0662a8d41d0e-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c20251a900001d0e052bc000000001

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 74ms
72ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?pv=5&cbuster=1619746437575433836314&uniqId=0be3f&niet=4g&nisd=false&w=840&h=233&p3_w=201&p3_h=189&maxw_3=201&maxh_3=189&cols=4&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&lu=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&pageView=1&pvid=179206939c8b97e4d3b&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 240fc3d0db66576da23635c8fa9a2dbb7c5b752b3173a53bb104aefc6e050f4d

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 647d0662f90e1d0e-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c20251de00001d0e2d348000000001

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 67ms
66ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?w=840&h=231&p3_w=201&p3_h=187&maxw_3=201&maxh_3=187&cols=4&pv=5&cbuster=1619746437604144959777&uniqId=0fe88&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&lu=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&pageView=0&pvid=179206939e5a6c50f5f&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c516ac25cec34a5dcf4717efa0e3ae5a31766e537163fd4d3c33a9481495019

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 647d0663291e1d0e-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c20251fa00001d0e2214f000000001

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 156ms
51ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ac4cb91547723c69656a2a7925e23c41353a19df2459456f6c92671709304ac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:54 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 1 Show response
servicer.mgid.com/997452/ 3 KB
1 KB 66ms
66ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/997452/1?w=255&h=430&p3_w=90&p3_h=183&maxw_3=90&maxh_3=183&cols=2&pv=5&cbuster=1619746437632836134951&uniqId=066a8&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&lu=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&pageView=0&pvid=17920693a00a7884afa&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e4429103953674dfb1ca4f73406c393431cd0358807932b4980537aa1f653b3

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 647d066359341d0e-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c202521500001d0e2cb02000000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137362802-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6804
date: Thu, 29 Apr 2021 23:40:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 30 Apr 2021 01:40:33 GMT

GET
H/1.1 200
OK zone Show response
pseepsie.com/ 686 B
1 KB 53ms
53ms Fetch
application/json 139.45.196.136
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pseepsie.com/zone?pub=0&zone_id=4022315&is_mobile=false&domain=paste.co.id&var=&ymid=&var_3=

Requested by

Host: pseepsie.com
URL: https://pseepsie.com/pfe/current/tag.min.js?z=4022315

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.136 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

7371eea431b42e3113bd80edcfa3cf6667b7151cdb38c4b70b09069c13cfc8e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Trace-Id: 5691b9cc46f0c481a609683678252d62
Date: Fri, 30 Apr 2021 01:33:57 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 686

GET
H/1.1 200
OK universal.min.js Show response
pseepsie.com/pfe/current/ 107 KB
38 KB 185ms
82ms Fetch
application/javascript 139.45.196.136
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pseepsie.com/pfe/current/universal.min.js?v=3.1.291
Requested by: Host: pseepsie.com
URL: https://pseepsie.com/pfe/current/tag.min.js?z=4022315
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.136 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 62dadcf91b790af18b75663d3b07dc5099824148a32cc71c8e4d8fa99aabc745

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 01:33:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:48:58 GMT
Server: nginx
ETag: W/"6086a8aa-1ab55"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 059f1ff61dcd9896b638ba20ebcfd0d2 Show response
toglooman.com/27/ 362 KB
119 KB 66ms
66ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://toglooman.com/27/059f1ff61dcd9896b638ba20ebcfd0d2

Requested by

Host: toglooman.com
URL: https://toglooman.com/1?z=3724583

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e32234b6ab1d130b61389962423531dd44198600286e4d274ad08283f7deebb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 09:49:29 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age:290304000, public
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Wed, 28 May 2081 09:49:29 GMT

GET
H2 200 38 Show response
toglooman.com/42/ 0
635 B 123ms
123ms Script
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/42/38?z=3724583
Requested by: Host: toglooman.com
URL: https://toglooman.com/1?z=3724583
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:57 GMT
x-sc: 20b67-L_DaX2XG4FnSBloN6TmM4zD0XrIMwHc0v7b7XeqJ--KYsSHDfsvrZ6e0f5UtMz3O3zHuNbhklPU_XdBkLXBRs=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 img.gif
my.rtmark.net/ Frame 2668 43 B
490 B 52ms
51ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=24587bff2895429780482857a7e099a1

Requested by

Host: onmarshtompor.com
URL: https://onmarshtompor.com/fac.php?OAID=24587bff2895429780482857a7e099a1&oaidts=1619746436

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://onmarshtompor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:54 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=paste.co.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 01:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paste.co.id

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 01:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5FDE 405 B
229 B 68ms
67ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=1213588912&adf=2125710545&pi=t.aa~a.2711115096~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1619746437&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619746437763&bpp=4&bdt=1459&idt=5&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9af2596cc1a5f56d-2241f9d6f6c70018%3AT%3D1619746437%3ART%3D1619746437%3AS%3DALNI_MZFEBwMhbwwQF3onSYKPfin8_4ryg&prev_fmts=0x0&nras=2&correlator=1553142138650&frm=20&pv=1&ga_vid=105621175.1619746437&ga_sid=1619746437&ga_hid=210655917&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060743&oid=3&pvsid=756054456240608&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=qJ7LrOuHS3&p=https%3A//paste.co.id&dtd=17

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42069355b36bdc6751b178b52728c41fb774e59f62c491da3e88e1b41f03151b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4712388827405335&output=html&h=280&adk=1213588912&adf=2125710545&pi=t.aa~a.2711115096~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1619746437&rafmt=1&to=qs&pwprc=6603505382&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619746437763&bpp=4&bdt=1459&idt=5&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9af2596cc1a5f56d-2241f9d6f6c70018%3AT%3D1619746437%3ART%3D1619746437%3AS%3DALNI_MZFEBwMhbwwQF3onSYKPfin8_4ryg&prev_fmts=0x0&nras=2&correlator=1553142138650&frm=20&pv=1&ga_vid=105621175.1619746437&ga_sid=1619746437&ga_hid=210655917&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060743&oid=3&pvsid=756054456240608&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=qJ7LrOuHS3&p=https%3A//paste.co.id&dtd=17
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 30 Apr 2021 01:33:57 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: IDE=AHWqTUkKXUUsoF4sRQMHtdvHmpz0--Uo2eYq95yrFJIJsLIrXdSHWL_SqWzMJtqUJH4; expires=Wed, 25-May-2022 01:33:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Apr 2021 01:33:57 GMT
cache-control: private

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
825 B 73ms
72ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1619746437797366638665
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 587beaebd769abadfa42c4c8d9249819e2093fec9c2c7aca3a0d0b9b29df76a1

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: e7df3733-455b-4838-9369-06dc1dbf0568
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 647d066459a71d0e-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c20252bb00001d0ede17b000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame CF60 19 B
621 B 69ms
69ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1619746437802352546799
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 33d4b36f-7d47-40a3-8581-b32d32f99184
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 647d066469ab1d0e-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c20252be00001d0e1080d000000001
server: cloudflare

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 186ms
60ms Script
application/javascript 99.84.144.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.144.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-144-111.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:06:44 GMT
via: 1.1 b46ec6462593127fefb6ecac53956825.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1634
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: 1wkjlFJWgsZHyfBjhZ91z1JjESq4QP75NsWtp4qyh5RIOburTv-mtA==

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp
s-img.mgid.com/g/8193526/492x328/0x26x798x532/ 19 KB
19 KB 48ms
46ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193526/492x328/0x26x798x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp?v=1619746437-uhjb_5W8CuwyncZ3xBgmNwwve9ObduMdOU7AlVyLkvk
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8882124ecc46145f8dd2c4723888f2510a0ef0fc2ad527786b21b7ea6801361a

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:57 GMT
cf-cache-status: HIT
x-mg-request-uuid: f2823b8e-3139-4e11-a149-8976962a6404
age: 592764
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19080
cf-request-id: 09c20252c200001d0e38b44000000001
last-modified: Wed, 10 Feb 2021 07:15:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 647d066469b11d0e-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzQ0N2UwYWEyZjFmYjU0OWMwMThiMmI1NDQ5YjFjMTgwLmpwZw.webp
s-img.mgid.com/g/8193528/492x328/0x81x600x400/ 8 KB
9 KB 41ms
39ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193528/492x328/0x81x600x400/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDUvMTAxOTI0LzQ0N2UwYWEyZjFmYjU0OWMwMThiMmI1NDQ5YjFjMTgwLmpwZw.webp?v=1619746437-CPRLPrL6fPOADg8WyLLwr4JMGPzcfmcBhwg84AcZ83M
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb948a83c0273180b468b91a1f0d700f9945fe4d1f7e7b5b81e4ce163c3c60d3

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:57 GMT
cf-cache-status: HIT
x-mg-request-uuid: 6948ef21-04d9-414f-aa38-2a047b4b111b
age: 6803681
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8620
cf-request-id: 09c20252c200001d0ee223f000000001
last-modified: Wed, 10 Feb 2021 07:15:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 647d066469b31d0e-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTAtMDgvMTAxOTI0LzQ5OWRlMmE5YzFhNTM5ODdkOGU3ZmMxODdkNmJhZWVmLmpwZWc_dD0xNTM5MDI5MjE0OTM4.webp
s-img.mgid.com/g/8164915/492x328/0x42x520x346/ 16 KB
16 KB 43ms
42ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164915/492x328/0x42x520x346/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTAtMDgvMTAxOTI0LzQ5OWRlMmE5YzFhNTM5ODdkOGU3ZmMxODdkNmJhZWVmLmpwZWc_dD0xNTM5MDI5MjE0OTM4.webp?v=1619746437-MuYImVxoxnkgxq04yprlF8fuS89QDH1CNF9xlAYRfzQ
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 843be5a31abe5891100de97d89e995a52ede4fa9461f45ef1cebbbe808912f86

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:57 GMT
cf-cache-status: HIT
x-mg-request-uuid: a7ba4e97-28ed-4a0c-bc41-fd186bb53099
age: 591345
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16026
cf-request-id: 09c20252c200001d0e1504e000000001
last-modified: Mon, 08 Feb 2021 10:20:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 647d066469b41d0e-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC80YTk1MWFiN2Y5NDlkYzUzNTlhMDQzOTg0MzllZmMwMi5wbmc.webp
s-img.mgid.com/g/8164926/492x328/0x76x597x398/ 15 KB
15 KB 38ms
37ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164926/492x328/0x76x597x398/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC80YTk1MWFiN2Y5NDlkYzUzNTlhMDQzOTg0MzllZmMwMi5wbmc.webp?v=1619746437-olVfDX0LbJFbJVhjw6U4yAdCL8BWBEZSvKREH03huCY
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a96be413e3a3b82a5507eea75872e33cf0ec0e92273075073c58f3b32c19e67c

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:57 GMT
cf-cache-status: HIT
x-mg-request-uuid: 21c1a689-e349-4b7e-8249-4b2d8e08822a
age: 592586
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15542
cf-request-id: 09c20252c100001d0e2104d000000001
last-modified: Mon, 08 Feb 2021 10:20:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 647d066469af1d0e-CPH

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC83ZGUzZjkyZjQ2ZTc5OTRjZ...
s-img.mgid.com/g/8164840/492x328/-/ 18 KB
18 KB 58ms
57ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164840/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC83ZGUzZjkyZjQ2ZTc5OTRjZWVmNDY1MDA5MzhhMzFjMy5qcGc.webp?v=1619746437-0Y-tac7sjMmEFO9gh4BD05ezwPywhSyUmvQYLWBFzNo
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adb7d542ec2bea4907ac7cc212204ff1a656de69f78206384d64228f40beb815

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:57 GMT
cf-cache-status: HIT
x-mg-request-uuid: 23c71807-2008-4156-99dc-e588e596e0cc
age: 592764
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18044
cf-request-id: 09c20252d700001d0e21b4d000000001
last-modified: Mon, 08 Feb 2021 10:20:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 647d066489c31d0e-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDQvMTAxOTI0L2FlN2U2N2JjOGZkZjhjYTYzYjUxZjAyMmE5MjM1ZWE2LmpwZWc.webp
s-img.mgid.com/g/8193518/492x328/51x14x674x449/ 10 KB
11 KB 53ms
52ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193518/492x328/51x14x674x449/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDQvMTAxOTI0L2FlN2U2N2JjOGZkZjhjYTYzYjUxZjAyMmE5MjM1ZWE2LmpwZWc.webp?v=1619746437-Q_xFRDHqABChG0MOry0EwwF28VaE-2KYAJyCz00xS24
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 653c87ed6c7eb7fe23dfc3bbe5ab1799cba3bd1bbda3ad2748439fc61c70ce9b

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:57 GMT
cf-cache-status: HIT
x-mg-request-uuid: 1a472b57-be50-4ca6-815b-575c9be7e169
age: 592765
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10596
cf-request-id: 09c20252d700001d0e2f0a7000000001
last-modified: Wed, 10 Feb 2021 07:15:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 647d066489c41d0e-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTAxOTI0L2ZkNzY2MWU0NDcxOTUxMTUxODVlZGNlZjI0MWVjZWRkLnBuZw.webp
s-img.mgid.com/g/8164849/492x328/0x131x607x404/ 18 KB
18 KB 45ms
45ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164849/492x328/0x131x607x404/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDIvMTAxOTI0L2ZkNzY2MWU0NDcxOTUxMTUxODVlZGNlZjI0MWVjZWRkLnBuZw.webp?v=1619746437-I86DozbRHsrMKkAMHPzFpjdM91m3SraOCVIcq0qGg9k
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16d2eac72467e8931e76a59088381521c469cd08de7884eb65442a9a7744256b

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:57 GMT
cf-cache-status: HIT
x-mg-request-uuid: af740565-134a-467d-94d3-518fbbad16fd
age: 592788
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18512
cf-request-id: 09c20252d700001d0e5106f000000001
last-modified: Mon, 08 Feb 2021 10:20:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 647d066489c61d0e-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2QxYmY4YWI0ZWEwODZhMWZmOTJkMDliYTdlYmI2NWNjLmpwZw.webp
s-img.mgid.com/g/8164870/492x328/0x0x812x541/ 16 KB
17 KB 49ms
48ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164870/492x328/0x0x812x541/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2QxYmY4YWI0ZWEwODZhMWZmOTJkMDliYTdlYmI2NWNjLmpwZw.webp?v=1619746437-sOUIZTR83vzdPwQ5-F4RfEWx8F2J5yjGwci23c4TEng
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aabd2b7fa78aa11ff4b1ed3e4aeb3e3d9e2bdc88f3d659f95a659d05afa5f76

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:57 GMT
cf-cache-status: HIT
x-mg-request-uuid: 04b1ecee-007e-44f8-ab98-5f316e65ca2d
age: 790885
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16732
cf-request-id: 09c20252d700001d0ef727d000000001
last-modified: Mon, 08 Feb 2021 10:20:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 647d066489c51d0e-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTItMTUvMTAxOTI0LzBhMjAzZTJkY2RhYjY4MTJhZGFjNjU0MTUyNjUzZjFhLmpwZz90PTE1NDQ5Mzc4OTE5NjE.webp
s-img.mgid.com/g/8193535/492x328/0x43x1003x668/ 11 KB
11 KB 40ms
40ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193535/492x328/0x43x1003x668/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMTItMTUvMTAxOTI0LzBhMjAzZTJkY2RhYjY4MTJhZGFjNjU0MTUyNjUzZjFhLmpwZz90PTE1NDQ5Mzc4OTE5NjE.webp?v=1619746437-vVelr9sBBnFhiOw48Usd9AsqQhvxOHN7lOTekB9OJXE
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5e5f8d32022c3946a1d9b047f843d4329e61a8c50ab0791bb18f5be78e37139

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:57 GMT
cf-cache-status: HIT
x-mg-request-uuid: 6b525a87-fdd3-4c6b-b05f-8e8f401c6d6d
age: 592741
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11604
cf-request-id: 09c20252e000001d0e5719c000000001
last-modified: Wed, 10 Feb 2021 07:15:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 647d066499d21d0e-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp
s-img.mgid.com/g/8164889/492x328/0x124x565x376/ 18 KB
18 KB 42ms
42ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8164889/492x328/0x124x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp?v=1619746437-CztfiPh-uAB-4YM288fu203mCUp3VBZvjDs8D2NvRBs
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9147e56702cac804cff4b646db96efe455be370caeba029965acd0f375d00da1

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:57 GMT
cf-cache-status: HIT
x-mg-request-uuid: 99bdeafe-edd0-4ebb-849e-077718f164c3
age: 592098
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18200
cf-request-id: 09c20252df00001d0e4987e000000001
last-modified: Mon, 08 Feb 2021 10:20:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 647d066499ce1d0e-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzcxNDkzMDc4YjMzMzRmYjk1MzRjOGEwMmYxMzQ5OThkLmpwZw.webp
s-img.mgid.com/g/8193516/492x328/0x299x1080x720/ 18 KB
19 KB 38ms
38ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193516/492x328/0x299x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzcxNDkzMDc4YjMzMzRmYjk1MzRjOGEwMmYxMzQ5OThkLmpwZw.webp?v=1619746437-qkpvjKqyfk1IO3AY2wC_uX-nV0FcRix8_9DQ_VymIc8
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c942b2dedd909d6041207312ac649823a3196944634f35137fed9fa3a9de81e

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:57 GMT
cf-cache-status: HIT
x-mg-request-uuid: a0c16538-f927-457f-a5d8-d73a102142ec
age: 592796
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18748
cf-request-id: 09c20252df00001d0eeaa5f000000001
last-modified: Wed, 10 Feb 2021 07:15:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 647d066499cf1d0e-CPH

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDktMDMvMTAxOTI0L2IyYjk4NjhlYzQzMzdhYjQwMmQxODUyYTAzYjhlN2ZiLmpwZWc_dD0xNTM1OTc0MDQ1MzI1.webp
s-img.mgid.com/g/8193493/492x328/198x194x832x554/ 20 KB
20 KB 45ms
44ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8193493/492x328/198x194x832x554/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTgtMDktMDMvMTAxOTI0L2IyYjk4NjhlYzQzMzdhYjQwMmQxODUyYTAzYjhlN2ZiLmpwZWc_dD0xNTM1OTc0MDQ1MzI1.webp?v=1619746437-FMrZXb1-nXkVezh022gD6gVRjiRbn4fEa93rRAIs16w
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bedb1fb66d17c10cad9698a51c22530a6a716d67682aefaa6cb7858b0e2c55aa

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:57 GMT
cf-cache-status: HIT
x-mg-request-uuid: 5b1e20ee-f7e7-4abc-864c-0cdb4c5b125d
age: 592764
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20770
cf-request-id: 09c20252df00001d0e5522f000000001
last-modified: Wed, 10 Feb 2021 07:16:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 647d066499d01d0e-CPH

OPTIONS
H2 200 3509488
inpagepush.com/500/ Frame 0
0 227ms
118ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3509488?excludes=&oaid=a96def6a59a94443ba29ef83d0e4f1b9&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&pl=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Fri, 30 Apr 2021 01:33:58 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://paste.co.id
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 3509488 Show response
inpagepush.com/500/ 4 KB
3 KB 161ms
161ms XHR
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

594331bb10e1a4d980cbaa09e41e9886183f7ff3f75d17cb9129ebe25bfbafb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: a3da3f1c325d6cab677ed97147b631fc
pragma: no-cache
date: Fri, 30 Apr 2021 01:33:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=210655917&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&ul=en-us&de=UTF-8&dt=user%2Fur107804755%2Flists%20-%20Paste.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=570010726&gjid=123739442&cid=105621175.1619746437&tid=UA-137362802-1&_gid=838406212.1619746438&_r=1&gtm=2ou4l3&z=1907465289

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=210655917&t=pageview&_s=1&dl=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&ul=en-us&de=UTF-8&dt=user%2Fur107804755%2Flists%20-%20Paste.co.id&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAUABAAAAAC~&jid=1501567849&gjid=479399037&cid=105621175.1619746437&tid=UA-174907544-1&_gid=838406212.1619746438&_r=1&gtm=2ou4l3&z=624659424

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 options
onmarshtompor.com/ Frame 0
0 171ms
62ms Preflight 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/options?option_args=CKiq4wESIDI0NTg3YmZmMjg5NTQyOTc4MDQ4Mjg1N2E3ZTA5OWExGjFodHRwOi8vYmVkcmFwaW9uYS5jb20vYXB1LnBocD96b25laWQ9MzcyNDU4NCZvbz0xIhRodHRwczovL3Bhc3RlLmNvLmlkLzIkMzVkZDMyMmQtNzM0Mi00NDQ0LWJkYzYtYmIwOWI3ODRmYTU0

Protocol

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Fri, 30 Apr 2021 01:33:58 GMT
access-control-allow-origin: https://paste.co.id
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
strict-transport-security: max-age=1
x-content-type-options: nosniff

POST
H2 200 options Show response
onmarshtompor.com/ 0
446 B 53ms
53ms XHR
text/html 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

x-trace-id: 5872137706ceeb437d3d8eec27427226
pragma: no-cache
date: Fri, 30 Apr 2021 01:33:52 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=utf8
access-control-allow-origin: https://paste.co.id
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 0
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 96ms
28ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-137362802-1&cid=105621175.1619746437&jid=570010726&gjid=123739442&_gid=838406212.1619746438&_u=YAhAAUAAAAAAAC~&z=385588321

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 30 Apr 2021 01:33:57 GMT
content-type: text/plain
access-control-allow-origin: https://paste.co.id
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 9
toglooman.com/ Frame 0
0 164ms
53ms Preflight 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=3724583&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&sah=1200&drf=&hil=2&ist=0
Protocol: H2
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Fri, 30 Apr 2021 01:33:58 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://paste.co.id
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 online.js Show response
static.lalaping.com/ 84 KB
33 KB 30ms
14ms Script
application/javascript 2606:4700:20::ac43:4b21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lalaping.com/online.js?ver=2.0.0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/059f1ff61dcd9896b638ba20ebcfd0d2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 17:10:39 GMT
server: cloudflare
age: 2114
etag: W/"5fbbed0f-14f3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yP6plVB5PM2xcTLNBO9b9nep%2BZNzyHEVcagvW4pfRm%2Buow%2FRyzRQs25FdG2nHWlvKVkNDLo7BorBy8D4hri6SU3Qqa%2Budm4OfyJtBt5u285yjy3W5WO%2FmhaUp5hv4FVH"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 647d06651fc7061c-FRA
cf-request-id: 09c20253300000061c822dd000000001

POST
H2 204 9 Show response
toglooman.com/ 0
646 B 56ms
56ms XHR
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=3724583&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&sah=1200&drf=&hil=2&ist=0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/059f1ff61dcd9896b638ba20ebcfd0d2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:58 GMT
x-sc: o28tN7n_WI-Bgmf85RXDBW-Kr6SCzZl0WeBHqjhsVmtIuJyNdCq07W_BvZcWctHTQXI4Tj4ZJD-O5XJ43jtPCliB9-c=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
311 B 16ms
15ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-137362802-1&cid=105621175.1619746437&jid=570010726&_u=YAhAAUAAAAAAAC~&z=2072712915

Requested by

Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 35ms
15ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-137362802-1&cid=105621175.1619746437&jid=570010726&_u=YAhAAUAAAAAAAC~&z=2072712915

Requested by

Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame E0EF
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

281 B
554 B

127ms
41ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1619746437797366638665
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://paste.co.id/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 30 Apr 2021 01:33:58 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Fri, 30 Apr 2021 01:33:58 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

52164
i6.liadm.com/s/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=l3tVAkOX8wxi
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l3tVAkOX8wxi
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=8b197032-a0e0-42e1-a082-fbc180e18e22
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=8b197032-a0e0-42e1-a082-fbc180e18e22&_li_chk=true&previous_uuid=c6c608ffb0974cc894dcb18a0fc78be8
https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=8b197032-a0e0-42e1-a082-fbc180e18e22

43 B
447 B

301ms
105ms

Image
image/gif

2600:1f18:444a:4680:7493:838e:3006:4686
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=8b197032-a0e0-42e1-a082-fbc180e18e22

Requested by

Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:444a:4680:7493:838e:3006:4686 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 01:33:59 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: 6f708b8beeacb440
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=8b197032-a0e0-42e1-a082-fbc180e18e22
Date: Fri, 30 Apr 2021 01:33:58 GMT
Connection: keep-alive
trace-id: a6e2a35acd737e3b
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
557 B 134ms
66ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=l3tVAkOX8wxi
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 647d06667bfa735b-CPH
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 09c20254070000735b5a2c0000000001

GET
H3-29

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDN0VkFrT1g4d3hp&muidn=l3tVAkOX8wxi
https://cm.mgid.com/google?muidn=l3tVAkOX8wxi&google_ula={guid},5&google_gid=CAESEP3F1jPvy_Z-wZhZ8uXh6yU&google_cver=1

0
491 B

94ms
93ms

Image
text/plain

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l3tVAkOX8wxi&google_ula={guid},5&google_gid=CAESEP3F1jPvy_Z-wZhZ8uXh6yU&google_cver=1
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 647d06676cd210b1-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c20254a2000010b15c050000000001

Redirect headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l3tVAkOX8wxi&google_ula={guid},5&google_gid=CAESEP3F1jPvy_Z-wZhZ8uXh6yU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=mgid&bsw_custom_parameter=8b197032-a0e0-42e1-a082-fbc180e18e22
https://x.bidswitch.net/sync?dsp_id=257&user_id=mkd32ef232-b07d-495e-b661-e35986e5ef94&expires=7&user_group=5&ssp=mgid&bsw_param=8b197032-a0e0-42e1-a082-fbc180e18e22
https://cm.mgid.com/m?cdsp=433145&c=8b197032-a0e0-42e1-a082-fbc180e18e22&gdpr=&gdpr_consent=&us_privacy=

43 B
711 B

96ms
96ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=8b197032-a0e0-42e1-a082-fbc180e18e22&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:58 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 4d3bde90-a6e4-4878-9606-eb61cd50ed24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 647d066a0e4810b1-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c2025643000010b171288000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=8b197032-a0e0-42e1-a082-fbc180e18e22&gdpr=&gdpr_consent=&us_privacy=
date: Fri, 30 Apr 2021 01:33:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=WZ4tAk1Liq6VQ9JoE3kh&pi=mgid&tc=1

43 B
695 B

134ms
100ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=WZ4tAk1Liq6VQ9JoE3kh&pi=mgid&tc=1
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:58 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 3bfcb408-041f-42b9-a29f-e66989cf2a08
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 647d06675cbf10b1-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c2025497000010b16b904000000001
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=WZ4tAk1Liq6VQ9JoE3kh&pi=mgid&tc=1
pragma: no-cache
date: Fri, 30 Apr 2021 01:33:58 GMT, Fri, 30 Apr 2021 01:33:58 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=ee7d0966-c16d-4cc3-91fe-4ef4417e0c3a&ttl=1622338438

43 B
729 B

64ms
63ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=ee7d0966-c16d-4cc3-91fe-4ef4417e0c3a&ttl=1622338438
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:58 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 69024f15-acc2-436f-a2a3-7cbae1711bcd
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 647d06677cde10b1-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c20254af000010b12e29e000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:58 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=ee7d0966-c16d-4cc3-91fe-4ef4417e0c3a&ttl=1622338438
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
623 B 130ms
63ms Image
image/gif 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=l3tVAkOX8wxi
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 647d06667b8610b9-CPH
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c2025407000010b9bfb0f000000001

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1619746438080&ns_c=UTF-8&cv=3.5&c8=user%2Fur107804755%2Flists%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1619746438080&ns_c=UTF-8&cv=3.5&c8=user%2Fur107804755%2Flists%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&c9=

64 B
330 B

75ms
75ms

Image
image/gif

99.84.144.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1619746438080&ns_c=UTF-8&cv=3.5&c8=user%2Fur107804755%2Flists%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&c9=
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.144.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-144-111.txl52.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:58 GMT
via: 1.1 b46ec6462593127fefb6ecac53956825.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL52-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: Fkvir9-fFJ0vAzGQwEQBcWa9atUhuMi8_M22H-yHXIqKYzlpkQsUhg==

Redirect headers

date: Fri, 30 Apr 2021 01:33:58 GMT
via: 1.1 b46ec6462593127fefb6ecac53956825.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL52-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1619746438080&ns_c=UTF-8&cv=3.5&c8=user%2Fur107804755%2Flists%20-%20Paste.co.id&c7=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&c9=
content-length: 213
x-amz-cf-id: 66EK81KGh_CU9QDUkYHL8TE-47JwwDyLCHqdTX4yheIi0KtfrZYKlQ==

GET
H2 200 googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 5 KB
5 KB 31ms
15ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5087
x-xss-protection: 0
expires: Fri, 30 Apr 2021 01:33:58 GMT

GET
H2 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 29ms
14ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5969
x-xss-protection: 0
expires: Fri, 30 Apr 2021 01:33:58 GMT

GET
H2 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 13 KB
13 KB 32ms
17ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13504
x-xss-protection: 0
expires: Fri, 30 Apr 2021 01:33:58 GMT

GET
H2 200 googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 7 KB
7 KB 29ms
14ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
expires: Fri, 30 Apr 2021 01:33:58 GMT

GET
H2 200 googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 4 KB
4 KB 35ms
20ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Requested by

Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3934
x-xss-protection: 0
expires: Fri, 30 Apr 2021 01:33:58 GMT

OPTIONS
H/1.1 200
OK custom
seeptoag.net/ Frame 0
0 52ms
52ms Preflight
text/plain 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Fri, 30 Apr 2021 01:33:58 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
seeptoag.net/ 39 B
486 B 52ms
52ms Fetch
application/json 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 2d81394b6cb7fa367a5ec9882f98b532
Date: Fri, 30 Apr 2021 01:33:58 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
540 B 52ms
52ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=c7d794b04a0d402bbd2c15f5c0b3d831&zoneId=3534037&checkDuplicate=true&ymid=&var=

Requested by

Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

198112847c9818429884dc8dda201fb5c63fcb5c89cc956e3ac296d87fefaa88

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:54 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H/1.1 200
OK defaultSkin.min.js Show response
seeptoag.net/pfe/current/ 56 KB
19 KB 60ms
60ms Fetch
application/javascript 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/pfe/current/defaultSkin.min.js
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 01:33:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:48:58 GMT
Server: nginx
ETag: W/"6086a8aa-df63"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://paste.co.id
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK 0625425773465.png
static.cdnativepush.com/contents/s/48/15/4b/38ca44eafd323cd4fd273702f6/ 3 KB
4 KB 217ms
55ms Image
image/png 139.45.197.156
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/48/15/4b/38ca44eafd323cd4fd273702f6/0625425773465.png
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8f18cf892dcf9bee9190d075020a1640ce96f012d399790af20a7c0d8bddb072

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 01:33:58 GMT
Last-Modified: Thu, 15 Oct 2020 17:21:16 GMT
Server: nginx
ETag: "5f88850c-bf3"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 3059

GET
DATA 200
OK truncated
/ Frame 09E9 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H/1.1 200
OK custom
seeptoag.net/ Frame 0
0 51ms
51ms Preflight
text/plain 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Fri, 30 Apr 2021 01:33:58 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
seeptoag.net/ 39 B
486 B 52ms
52ms Fetch
application/json 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 1b044d89212c743ba16c5fa088fc86e6
Date: Fri, 30 Apr 2021 01:33:58 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E0EF 30 KB
9 KB 47ms
47ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 01:33:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 21:43:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=68772
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9235
Expires: Fri, 30 Apr 2021 20:40:10 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame E0EF 284 B
536 B 171ms
43ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/jpg

GET
H3-29 200 c
c.mgid.com/ 43 B
555 B 147ms
143ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=90|179|24|hKwf3onwIOmx9n-WfHQtqM3vgbqyHHq_UkW_50gGwC8PxqWoP-lBDW3tejZNjIH8&fw=1&extjs=66044&v=90|179|24|hKwf3onwIOmx9n-WfHQtqIrqLZS5l3LJFa1nWh5hZnNwajbLkYrozRZk0ljU07le&cid=997452&h2=hF4OtNEHL2Ycn5eVo4d0pNjhWubM8SE44Bpnn6MfbCs*&rid=21f103c2-a954-11eb-affa-d094662f8ab5&tt=Direct&iv=11&pageImp=1&cbuster=1619746439105786850335&tpl=0
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:59 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 67a6a071-4506-4b35-a39b-5e589116bd2a
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 647d066c880b10b1-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c20257da000010b15c06a000000001
server: cloudflare

GET
H3-29 200 c
c.mgid.com/ 43 B
556 B 145ms
137ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?pv=3&v=202|219|8|hKwf3onwIOmx9n-WfHQtqIgPE32NXWWdYnGFdAp3lcpU7-o77RpSGIBdo9_d5wfz&fw=1&extjs=66044&v=202|219|8|hKwf3onwIOmx9n-WfHQtqMm4IbSViogtnwpEZhlBxBeFMnr9VcjaUNR7If7yMBD8&v=202|219|8|hKwf3onwIOmx9n-WfHQtqL6MVIOWvh_aMEoovxxLFpvRSWn2JClAuQVF_BdFeiHl&v=202|219|40|hKwf3onwIOmx9n-WfHQtqCgtFzCuBeCy9iutwYi7KXJPhEOIPpDj4hfxjOw02n1j&cid=997452&h2=hF4OtNEHL2Ycn5eVo4d0pNjhWubM8SE44Bpnn6MfbCs*&rid=21e9baa4-a954-11eb-91aa-d094662c1c35&tt=Direct&iv=11&pageImp=0&cbuster=1619746439111515654457&tpl=0
Requested by: Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:59 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 9a1f52ed-2897-4248-8fb8-3956f7115421
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 647d066c981710b1-CPH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c20257e4000010b1699ef000000001
server: cloudflare

OPTIONS
H/1.1 200
OK custom
seeptoag.net/ Frame 0
0 51ms
51ms Preflight
text/plain 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://seeptoag.net/custom
Protocol: HTTP/1.1
Server: 139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Fri, 30 Apr 2021 01:33:59 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3df28cede092d9f3eb4ced65063bc126e298b7e03c1f587a3f42dadc6909dbfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48362
x-xss-protection: 0
server: cafe
etag: 11736008493392425597
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 01:33:59 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 37ms
18ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210428&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1979fdbb40851c386ce417a40ea503fe023b283ba38beed704b3eba3a54ed56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 01:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6978
x-xss-protection: 0

POST
H/1.1 200
OK custom Show response
seeptoag.net/ 39 B
486 B 67ms
67ms Fetch
application/json 139.45.196.145
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://seeptoag.net/custom

Requested by

Host: paste.co.id
URL: https://paste.co.id/lyEzHIQswT

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.145 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: b4d869138b76b26d42bf41d14df30eca
Date: Fri, 30 Apr 2021 01:33:59 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 30 Apr 2021 01:33:59 GMT

OPTIONS
H/1.1 200
OK add
o.wowreality.info/api/log/ Frame 0
0 165ms
59ms Preflight 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Protocol: HTTP/1.1
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Fri, 30 Apr 2021 01:33:59 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://paste.co.id

POST
H/1.1 200
OK add Show response
o.wowreality.info/api/log/ 0
398 B 197ms
92ms XHR
text/plain 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Requested by: Host: static.lalaping.com
URL: https://static.lalaping.com/online.js?ver=2.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

Date: Fri, 30 Apr 2021 01:33:59 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://paste.co.id
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length: 0

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 65F0 12 KB
5 KB 20ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 29 Apr 2021 22:01:38 GMT
expires: Fri, 29 Apr 2022 22:01:38 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 12741
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F5A2 783 B
813 B 17ms
17ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8a11b18365d96a7dd2f35856ff390bec0d7570318e89cf40dcc9060282ffe338

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-y76O8rYkHPneo85vPR1Pjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paste.co.id/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paste.co.id/

Response headers

expires: Fri, 30 Apr 2021 01:33:59 GMT
date: Fri, 30 Apr 2021 01:33:59 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-y76O8rYkHPneo85vPR1Pjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js Show response
pagead2.googlesyndication.com/bg/ Frame 65F0 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 17:30:32 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 115407
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
expires: Thu, 28 Apr 2022 17:30:32 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210428&jk=756054456240608&bg=!sbKlsvbNAAZLnZBaS507ACkAdvg8WhJ8LF_tiozOOt_WwECCE8C_Q_vDDIqN0XXNxOgbS3TQKHeBMwIAAABUUgAAAB9oAQcKABtk6vC2CHkb04fEME-dErCdYeGvkFXUV64g0DCZAiJSI3VmFSNTdhc1d_vYs7TIUNTSziAJMv3ixfcqNjFC_1wVUbcDg50Ij-ol5cG9AZB2cEh_LoLKU_ZO5Wt5goPzGc8S7F9ddEqOPUShJE-1HyGUxHAk_kw9DwlX9TnUaMznxfuka9PU-Ikk_TguxprBb1SLIAusebvJWmVZXj-bIqHu6M9NsFftKwPKcaWl3rqOHpOy0yJvX2r3GkYleMKVE4AE_EQceShu2ZZbXDCQRqbDxQ5BHSZLqanr99qxdAUKVPiBHkEwYjg5E10iNYjcHBAjh6I1XdkD-Vz5J0QJBHTUG7D2A2JPU8NCUSzuzUuYYU58oM9QLzqOdoCZ9xdPGBlADXKqRUViRXgg_md90rJuFTBNfyz91ay-NdsJOo7MbuJwZGIqOpxkUSaJO5yjpGNHpjcvZ70aqOa8kU3el82GaPzUuFfImEdm-DW3GNvPOwMtRisejgPq4J5ENZ0s8Eo5oaUy9chq5Ztu6Zg0vSktLEz1URO5RdaxRm_9YpXUWia2Yu-DZYR4ibe-WyCTGmEmt-aG42bIFh5MtiggN2VjQ0R8VnqgmzaIf6ygP9c3RDr-bJ2WY5vh8yxPsqmRi1QLPSPhKRp4Wd5_1KwTyJD40tEN9hK4nP9czNYd5NdxTxftv4MBjskkiBzs3pOV9F8ctA_WJaoSQTuzUiOltvd9plGDu-m3KlBf1_3vzF0Q-JFhQyOK5BoWxYSwnbqYM3M

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:33:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zFQGoLv9gDmHCMKR0M1z9B1JXHz9fqBQ97lmXfdPvW5sKRBEq5QnRPOcwQJJIROwUQz7_C2H6duXNms3MO59yawjoJrQOAv2DY8nuc2uC7nHWyJfNXE_L0z7nHMmiZyKo2xLwpjJzpmx08gvL5w9eThPMWuvcQysDsdbGDdILWtBU0jp5e4__94W3V2wulNcyZ14l...
dutorterraom.com/impression/ 43 B
326 B 164ms
57ms Image
image/gif 139.45.197.14
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dutorterraom.com/impression/zFQGoLv9gDmHCMKR0M1z9B1JXHz9fqBQ97lmXfdPvW5sKRBEq5QnRPOcwQJJIROwUQz7_C2H6duXNms3MO59yawjoJrQOAv2DY8nuc2uC7nHWyJfNXE_L0z7nHMmiZyKo2xLwpjJzpmx08gvL5w9eThPMWuvcQysDsdbGDdILWtBU0jp5e4__94W3V2wulNcyZ14l1GGeebE4C7G8eupWoUP84UXMugZ0VT_ThrFwlgyNYmSQIEF5yR1J8jYRdNhrRUd72W8hQbRvCXlzNJz-rpXKMLwX1yN1Fir_wPvqdazR3ahnESLyUnMhwx6A9iuSC68KY6LVk2XbuS1SbwLQ_zStJTeioCpRrlc2EFfCKscEy0SMQdAiBH_raPAae31GgaV97gLlpGMy65KzqoKcmlfHpNjcdLyG74QLHeMEzfopN78dKRieuLV_SjTbyx-hF43T8woRu2lO1skpnCOWCRI1e0EnbNbB4GlOEUQRNc5NOZ462QwkDmxvZoAmJYtiLsnfiul2RonOFLWyJ2sYpEbl_TfSPFbjWbzlM4CFuOJrb7kakVwmenYwpIviTed9p49SGnmDpWoOx3i0Y7TcZpVfyj9QaxSNaR-wZ5lKkIE64Hxihf9_UE-CZ7BDutCAPEfat6oTGe3HXnp0Qj4InSm7wh9yHwkjnpbqySQ0Wi_a24wNygpluyJKa09_9y1i0i4hg==?z=3509488&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=10&pl=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.14 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: 14944697b92e06a9269ff7c7a62c2d24
pragma: no-cache
date: Fri, 30 Apr 2021 01:34:07 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
content-length: 43
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 0625425773465.png
static.cdnativepush.com/contents/s/48/15/4b/38ca44eafd323cd4fd273702f6/ Frame D32D 3 KB
4 KB 54ms
54ms Image
image/png 139.45.197.156
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/48/15/4b/38ca44eafd323cd4fd273702f6/0625425773465.png
Requested by: Host: inpagepush.com
URL: https://inpagepush.com/400/3509488
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8f18cf892dcf9bee9190d075020a1640ce96f012d399790af20a7c0d8bddb072

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 01:34:07 GMT
Last-Modified: Thu, 15 Oct 2020 17:21:16 GMT
Server: nginx
ETag: "5f88850c-bf3"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 3059

OPTIONS
H2 200 3509488
inpagepush.com/500/ Frame 0
0 86ms
85ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3509488?excludes=6825922&oaid=a96def6a59a94443ba29ef83d0e4f1b9&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=11&pl=https%3A%2F%2Fpaste.co.id%2FlyEzHIQswT&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://paste.co.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Fri, 30 Apr 2021 01:34:07 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://paste.co.id
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 3509488 Show response
inpagepush.com/500/ 4 KB
3 KB 151ms
151ms XHR
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3509488

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

38b2803dcdb9eedfcf72214aca15231256c888dd3fc90320136128d3916dfef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: cb20bd1de1ed26550dbe426b8cf14e11
pragma: no-cache
date: Fri, 30 Apr 2021 01:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://paste.co.id
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 0165196649576.png
static.cdnativepush.com/contents/s/61/cb/1e/ce98fb282238519e9996f6ce4c/ 12 KB
13 KB 59ms
59ms Image
image/png 139.45.197.156
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/61/cb/1e/ce98fb282238519e9996f6ce4c/0165196649576.png
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b6283228541f0e36e3c03382a2b73a4cca03df530032a278b8c0c08abfc9cea1

Request headers

Referer: https://paste.co.id/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 01:34:07 GMT
Last-Modified: Mon, 09 Nov 2020 08:52:32 GMT
Server: nginx
ETag: "5fa90350-2fec"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 12268

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
paste.co.id/	1970-01-19 17:55:53	Name: pasteshr_session Value: eyJpdiI6Im1EY0FtV2tqXC9EeThueHBMZEw4UHZRPT0iLCJ2YWx1ZSI6InhZSVFyM0hvWUlRSGs4aUpuWDVtVzByM3dNZHNMRkN1N1hLWlF4SkNFM04wanVlV2hjOWs1NTZkTktGZFwvTlhTIiwibWFjIjoiOWZjMTM2YTY4NTM4MzliZmI2MWI2NTk4NzkwY2I2OTBiMjlmNzY5MjhjN2EwNjQ4YmIyNTI0YzdmMGYzMjUyYiJ9
.doubleclick.net/	1970-01-20 03:17:22	Name: IDE Value: AHWqTUkKXUUsoF4sRQMHtdvHmpz0--Uo2eYq95yrFJIJsLIrXdSHWL_SqWzMJtqUJH4
paste.co.id/	1970-01-19 17:55:53	Name: XSRF-TOKEN Value: eyJpdiI6IjJOalNWUXVcL01ZOUdNcTJpWk41Y09nPT0iLCJ2YWx1ZSI6IlZnZzVQZmlIWU1DcEtUTVliZlE5MDR0WkJXMDVmMjRtcWRYOFRnXC9Sa2Nid0o0cGJ4RkVlZ0Voa094RENnWkx0IiwibWFjIjoiNzliOTk1MWE1MzdlZDdhMjJjZTAyMGVjN2U4MDNmNGFmMTNmNDc5OTQxNDMwMGVlNjY2NmU4MzkzNGQzZGUzNyJ9
.paste.co.id/	1970-01-19 17:55:46	Name: _gat_gtag_UA_137362802_1 Value: 1
.paste.co.id/	1970-01-19 17:57:12	Name: _gid Value: GA1.3.838406212.1619746438
.paste.co.id/	1970-01-19 17:55:46	Name: _gat_gtag_UA_174907544_1 Value: 1
.paste.co.id/	1970-01-20 11:26:58	Name: _ga Value: GA1.3.105621175.1619746437
paste.co.id/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22Pih2Sou.d%22%7D%2C%22C997452%22%3A%7B%22page%22%3A1%2C%22time%22%3A1619746437815%7D%7D
.paste.co.id/	1970-01-20 03:17:22	Name: __gads Value: ID=9af2596cc1a5f56d-2241f9d6f6c70018:T=1619746437:RT=1619746437:S=ALNI_MZFEBwMhbwwQF3onSYKPfin8_4ryg

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js(Line 1) Message: [object HTMLImageElement]
console-api	debug	URL: https://jsc.mgid.com/p/a/paste.co.id.997452.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://paste.co.id/lyEzHIQswT(Line 563) Message: complete

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bedrapiona.com
berkas.co
c.mgid.com
cdn.mgid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
creativecdn.com
dutorterraom.com
eus.rubiconproject.com
event.clientgear.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.liadm.com
i6.liadm.com
iclickcdn.com
inpagepush.com
jsc.mgid.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
my.rtmark.net
o.wowreality.info
onmarshtompor.com
pagead2.googlesyndication.com
partner.googleadservices.com
paste.co.id
pseepsie.com
s-img.mgid.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
seeptoag.net
servicer.mgid.com
static.cdnativepush.com
static.lalaping.com
stats.g.doubleclick.net
toglooman.com
token.rubiconproject.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.qrcoder.co.uk
x.bidswitch.net
104.111.230.142
104.16.221.74
104.19.133.78
104.19.136.78
104.19.217.61
109.203.125.88
139.45.195.254
139.45.195.8
139.45.196.136
139.45.196.145
139.45.197.14
139.45.197.156
139.45.197.234
139.45.197.237
139.45.197.239
139.45.197.243
142.250.186.130
142.250.186.66
173.249.18.21
185.184.8.30
23.79.143.124
2600:1f18:444a:4680:7493:838e:3006:4686
2606:4700:20::ac43:4b09
2606:4700:20::ac43:4b21
2606:4700::6810:125e
2606:4700::6812:bcf
2a00:1450:4001:802::2002
2a00:1450:4001:802::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c09::9b
3.124.46.162
34.239.68.98
47.252.78.131
5.189.137.168
52.18.54.41
69.173.144.138
99.84.144.111
031f00b22a8c37dc6f3a8ea8e33f3d958a579bb1fcddc00c9409a24d1e07c259
073cfd3886896f9985f4fb67df7e5f6cbe2d5671e97ef30903aaff8500048669
09a0099bf7fefd4d080249360f6a41730158897b2c1613fe50eea9c5520eb9d8
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16d2eac72467e8931e76a59088381521c469cd08de7884eb65442a9a7744256b
1979fdbb40851c386ce417a40ea503fe023b283ba38beed704b3eba3a54ed56b
198112847c9818429884dc8dda201fb5c63fcb5c89cc956e3ac296d87fefaa88
240fc3d0db66576da23635c8fa9a2dbb7c5b752b3173a53bb104aefc6e050f4d
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2e4429103953674dfb1ca4f73406c393431cd0358807932b4980537aa1f653b3
3162031f39233876ba2e771083fc9610dce8dee37dfb4734ba66ececbec9b60a
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
3248be3438142ce651b1109b664870b66c21fc28e8c5695654917a9cf66607dc
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
36299c8871a752497acce7f736d53048d52841d8cd2ae79e5bfdf051a77c4df6
38b2803dcdb9eedfcf72214aca15231256c888dd3fc90320136128d3916dfef4
3df28cede092d9f3eb4ced65063bc126e298b7e03c1f587a3f42dadc6909dbfc
3ed701c1f69c39826ef0ce4f62237c3329a15b0987724ff0b49c7650790559a2
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3
42069355b36bdc6751b178b52728c41fb774e59f62c491da3e88e1b41f03151b
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4aabd2b7fa78aa11ff4b1ed3e4aeb3e3d9e2bdc88f3d659f95a659d05afa5f76
4d6283e374a7a7a13eeea4784cd4a7daaa6dd0ea995dd95052ff6c09af6a310f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
532ebb63b21f25cd2321d533fa378e22801af099c6b8b115d66f5fb2a9b9f482
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
587beaebd769abadfa42c4c8d9249819e2093fec9c2c7aca3a0d0b9b29df76a1
594331bb10e1a4d980cbaa09e41e9886183f7ff3f75d17cb9129ebe25bfbafb1
5c516ac25cec34a5dcf4717efa0e3ae5a31766e537163fd4d3c33a9481495019
5c942b2dedd909d6041207312ac649823a3196944634f35137fed9fa3a9de81e
5eb58957336c213965803eb8f38617c70deea70a22470a4e66a0712a870e9c09
62dadcf91b790af18b75663d3b07dc5099824148a32cc71c8e4d8fa99aabc745
653c87ed6c7eb7fe23dfc3bbe5ab1799cba3bd1bbda3ad2748439fc61c70ce9b
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c72f8e8f83cc5336e5aa688c0a9e141d7d3ec5f59e705ea46f9ed601178f065
6ff25efa17b3ef606970b0dfaea5635df630694c14abc9ca2ab14266267015ff
7371eea431b42e3113bd80edcfa3cf6667b7151cdb38c4b70b09069c13cfc8e9
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5
7c45c9bf3189b8c7a74c01957bd346d229e623aaa4cc215560499e83887b2d10
8202992da2f6992ea07da19ff76ccc6e82b282b836b32242de29a55870a77d6b
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83b56810f90ecc4b4ca00f2d6225cd7c75441b42b740afbe17e0adac12890140
843be5a31abe5891100de97d89e995a52ede4fa9461f45ef1cebbbe808912f86
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8549bb7d46acd44242461a4ce44ddbda748516ca45f5ad481c4cab184d5d5045
8882124ecc46145f8dd2c4723888f2510a0ef0fc2ad527786b21b7ea6801361a
8a11b18365d96a7dd2f35856ff390bec0d7570318e89cf40dcc9060282ffe338
8b84b2abc336ee61f48a28a697b6ace2333ea5f1868aa15d5aeb2c7beac6d716
8eff3e7a084be3c610ab7c8e6f65f858cdcd98d797fa1a3051551b2c618165af
8f18cf892dcf9bee9190d075020a1640ce96f012d399790af20a7c0d8bddb072
8f47c370f381d424292fc7b38dd98801aafa6d76b3f6895013d6ed2880559e31
900e849bfdeef7fc0ccfca363e6fe27c78fc6912aa85aa7ab5d35e6a10b2ad93
9147e56702cac804cff4b646db96efe455be370caeba029965acd0f375d00da1
94a0ac8d73bb60a9cbe27a4fa36669104f6ffa37c8ff2df29313a6c0d3b64a75
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9ca8263f2c0cc38b5a8063185d49ae8567f65bbebdf8df5c7e706bb1e3289f00
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
a1362e2010a9c67e3ccdd9408414d9936c9505231f03907473112a9bfb29342b
a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a96be413e3a3b82a5507eea75872e33cf0ec0e92273075073c58f3b32c19e67c
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac4cb91547723c69656a2a7925e23c41353a19df2459456f6c92671709304ac0
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
adb7d542ec2bea4907ac7cc212204ff1a656de69f78206384d64228f40beb815
ae337cc04d8d39b2fe8897cceddd711ad2443b88743afcf8ef3e95163ed22a70
af505bc709e027a47f16fa5f767bf083ad2d924e76c0eb9ab190b4ca01820f0a
b24778ddf954b52d774d1620e1f7a371a0366c6b431cb979c11e0bf4fc6caa5d
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
b6283228541f0e36e3c03382a2b73a4cca03df530032a278b8c0c08abfc9cea1
bedb1fb66d17c10cad9698a51c22530a6a716d67682aefaa6cb7858b0e2c55aa
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
c44b0e97587314c73ebd650f505d0f4aff908efc01fa8aa5976b8396be780d71
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c66349b55d5d119b585c2ddf90e9f934d4a2ea9277001e5276763b9db4d99ae7
c76a6cc9369273b7e5f07285be49006b00775eefeefd725334e4235c4c29c9cf
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce05d31875267ec6843d521534b8caff63650ffb99e890e99096862577b5a1f2
d5e5f8d32022c3946a1d9b047f843d4329e61a8c50ab0791bb18f5be78e37139
d6a85b4201a7e290403b16023c00949c49abe0231474704b0d6016006445f517
d801a7aee4bfe2c958fd643f0cbeec4594298233004ada814fbff90eeb0b1c0b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e23d6a22a546762e5fcef2d5d4a189087c29034daa589e0a37b333ec4691ee09
e32234b6ab1d130b61389962423531dd44198600286e4d274ad08283f7deebb7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebc0610ef7904623b283f5b8872166aff2309963a7c645c3be1eacc13311a30f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb948a83c0273180b468b91a1f0d700f9945fe4d1f7e7b5b81e4ce163c3c60d3
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

paste.co.id Open in urlscan Pro 5.189.137.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

137 Requests

100 %HTTPS

39 %IPv6

37 Domains

50 Subdomains

40 IPs

6 Countries

1705 kBTransfer

4255 kBSize

9 Cookies

60 Outgoing links

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paste.co.id Open in urlscan Pro
5.189.137.168 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

100 %
HTTPS

39 %
IPv6

37
Domains

50
Subdomains

40
IPs

6
Countries

1705 kB
Transfer

4255 kB
Size

9
Cookies

137 HTTP transactions
3 data transactions