w3.planet4d.cc Open in urlscan Pro
2606:4700:3035::6815:2806 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://w3.planet4d.cc/
Submission: On January 12 via api (January 12th 2024, 3:33:25 pm UTC) from US — Scanned from US

Summary HTTP 109 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 34 IPs in 2 countries across 38 domains to perform 109 HTTP transactions. The main IP is 2606:4700:3035::6815:2806, located in United States and belongs to CLOUDFLARENET, US. The main domain is w3.planet4d.cc.
TLS certificate: Issued by GTS CA 1P5 on November 20th 2023. Valid for: 3 months.

This is the only time w3.planet4d.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2606:4700:303... 2606:4700:3035::6815:2806	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2607:f8b0:400... 2607:f8b0:4004:c08::5f	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4004:c06::5e	15169 (GOOGLE) (GOOGLE)
1 13	2606:4700:303... 2606:4700:3031::6815:4c5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3037::ac43:c06f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6814:5063	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	149.56.240.128 149.56.240.128	16276 (OVH) (OVH)
3	2606:4700:21:... 2606:4700:21::8d65:780a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c07::84	15169 (GOOGLE) (GOOGLE)
2	192.0.72.18 192.0.72.18	2635 (AUTOMATTIC) (AUTOMATTIC)
2	54.230.202.35 54.230.202.35	() ()
3	3.129.242.3 3.129.242.3	() ()
1	13.227.37.24 13.227.37.24	() ()
3	18.160.96.96 18.160.96.96	() ()
1	2606:4700:20:... 2606:4700:20::ac43:4aba	() ()
2 2	141.94.171.212 141.94.171.212	() ()
4 5	54.156.26.12 54.156.26.12	() ()
5 5	15.197.193.217 15.197.193.217	() ()
3	23.212.251.27 23.212.251.27	() ()
4	18.191.83.3 18.191.83.3	() ()
3 3	35.244.154.8 35.244.154.8	() ()
1 1	107.178.254.65 107.178.254.65	() ()
1 2	2620:1ec:21::14 2620:1ec:21::14	() ()
1 2	34.117.77.79 34.117.77.79	() ()
2 4	23.55.200.222 23.55.200.222	() ()
1 2	63.251.86.49 63.251.86.49	() ()
1	23.34.194.26 23.34.194.26	() ()
2 4	142.251.163.155 142.251.163.155	() ()
8	52.20.53.186 52.20.53.186	() ()
1	44.199.118.113 44.199.118.113	() ()
1 2	2606:4700:1::... 2606:4700:1::6813:854c	() ()
1 2	52.46.143.56 52.46.143.56	() ()
1 2	216.22.16.8 216.22.16.8	() ()
2 2	8.28.7.81 8.28.7.81	() ()
3 3	34.111.113.62 34.111.113.62	() ()
1 1	104.17.216.204 104.17.216.204	() ()
2 2	34.195.167.11 34.195.167.11	() ()
1	40.71.11.141 40.71.11.141	() ()
1	69.173.151.100 69.173.151.100	() ()
2 2	151.101.2.49 151.101.2.49	() ()
1	13.227.37.97 13.227.37.97	() ()
1	13.227.37.96 13.227.37.96	() ()
109	34

19 2606:4700:3035::6815:2806 (United States)

ASN13335 (CLOUDFLARENET, US)

w3.planet4d.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4004:c08::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3031::6815:4c5f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

w1.4detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
w4.4detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:c06f (United States)

ASN13335 (CLOUDFLARENET, US)

w4.4detik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:5063 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.128 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534296.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:21::8d65:780a (United States)

ASN13335 (CLOUDFLARENET, US)

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)

2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.72.18 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

sniperbom.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.202.35 (None, )

ASN- ()

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
data-beacons.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.129.242.3 (None, )

ASN- ()

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.37.24 (None, )

ASN- ()

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.160.96.96 (None, )

ASN- ()

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4aba (None, )

ASN- ()

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.171.212 (None, ) 2 redirects

ASN- ()

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.156.26.12 (None, ) 4 redirects

ASN- ()

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 15.197.193.217 (None, ) 5 redirects

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.212.251.27 (None, )

ASN- ()

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.191.83.3 (None, )

ASN- ()

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.154.8 (None, ) 3 redirects

ASN- ()

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (None, ) 1 redirects

ASN- ()

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (None, ) 1 redirects

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.77.79 (None, ) 1 redirects

ASN- ()

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.55.200.222 (None, ) 2 redirects

ASN- ()

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.86.49 (None, ) 1 redirects

ASN- ()

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.34.194.26 (None, )

ASN- ()

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.163.155 (None, ) 2 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.20.53.186 (None, )

ASN- ()

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.199.118.113 (None, )

ASN- ()

track2.securedvisit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:1::6813:854c (None, ) 1 redirects

ASN- ()

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.143.56 (None, ) 1 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.22.16.8 (None, ) 1 redirects

ASN- ()

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.81 (None, ) 2 redirects

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (None, ) 3 redirects

ASN- ()

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.216.204 (None, ) 1 redirects

ASN- ()

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.195.167.11 (None, ) 2 redirects

ASN- ()

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.71.11.141 (None, )

ASN- ()

c.cintnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (None, )

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (None, ) 2 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.37.97 (None, )

ASN- ()

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.37.96 (None, )

ASN- ()

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	planet4d.cc w3.planet4d.cc	5 MB
15	4detik.com 1 redirects w1.4detik.com w4.4detik.com	119 KB
12	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	7 KB
11	crwdcntrl.net tags.crwdcntrl.net bcp.crwdcntrl.net sync.crwdcntrl.net	28 KB
10	sharethis.com pd.sharethis.com t.sharethis.com sync.sharethis.com	17 KB
5	adsrvr.org 5 redirects match.adsrvr.org	2 KB
5	eyeota.net 4 redirects ps.eyeota.net	3 KB
5	gstatic.com fonts.gstatic.com	127 KB
4	doubleclick.net 2 redirects cm.g.doubleclick.net	1 KB
4	bluekai.com 2 redirects tags.bluekai.com stags.bluekai.com	1 KB
3	tapad.com 3 redirects pixel.tapad.com	2 KB
3	rlcdn.com 3 redirects idsync.rlcdn.com	1 KB
3	s-onetag.com get.s-onetag.com onetag-geo.s-onetag.com data-beacons.s-onetag.com	13 KB
3	dtscout.com e.dtscout.com — Cisco Umbrella Rank: 9697 t.dtscout.com	5 KB
3	histats.com s10.histats.com — Cisco Umbrella Rank: 8421 s4.histats.com — Cisco Umbrella Rank: 7990	12 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	643 B
2	demdex.net 2 redirects dpm.demdex.net	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	551 B
2	smartadserver.com 1 redirects sync.smartadserver.com	1 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	2 KB
2	mgid.com 1 redirects cm.mgid.com	738 B
2	lijit.com 1 redirects ap.lijit.com	972 B
2	ml314.com 1 redirects ml314.com	547 B
2	linkedin.com 1 redirects px.ads.linkedin.com	890 B
2	onaudience.com 2 redirects pixel.onaudience.com	800 B
2	wordpress.com sniperbom.files.wordpress.com	672 KB
1	intentiq.com api.intentiq.com
1	agkn.com aa.agkn.com	730 B
1	rubiconproject.com token.rubiconproject.com	676 B
1	cintnetworks.com c.cintnetworks.com	543 B
1	truoptik.com 1 redirects dmp.truoptik.com	548 B
1	securedvisit.com track2.securedvisit.com	178 B
1	bkrtx.com tags.bkrtx.com	16 KB
1	pippio.com 1 redirects pippio.com	633 B
1	dtscdn.com t.dtscdn.com	598 B
1	blogspot.com 2.bp.blogspot.com — Cisco Umbrella Rank: 16626	2 KB
0	ib-ibi.com Failed global.ib-ibi.com Failed
0	mediawallahscript.com Failed partner.mediawallahscript.com Failed
109	38

	Domain	Requested by
19	w3.planet4d.cc	w3.planet4d.cc
14	w4.4detik.com	w3.planet4d.cc w4.4detik.com
12	fonts.googleapis.com	w3.planet4d.cc w4.4detik.com
6	sync.crwdcntrl.net	bcp.crwdcntrl.net
5	match.adsrvr.org	5 redirects
5	ps.eyeota.net	4 redirects w4.4detik.com
5	fonts.gstatic.com	fonts.googleapis.com
4	cm.g.doubleclick.net	2 redirects bcp.crwdcntrl.net
4	sync.sharethis.com	w4.4detik.com bcp.crwdcntrl.net
3	pixel.tapad.com	3 redirects
3	tags.bluekai.com	1 redirects tags.bkrtx.com bcp.crwdcntrl.net
3	idsync.rlcdn.com	3 redirects
3	t.sharethis.com	pd.sharethis.com t.sharethis.com
3	tags.crwdcntrl.net	e.dtscout.com tags.crwdcntrl.net
3	pd.sharethis.com	e.dtscout.com w4.4detik.com t.sharethis.com
2	sync-tm.everesttech.net	2 redirects
2	dpm.demdex.net	2 redirects
2	image6.pubmatic.com	2 redirects
2	sync.smartadserver.com	1 redirects bcp.crwdcntrl.net
2	s.amazon-adsystem.com	1 redirects bcp.crwdcntrl.net
2	cm.mgid.com	1 redirects bcp.crwdcntrl.net
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	ap.lijit.com	1 redirects
2	ml314.com	1 redirects w4.4detik.com
2	px.ads.linkedin.com	1 redirects
2	pixel.onaudience.com	2 redirects
2	t.dtscout.com	e.dtscout.com
2	sniperbom.files.wordpress.com	w4.4detik.com
2	s10.histats.com	w4.4detik.com s10.histats.com
1	api.intentiq.com	data-beacons.s-onetag.com
1	aa.agkn.com	bcp.crwdcntrl.net
1	token.rubiconproject.com	bcp.crwdcntrl.net
1	c.cintnetworks.com	bcp.crwdcntrl.net
1	dmp.truoptik.com	1 redirects
1	track2.securedvisit.com	data-beacons.s-onetag.com
1	stags.bluekai.com	1 redirects
1	tags.bkrtx.com	pd.sharethis.com
1	pippio.com	1 redirects
1	data-beacons.s-onetag.com	get.s-onetag.com
1	t.dtscdn.com	e.dtscout.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	get.s-onetag.com	e.dtscout.com
1	2.bp.blogspot.com	w4.4detik.com
1	e.dtscout.com	s4.histats.com
1	s4.histats.com	s10.histats.com
1	w1.4detik.com	1 redirects
0	global.ib-ibi.com Failed	bcp.crwdcntrl.net
0	partner.mediawallahscript.com Failed	bcp.crwdcntrl.net
109	48

This site contains links to these domains. Also see Links.

Domain
rtpplanet.com
toto.apik4d.com
teamwla4d.com
blog.aimistik.com
http

Subject Issuer	Validity	Valid
planet4d.cc GTS CA 1P5	`2023-11-20` - `2024-02-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-24` - `2024-02-24`	a year	crt.sh
histats.com R3	`2023-11-23` - `2024-02-21`	3 months	crt.sh
dtscout.com GTS CA 1P5	`2023-11-20` - `2024-02-18`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.files.wordpress.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
*.s-onetag.com Amazon RSA 2048 M03	`2023-11-04` - `2024-12-01`	a year	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-22` - `2024-06-19`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
dtscdn.com GTS CA 1P5	`2023-11-15` - `2024-02-13`	3 months	crt.sh
cert1-prod.aut.a24365.net R3	`2024-01-09` - `2024-04-08`	3 months	crt.sh
*.bkrtx.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-06` - `2024-12-05`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
securedvisit.com Amazon RSA 2048 M03	`2023-08-16` - `2024-09-13`	a year	crt.sh
c.cintnetworks.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-12-26` - `2024-06-26`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
*.intentiq.com Amazon RSA 2048 M02	`2023-04-11` - `2024-05-08`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://w3.planet4d.cc/
Frame ID: 570C4475D8A994AFC330EB9838880209
Requests: 33 HTTP requests in this frame

Frame: https://w4.4detik.com/sydney-jumat/
Frame ID: 82F48C572A96C461B4F59F0EE56502AF
Requests: 44 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A01705073602C10DD356067AE7E7FD
Frame ID: 87767AF219635267820A3DEBA37D44C2
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
Frame ID: 02D7EB56CFB793843D593190C01F1BF7
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C
Frame ID: 0A6AF457F7916AA90BEC7D90ED6694BC
Requests: 6 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: 7B758D98F811CF923AAC03450C85C007
Requests: 2 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEOu3FMZcml0gCcsvMjrsI38&google_cver=1
Frame ID: 84BF552B5CC52CDF14E164152EDF8654
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: E39870FD88FC2171174FC7010BA81BCF
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C136%2C116%2C106%2C104%2C94%2C92%2C81%2C78%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 291DD73B781769986BD5F1ED76EABAFD
Requests: 24 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=21005
Frame ID: 1CED8F8E163183E20460461C72EC1822
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Beranda - PLANET4D || PANDUAN || APLIKASI RUMUS || PAITO WARNA

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

109
Requests

78 %
HTTPS

26 %
IPv6

38
Domains

48
Subdomains

34
IPs

2
Countries

5956 kB
Transfer

7037 kB
Size

7
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://rtpplanet.com/
Title: RTP SLOT

Search URL Search Domain Scan URL

URL: https://toto.apik4d.com/paito-6d/?mid=67&col=7&war=putih
Title: Paito HK 6D

Search URL Search Domain Scan URL

URL: https://toto.apik4d.com/
Title: Beranda

Search URL Search Domain Scan URL

URL: https://teamwla4d.com/lunabet
Title: <img src="https://w3.planet4d.cc/wp-content/uploads/2023/11/lunaaaaa.gif" width="100%">

Search URL Search Domain Scan URL

URL: https://teamwla4d.com/venusbet
Title: <img src="https://w3.planet4d.cc/wp-content/uploads/2023/11/VENUSBET.gif" width="100%">

Search URL Search Domain Scan URL

URL: https://teamwla4d.com/mars4d
Title: <img src="https://w3.planet4d.cc/wp-content/uploads/2023/11/MARS4D.gif" width="100%">

Search URL Search Domain Scan URL

URL: https://teamwla4d.com/planet4d
Title: <img src="https://w3.planet4d.cc/wp-content/uploads/2023/11/PLANET4D.gif" width="100%">

Search URL Search Domain Scan URL

URL: https://toto.apik4d.com/rumus/
Title: Ruang Admin

Search URL Search Domain Scan URL

URL: https://blog.aimistik.com/
Title: Aimistik

Search URL Search Domain Scan URL

URL: http://http//45.77.175.54/
Title: Togelista © 2022

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://w1.4detik.com/sydney-jumat/ HTTP 301
https://w4.4detik.com/sydney-jumat/

Request Chain 69

https://pixel.onaudience.com/?partner=137085098&mapped=51A01705073602C10DD356067AE7E7FD HTTP 302
https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=12413363fb913ef5 HTTP 302
https://ps.eyeota.net/pixel/bounce/?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=12413363fb913ef5 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?uid=5d3de7a4-7041-425e-b0b2-c47640e6b80b&bid=1e2n4ou

Request Chain 76

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=5d3de7a4-7041-425e-b0b2-c47640e6b80b&gdpr=0&gdpr_consent=

Request Chain 77

https://idsync.rlcdn.com/386076.gif?partner_uid=ZHiABmWhW8IAAAAIA9ypAw%3D%3D&gdpr=0&gdpr_consent= HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkhpQUJtV2hXOElBQUFBSUE5eXBBdz09EAAaDQjDt4WtBhIFCOgHEABCAEoA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=56cfe7beabfdb5743637181892f0db5c46620407f76a197fccda3e11516c00d6791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=56cfe7beabfdb5743637181892f0db5c46620407f76a197fccda3e11516c00d6791426b5417dce21&rand=09841196 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=56cfe7beabfdb5743637181892f0db5c46620407f76a197fccda3e11516c00d6791426b5417dce21&rand=09841196&expected_cookie=b3027ff2-7a05-45f6-89b2-d46f46b69fcb

Request Chain 78

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/eyeota?uid=205opNnUoaaEBR3_YhQP2bRT5SqUcAiIKNBiYUKGMXhE&gdpr=0&gdpr_consent=

Request Chain 79

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHiABmWhW8IAAAAIA9ypAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3641302050815868945 HTTP 307
https://ml314.com/csync.ashx?fp=00e533fb54d983e02ffa9a50ecd0440e503da3d4810822c4c1f7132341dedc88f4cb09cee1a4f8eb&person_id=3641302050815868945&eid=50082

Request Chain 80

https://tags.bluekai.com/site/59574?id=ZHiABmWhW8IAAAAIA9ypAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Request Chain 81

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 84

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHiABmWhW8IAAAAIA9ypAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23380%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23380%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=85048393 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=ZEdHeDlId005OU9aRHZhaw%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm=&google_sc=&google_hm=ZEdHeDlId005OU9aRHZhaw%3D%3D&google_tc= HTTP 302
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEOu3FMZcml0gCcsvMjrsI38&google_cver=1

Request Chain 89

https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=422335f3d731f293ce284f6c3504f073&custom=&tag_format=img&tag_action=sync HTTP 302
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=422335f3d731f293ce284f6c3504f073&custom=&tag_format=img&tag_action=sync&final=true&reqid=ecb70190-b15f-11ee-80b2-bd2b2503dc0e&timestamp=2024-01-12T15%3A33%3A24.649Z HTTP 302
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2016%26partner_id%3D2087%26uid%3D%24UID%26tag_format%3Dimg%26tag_action%3Dsync HTTP 302
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=1090915401468408085&tag_format=img&tag_action=sync

Request Chain 90

https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=422335f3d731f293ce284f6c3504f073 HTTP 307
https://cm.mgid.com/m?c=422335f3d731f293ce284f6c3504f073&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

Request Chain 91

https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=422335f3d731f293ce284f6c3504f073 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=422335f3d731f293ce284f6c3504f073&dcc=t

Request Chain 92

https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0 HTTP 302
https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1

Request Chain 93

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1 HTTP 302
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=5804C400-4917-4A5C-BD1B-3DAE4891FB7B&gdpr=0

Request Chain 94

https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=5d3de7a4-7041-425e-b0b2-c47640e6b80b/gdpr=0/gdpr_consent=

Request Chain 95

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=422335f3d731f293ce284f6c3504f073&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D&ch=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=422335f3d731f293ce284f6c3504f073&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D&ch=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=62ce6e18-06d4-4af4-bf88-40b37e06c98a%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252Ftp%25253DTPAD%25252Ftpid%25253D62ce6e18-06d4-4af4-bf88-40b37e06c98a%252C%25257B%252522fullVersionList%252522%25253A%25255B%25255D%25252C%252522mobile%252522%25253Afalse%25252C%252522model%252522%25253A%252522%252522%25252C%252522platform%252522%25253A%252522%252522%25252C%252522platformVersion%252522%25253A%252522%252522%25257D&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5d3de7a4-7041-425e-b0b2-c47640e6b80b&ttd_puid=62ce6e18-06d4-4af4-bf88-40b37e06c98a%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D62ce6e18-06d4-4af4-bf88-40b37e06c98a%2C%257B%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=62ce6e18-06d4-4af4-bf88-40b37e06c98a

Request Chain 96

https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP HTTP 302
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=8891c4e31188818a3fb2226d8cee1334

Request Chain 97

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=422335f3d731f293ce284f6c3504f073&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=422335f3d731f293ce284f6c3504f073&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=01375214200632281941740581951858646507/gdpr=0

Request Chain 101

https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-68641954-ff85-58a9-70a8-0a45c4c12580$ip$38.132.118.69&gdpr=0&gdpr_consent=

Request Chain 102

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-gXXg.gFE2pxn0tIQlL8Wgbzt8VrFydu3mTQ-~A&gdpr=0

Request Chain 103

https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=e36dd4d5-919a-4841-9c25-cc9b670bf4e1-65a15bc4-5553/gdpr=0

Request Chain 105

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=ZaFbxAAN-hi6-gBH HTTP 302
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZaFbxAAN-hi6-gBH/gdpr=0&_test=ZaFbxAAN-hi6-gBH

Request Chain 110

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/422335f3d731f293ce284f6c3504f073/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3152026031512301527/gdpr=0

Request Chain 111

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=617804030 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D281%252Ftp%253DANXS%252Ftpid%253D%2524UID%252Fgdpr%253D0%252Frand%3D617804030 HTTP 302
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=5940878010670812859/gdpr=0/rand=617804030

109 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
w3.planet4d.cc/ 123 KB
15 KB 1598ms
1520ms Document
text/html 2606:4700:3035::6815:2806
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w3.planet4d.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:2806 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e550040cad9ea0793bac854e5fcf03d6ca81419f93f625d71effab941e17382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 844674e94abeda33-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 15:33:15 GMT
link: <https://w3.planet4d.cc/wp-json/>; rel="https://api.w.org/" <https://w3.planet4d.cc/wp-json/wp/v2/pages/175>; rel="alternate"; type="application/json" <https://w3.planet4d.cc/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YwDzJNMklTtr2eKpYYPfvxjmM%2Byqd%2FZmIRppJP9h1fxO7qi4YFE1dkLD8oNQsV1LwS%2BNspXbkC1u3BQVHt2F5sYf1g5mZX5qB5RlQsq9r2De5tW47BnRQF1BZQnfe1gXR5nIwWSsiyh8BGeZw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
w3.planet4d.cc/wp-includes/css/dist/block-library/ 107 KB
15 KB 1117ms
1112ms Stylesheet
text/css 2606:4700:3035::6815:2806
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w3.planet4d.cc/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:2806 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w3.planet4d.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 13:14:12 GMT
server: cloudflare
etag: W/"654b89a4-1add3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fP7Mc8%2BOk8pQ2%2Bo%2FRN6Duk1Ls2rOCOO2VkQbvDWQnIMM8tfMtjWzmOxJSllTSRvbzsjkwGFWQhpt08MU3Ox4kycJj%2Ffpx%2BtaQ2SHd%2FVBAXPMHEoJh87XdjnLdmBTLeAECCnLo045uwJyJKcnxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 844674f2d9acda33-MIA

GET
H2 200 cwp.css
w3.planet4d.cc/wp-content/plugins/comments-widget-plus/assets/css/ 227 B
409 B 1096ms
1092ms Stylesheet
text/css 2606:4700:3035::6815:2806
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w3.planet4d.cc/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:2806 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w3.planet4d.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Nov 2022 09:54:05 GMT
server: cloudflare
etag: W/"637f3f3d-e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ut6R%2FLprYqq3WXFaHzlwTtWXNyoMFTDqXoDUPGYX7L7w3ZkkT6UTko7vrvJtqyXom256fCU%2BkmO7ES9fpzTtjj%2BS2VfZ4u5dEWqjhxZKjiTxmVwLN1sIM4LlJGp3BwOb7Y8SK%2BXBiaxtjLvVmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 844674f2d9adda33-MIA

GET
H2 200 font-awesome.min.css
w3.planet4d.cc/wp-content/plugins/font-awesome-4-menus/css/ 30 KB
7 KB 1013ms
1009ms Stylesheet
text/css 2606:4700:3035::6815:2806
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w3.planet4d.cc/wp-content/plugins/font-awesome-4-menus/css/font-awesome.min.css?ver=4.7.0

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:2806 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w3.planet4d.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Nov 2022 09:54:05 GMT
server: cloudflare
etag: W/"637f3f3d-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BidxyPJM%2F2F0kXwpgYwTVIWZBL9EEoxoLP7s%2FB94LCghmNz66%2BAfI6Z6tTesEOjjSHLabOClVab5O8y5013Vv28slpnQCeeTniPb39gldwAh1z3wLuBbm2QcftN318UAGOTCOHq1kbs2iQJJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 844674f2d9b0da33-MIA

GET
H2 200 css
fonts.googleapis.com/ 9 KB
873 B 180ms
70ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0b62978ffcb55c15d6d590f4d97462705e353def14ff9d92477be24758eb502

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w3.planet4d.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 15:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 15:33:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 15:33:15 GMT

GET
H2 200 genericons.css
w3.planet4d.cc/wp-content/themes/frontier/includes/genericons/ 28 KB
16 KB 1117ms
1113ms Stylesheet
text/css 2606:4700:3035::6815:2806
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w3.planet4d.cc/wp-content/themes/frontier/includes/genericons/genericons.css?ver=1.3.3

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:2806 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w3.planet4d.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Nov 2022 09:54:06 GMT
server: cloudflare
etag: W/"637f3f3e-6e71"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3N6Ws2LUV6ECbwpraCoWdZ3KjrGyaUo9lntUhevqUjj7w3dUL8vgcd%2BEWkEon05XM2T1SJdEItXfOEDCLbFohOYlBfwUx3d%2BmpevYikNb8FmsmwVimD8axKrQLWGdUDYNVx5yIy0ENDBHOK0Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 844674f2d9b3da33-MIA

GET
H2 200 style.css
w3.planet4d.cc/wp-content/themes/frontier/ 24 KB
6 KB 1125ms
1121ms Stylesheet
text/css 2606:4700:3035::6815:2806
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w3.planet4d.cc/wp-content/themes/frontier/style.css?ver=1.3.3

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:2806 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

437d3d383bc67ed1710a16fe1c6d04cf69f649131614e3df2e8ce61746e88b57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w3.planet4d.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Nov 2022 09:54:06 GMT
server: cloudflare
etag: W/"637f3f3e-60fe"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8blmdbj0%2Bq3IU5istJdnLpb3V2q23ZPePqwf6xvBicaCSA9l3cvi6WUfQSr2Vy7%2FLgS7LiCUfYM3CgeNM4IWtzneLa4eOIsDvDAk581VCWgg%2BRNSProZJVqISgEp0GFr672JpkPbQQ7RyVRkzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 844674f2d9b5da33-MIA

GET
H2 200 responsive.css
w3.planet4d.cc/wp-content/themes/frontier/ 3 KB
1 KB 1067ms
1063ms Stylesheet
text/css 2606:4700:3035::6815:2806
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w3.planet4d.cc/wp-content/themes/frontier/responsive.css?ver=1.3.3

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:2806 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c18587dfce8157256c0c811b1305b24bd405e8920b0fbe5c78abbd0eaae6182

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w3.planet4d.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Nov 2022 09:54:06 GMT
server: cloudflare
etag: W/"637f3f3e-d3c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5f4WAF50DA7QjoRGXn%2BwZjaVREct9%2Ba9GzrjqEKI22bJ7FS7qRuBfeGaGNrX2C296BH6lJ3nHg3lvIcjW1E%2F9wFvH3CX8boHQcDbAZzDcakXXvfNQQD7piv4tJ8wBkOW5ws7mt2e9dXqZZOALw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 844674f2d9b7da33-MIA

GET
H2 200 jquery.min.js Show response
w3.planet4d.cc/wp-includes/js/jquery/ 86 KB
31 KB 1441ms
1438ms Script
application/javascript 2606:4700:3035::6815:2806
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w3.planet4d.cc/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:2806 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w3.planet4d.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 13:14:10 GMT
server: cloudflare
etag: W/"654b89a2-15601"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lndcrCJpYaDGCsqj60sbzfP%2FgedsF2wbqsw%2FdrieJizn69GMzEa0oiUijF6%2FsqnctXTzhRfEdzJSaLMJ143f15MVP%2B%2BBsWTI328l%2BKLkw39SZR%2BbQQn6JbX%2B6nWz8yDJrRXQQ9ZMpA%2FGuYk9pA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 844674f2d9bcda33-MIA

GET
H2 200 jquery-migrate.min.js Show response
w3.planet4d.cc/wp-includes/js/jquery/ 13 KB
5 KB 1069ms
1066ms Script
application/javascript 2606:4700:3035::6815:2806
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w3.planet4d.cc/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:2806 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w3.planet4d.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Aug 2023 07:11:28 GMT
server: cloudflare
etag: W/"64d33c20-3509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fo92V%2BO7P04Kgba03k8MH%2FN6ODMLvs5%2FDaTCaaQvYj6PPlK7WG3lX1oat1tya5fY2ikvGaMOmQtAyOKNs0sVWb9KFa7E68gF%2By3%2FpeCqedt3KlkI%2BEEFcbOlLthcnixLmG4SXSf8NWyxmHTFnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 844674f2d9c0da33-MIA

GET
H2 200 bootstrap.css
w3.planet4d.cc/wp-content/plugins/masterpaito/css/ 143 KB
22 KB 1403ms
1400ms Stylesheet
text/css 2606:4700:3035::6815:2806
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w3.planet4d.cc/wp-content/plugins/masterpaito/css/bootstrap.css

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:2806 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d170052c16caec3810f2dee6456539045d8e326f6d8ed7c7f78e59ed34de348a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w3.planet4d.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Nov 2022 09:54:05 GMT
server: cloudflare
etag: W/"637f3f3d-23a0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XE3Nvo%2BFpFov%2BzSx%2F0UXQ5%2B7KVYtzE93MB05sePt4iN7cuqRQ3%2B88uViiFrtKlU8FExC6l49f643btob%2Frdpez3n%2FMjjmUB3sdydmojoaqQP8%2BkAieFapYizoxqhAyC2HIAF0eQuN9VYxmKU2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 844674f2d9bbda33-MIA

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
534 B 172ms
63ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Saira+Condensed:wght@500&display=swap

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

76a10aa5497e49e8927273884af8f708fe7fe7fdbbddadc7fae1bd391f030123

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w3.planet4d.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 15:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 15:33:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 15:33:15 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
617 B 175ms
66ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Mulish:wght@300&display=swap

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13a5dc3a25bbd3569748d253da787d6ce1bb25cb95de0dc92c3a1875fe5c5d94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w3.planet4d.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 15:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 15:33:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 15:33:15 GMT

GET
H2 200 css2
fonts.googleapis.com/ 432 B
742 B 170ms
61ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Orbitron:wght@500&display=swap

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9cdd30c7792fb7264e8d3175cb21a27803f91df0fb1e64fe2d217be20437496a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w3.planet4d.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 15:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 15:33:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 15:33:15 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
544 B 173ms
64ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Archivo+Narrow:wght@400&display=swap

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad5f1ca3a94cebd89d45b7cf6a963a535bf28144862cffa3a41a31540f7a409f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w3.planet4d.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 15:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 15:33:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 15:33:15 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
611 B 170ms
62ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Play&display=swap

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5bc0a235ae3bc715be74579c571b77611d6a9edf14e51103d130a5c9ddaa6ee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w3.planet4d.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 15:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 15:33:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 15:33:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 830 B
458 B 173ms
66ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Racing+Sans+One&display=swap

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

555fe7888be851cf1d17038a294020461c0100406bfed4ff255f326dcea35d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w3.planet4d.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 15:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 15:33:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 15:33:15 GMT

GET
H2 200 smush-lazy-load.min.js Show response
w3.planet4d.cc/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 1091ms
1090ms Script
application/javascript 2606:4700:3035::6815:2806
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w3.planet4d.cc/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.15.0

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:2806 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w3.planet4d.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 25 Nov 2023 15:30:14 GMT
server: cloudflare
etag: W/"65621306-1ef2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cbtr8p7c2VL4RrmCIXuw5bNGdADeaOpP%2B5%2FTXyrhMEDHWBhiHjqRSFTXTzWPfbTIU7MppyZEWb0lVwUvbzohTAJa6V4Fef4ODz5ZRVGVoqeKkRQq2H8IyRTssXirJtCC8ZygV%2FORsPD68rmwYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 844674f2d9c2da33-MIA

GET
BLOB 200
OK e8c10481-a03d-408c-9f47-d32cc298faa1
https://w3.planet4d.cc/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://w3.planet4d.cc/e8c10481-a03d-408c-9f47-d32cc298faa1
Requested by: Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 50 KB
50 KB 273ms
125ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://w3.planet4d.cc
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 03:39:45 GMT
x-content-type-options: nosniff
age: 42812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 03:39:45 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://w3.planet4d.cc
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 6aez4K2oVqwIvtU2Hw.woff2
fonts.gstatic.com/s/play/v19/ 18 KB
18 KB 204ms
57ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/play/v19/6aez4K2oVqwIvtU2Hw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0964aee1973c5818130723f3bf5b8e0b51bf775a5074949c91d815d91f2924f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://w3.planet4d.cc
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 14:58:04 GMT
x-content-type-options: nosniff
age: 520513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18088
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:26:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Jan 2025 14:58:04 GMT

GET
H2 200 P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v29/ 20 KB
20 KB 212ms
72ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v29/P5sMzZCDf9_T_10ZxCE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://w3.planet4d.cc
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 01:46:34 GMT
x-content-type-options: nosniff
age: 308803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20040
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:51:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 01:46:34 GMT

GET
H2 200 sykr-yRtm7EvTrXNxkv5jfKKyDCAKHDn.woff2
fonts.gstatic.com/s/racingsansone/v15/ 21 KB
21 KB 302ms
162ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/racingsansone/v15/sykr-yRtm7EvTrXNxkv5jfKKyDCAKHDn.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Racing+Sans+One&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff62fbe5cd16b3b5530b055525079a7e4348d4295f8262e52546ec154bdcc8b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://w3.planet4d.cc
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 23:33:37 GMT
x-content-type-options: nosniff
age: 143980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21808
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:00:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Jan 2025 23:33:37 GMT

GET
H3 200 fontawesome-webfont.woff2
w3.planet4d.cc/wp-content/plugins/font-awesome-4-menus/fonts/ 75 KB
76 KB 1592ms
1587ms Font
application/octet-stream 2606:4700:3035::6815:2806
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w3.planet4d.cc/wp-content/plugins/font-awesome-4-menus/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/wp-content/plugins/font-awesome-4-menus/css/font-awesome.min.css?ver=4.7.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:2806 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://w3.planet4d.cc/wp-content/plugins/font-awesome-4-menus/css/font-awesome.min.css?ver=4.7.0
Origin: https://w3.planet4d.cc
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 77160
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Nov 2022 09:54:05 GMT
server: cloudflare
etag: "637f3f3d-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGuPeY5Nr2vnfA11zlguYyBpczuoMSpE4yHSK9MWHM3fv33ZFs%2BkKNNCWV7epDXzrBFOjWN83Y9mCiiszkp4v04hGz2HPf55imZp7Z2QkhecP1o8bBiL11nVl5PF88Dud0U9skynt4PcBYc45g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 844674fc5c7b9ad2-MIA

GET
H3 200 header-planetgroup.png
w3.planet4d.cc/wp-content/uploads/2023/02/ 65 KB
65 KB 1132ms
1123ms Image
image/png 2606:4700:3035::6815:2806
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w3.planet4d.cc/wp-content/uploads/2023/02/header-planetgroup.png

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:2806 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0129e6a27c5d6514bfb6de7a14f8f802d1b9421eaad49081073785d1304503f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w3.planet4d.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Tue, 28 Feb 2023 10:42:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63fdda89-1021d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0a7N0J5N7FhSqqS37VrR0XoZRHOWZZATvK%2BuSqs%2F23CoO%2BeaAmweSLEElBZfEAPyw07QKL1eXfDTrJWV6bPqeq0YTg5QeOW2%2BXLL7%2FUI8si%2BO2bmTaiWHE5wO2ETk%2BEgH%2FKu4gJc3CDK4NRhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 844674fd0e009ad2-MIA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 lunaaaaa.gif
w3.planet4d.cc/wp-content/uploads/2023/11/ 1 MB
1 MB 1178ms
1165ms Image
image/gif 2606:4700:3035::6815:2806
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w3.planet4d.cc/wp-content/uploads/2023/11/lunaaaaa.gif

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:2806 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58bdfbf23ad43003e25d3ded448275627fe919b82d7a8f6a75325357a52f1384

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w3.planet4d.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 15 Nov 2023 14:24:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6554d4a0-177ecd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4bk9BuM04ROkTIJW%2FHgxeFangdJ6IvzjzMd2LG4IE5FdhdBue6r9H9Tku5hsMx8CfpnXBYpKbxPZ3XoIrefEZ4t80%2BIAYJnpC4ITMtTr9VH46lIgn426nxPAzbPr4lfdb7y4Y%2BNKGQyb0yFRNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
cf-ray: 844674fd1e129ad2-MIA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 VENUSBET.gif
w3.planet4d.cc/wp-content/uploads/2023/11/ 1 MB
1 MB 1083ms
1070ms Image
image/gif 2606:4700:3035::6815:2806
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w3.planet4d.cc/wp-content/uploads/2023/11/VENUSBET.gif

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:2806 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

450888e96ad2dabe559355a526a5bb9b3cf53606f7f5da5d4a37c0a0dafce1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w3.planet4d.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 08 Nov 2023 15:08:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654ba47f-110b81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMxpL4lZHxwaO9SSNYmIud5uvOLF7yLFmK6zOIeEhPus6R4LQKRf4NwpwWsYiaUFBZfBNyTwPZWbxxNnJRb9p0r%2F7V0wzuLpFuIWH10TpAFrj19ixi7op4u2k781ksgebYn5nbImHaRzMUjXTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
cf-ray: 844674fd1e179ad2-MIA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
w4.4detik.com/sydney-jumat/ Frame 82F4
Redirect Chain

https://w1.4detik.com/sydney-jumat/
https://w4.4detik.com/sydney-jumat/

251 KB
27 KB

2008ms
1994ms

Document
text/html

2606:4700:3031::6815:4c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w4.4detik.com/sydney-jumat/

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:4c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5998bb651aac7aa2491d92fcde85b7ebb81acb9a84cf1fdf4c3b738df827c7a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://w3.planet4d.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8446750539459ae0-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 15:33:20 GMT
link: <https://w4.4detik.com/wp-json/>; rel="https://api.w.org/" <https://w4.4detik.com/wp-json/wp/v2/pages/91>; rel="alternate"; type="application/json" <https://w4.4detik.com/?p=91>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2F4b761YK2Fsz6PZY13e4SXgoNgI6oKbqkEBuNrsZRFjNDh3lu%2B1TbigmQ7Di5OCyFK2KBY9C5qgJumPHTs1ipAdGJWem4r8zMhPzXQurw7RdyV3l4VDJyoLjlnIhkX1Xr0U%2Fq1cDFj8XBVM"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 844674fe1c009ae0-MIA
content-type: text/html
date: Fri, 12 Jan 2024 15:33:18 GMT
location: https://w4.4detik.com/sydney-jumat/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23NnFHUpeM82CaLNHPRFg0XnrwowwmpoGYJv%2Bl6F2uLR3CevXpdLJqSCn%2BMMp8MdftSF87SfbNMAkDgNB3ms0Y20akPpsKG%2FrdzmJKzGs1vlAsThOvrsMcuR5Tdzo8TL%2Fn2EbuCNEU8Rka4j"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 wp-emoji-release.min.js Show response
w3.planet4d.cc/wp-includes/js/ 18 KB
5 KB 1326ms
1281ms Script
application/javascript 2606:4700:3035::6815:2806
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w3.planet4d.cc/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:2806 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w3.planet4d.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Mar 2023 19:14:02 GMT
server: cloudflare
etag: W/"64248dfa-4904"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bu0as82L%2FNMwusBoOadjorM0JCRAZNeWq6of2KFmTWP1BlHukPTpWazm6rUSoetflRjNB01o%2F59Si6CZ2qcaknOManjwI%2FPusG6x4DuUlCooMvW87xsiiRT3ba7QLTrhf95XJB5al05EeFJhyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 844674fdaf1c9ad2-MIA

GET
H3 200 MARS4D.gif
w3.planet4d.cc/wp-content/uploads/2023/11/ 710 KB
710 KB 1086ms
1078ms Image
image/gif 2606:4700:3035::6815:2806
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w3.planet4d.cc/wp-content/uploads/2023/11/MARS4D.gif

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:2806 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47846faeb1c6509487641877736ccadc24d67a77f0bdd6dfa9944f2ca536f290

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w3.planet4d.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 08 Nov 2023 15:08:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654ba47b-b1621"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJ9wRLOxgwdO287fJxBs6UbfS1m16jvVX0e2T5vkA1B5CVSkxjpTADDQ8FN5Rp5ShSoY5KV572UXHtONkbHlLwzTsTT7HF8N3JxDBSDTe2%2B8EUt0Vdr1uIT2VhNZHgtTn8lqHKvCoNxMAAFLlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
cf-ray: 84467505ced09ad2-MIA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 PLANET4D.gif
w3.planet4d.cc/wp-content/uploads/2023/11/ 1 MB
1 MB 1037ms
1036ms Image
image/gif 2606:4700:3035::6815:2806
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w3.planet4d.cc/wp-content/uploads/2023/11/PLANET4D.gif

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:2806 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41363d95f200297a555ccea614c8bbd0faefb767e4882afc616b8ede24d8a39d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w3.planet4d.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 08 Nov 2023 15:08:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654ba47d-145053"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fk8jN6o2bDA0TczCPGPEaTFyl9XMMv6QmETiGxpUvJt1rL6q2uLyHU8u1aTeWEN8l42BNyaIbrwckLsJW2e69iIzjaID8YzY2oiMmA8SS7DExjCgmDW1WH0iJ%2FQRnRGHrp3jBrHCWi1gNdYn8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
cf-ray: 844675078abf9ad2-MIA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H3 200 event-slot-2024.jpeg
w3.planet4d.cc/wp-content/uploads/2023/12/ 41 KB
41 KB 1071ms
1070ms Image
image/jpeg 2606:4700:3035::6815:2806
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w3.planet4d.cc/wp-content/uploads/2023/12/event-slot-2024.jpeg

Requested by

Host: w3.planet4d.cc
URL: https://w3.planet4d.cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:2806 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e3bedc96b7e94ea9a2000db007a5a448a3924337e404f6ab9bda9ed613153c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w3.planet4d.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Dec 2023 12:47:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6579a7d3-a2e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iuv9fG8qZhYyEi90xtenbb1RslLS2YKsBGXzovExNcIU%2FAMxK9DeHCza18HQTfl9pILGkeVy3fEfDTChT1vmmjDmRTJoYUyqKOTYowDha6X5UUdhRTXyNhyJs6MNRk1Ksij%2BxkBDQO4teddbxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8446750f18439ad2-MIA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
w4.4detik.com/wp-includes/css/dist/block-library/ Frame 82F4 57 KB
9 KB 53ms
19ms Stylesheet
text/css 2606:4700:3031::6815:4c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w4.4detik.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.8

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:4c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/sydney-jumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5576
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 10 Nov 2023 07:29:01 GMT
server: cloudflare
etag: W/"654ddbbd-e33b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eATeaLIXItKD9%2B0KBhSyV3zMdZIilDLm70XbkcMP4Xy7qjjbYv0EBrKMeA1tHNx0%2BPioMne0dL1ekDLE%2BPCzCMKfZeiaYntlehh9aBpNxz4jZFLwwqIKECp2myioGjSkPTRRyuaBSRmXkdzv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 844675156ee39ae0-MIA

GET
H2 200 better-recent-comments.min.css
w4.4detik.com/wp-content/plugins/better-recent-comments/assets/css/ Frame 82F4 1 KB
658 B 57ms
24ms Stylesheet
text/css 2606:4700:3031::6815:4c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w4.4detik.com/wp-content/plugins/better-recent-comments/assets/css/better-recent-comments.min.css?ver=5.7.8

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:4c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e464219a2630cf33846ff90abb728c325088f5a9b2418f095a1b69c5a994a672

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/sydney-jumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5576
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 25 Aug 2023 07:39:54 GMT
server: cloudflare
etag: W/"64e85aca-438"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oN8uP0o4XHBEW%2Bx3493JqObvM9JuLL417AkTTGVed1CsIvtBBBomhZufmYQxsYSB6fKfoAyoShUcBGUe%2FWrV8gpPUE8gZjiFl2U2rtTx8rSmeZ8Yxo7wX3ERbjCiQoTBaaHD%2ByifCLdEkBfg"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 844675156ef59ae0-MIA

GET
H2 200 style.css
w4.4detik.com/wp-content/themes/asteroid/ Frame 82F4 28 KB
9 KB 60ms
26ms Stylesheet
text/css 2606:4700:3031::6815:4c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w4.4detik.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:4c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/sydney-jumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5576
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 05 Nov 2022 03:55:29 GMT
server: cloudflare
etag: W/"6365deb1-6f7f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QmMWm1YE6Xj%2FhTnkgUs%2F10HWq2hi9WzUucGGZz9OF0Bsx%2BjROaBwPbdzpjmSLvocOEMhwC8eX7iH3%2BGpLAWPgkkU%2BZFvUNwRNEiJkEtVbN1m43L2U%2FYEZmYqG2DIlqpr1GVKav7fq8z0sy3W"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 844675156ef69ae0-MIA

GET
H2 200 responsive.css
w4.4detik.com/wp-content/themes/asteroid/ Frame 82F4 3 KB
1 KB 62ms
29ms Stylesheet
text/css 2606:4700:3031::6815:4c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w4.4detik.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:4c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/sydney-jumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5576
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 05 Nov 2022 03:55:29 GMT
server: cloudflare
etag: W/"6365deb1-c66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LReWegbeBAHY%2FlasJXXrXrNa99UqzOt0%2FwZtL2%2BYYs4zLQnhAbS3TT1Q1hAQxSb6J0SklmOd6%2FU4DnDDyE6lLhOhmrRvW6klIME4NZRONX0iH0IFEKB3PqIl%2BkhbZQ5n%2FZ2bL0CO%2B4p9lgz%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 844675156ef89ae0-MIA

GET
H2 200 jquery.min.js Show response
w4.4detik.com/wp-includes/js/jquery/ Frame 82F4 87 KB
32 KB 64ms
30ms Script
application/javascript 2606:4700:3031::6815:4c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w4.4detik.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:4c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/sydney-jumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5576
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 10 Nov 2023 07:29:01 GMT
server: cloudflare
etag: W/"654ddbbd-15d98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqUEbqfi9PHrhlm87nT1%2BIshNsafMAGQKVnVE4XuWi8OGahUJoYO0Pgr%2BgB5ywQ2b2BHxo%2BHs3sm6lUqFlgVcePZ9HzKapzo8Dra%2BxyxA5t4cYw2C8jnvhd8t%2Fay3b75ZDs8uH1%2FPD%2FM9FQ9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 844675156efc9ae0-MIA

GET
H2 200 jquery-migrate.min.js Show response
w4.4detik.com/wp-includes/js/jquery/ Frame 82F4 11 KB
4 KB 63ms
30ms Script
application/javascript 2606:4700:3031::6815:4c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w4.4detik.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:4c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/sydney-jumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5576
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 10 Nov 2023 07:29:01 GMT
server: cloudflare
etag: W/"654ddbbd-2bd8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71bcax3OS1FuxZzWd7WBDDmfPIDHvDEskDe0goCeb3ypzONg7mTfMnbwXX9F3cwR9Bg2MpRx4T2LpJFpUxSbJkAzVwySBwc6LgHgLS00YkihBxup2CO0fk7T2uP4%2FDBnh0h2I6FgI1DVAMxY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 844675156efd9ae0-MIA

GET
H2 200 bootstrap.css
w4.4detik.com/wp-content/plugins/masterpaito/css/ Frame 82F4 143 KB
22 KB 65ms
32ms Stylesheet
text/css 2606:4700:3031::6815:4c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w4.4detik.com/wp-content/plugins/masterpaito/css/bootstrap.css

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:4c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d170052c16caec3810f2dee6456539045d8e326f6d8ed7c7f78e59ed34de348a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/sydney-jumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5576
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 05 Nov 2022 01:45:09 GMT
server: cloudflare
etag: W/"6365c025-23a0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8MqH6KalTxsKIlLfC7wz%2BgZnpG%2BJgqNzlRySjL2XRoyk9ECWXRl7fg7TBYXrHub50hHIxGtjKwfOKkcYy73EVQ2J4mX4478mg%2B1v2B3ZC7V9e6OF405Ea03ocXG9v8HyKkCCEW59v7h98rD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 844675156efb9ae0-MIA

GET
H2 200 css2
fonts.googleapis.com/ Frame 82F4 1 KB
580 B 84ms
51ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Saira+Condensed:wght@500&display=swap

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

76a10aa5497e49e8927273884af8f708fe7fe7fdbbddadc7fae1bd391f030123

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 15:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 15:33:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 15:33:20 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 82F4 2 KB
617 B 83ms
61ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Mulish:wght@300&display=swap

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13a5dc3a25bbd3569748d253da787d6ce1bb25cb95de0dc92c3a1875fe5c5d94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 15:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 15:33:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 15:33:20 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 82F4 432 B
383 B 84ms
62ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Orbitron:wght@500&display=swap

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9cdd30c7792fb7264e8d3175cb21a27803f91df0fb1e64fe2d217be20437496a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 15:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 15:33:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 15:33:20 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 82F4 1 KB
544 B 91ms
69ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Archivo+Narrow:wght@400&display=swap

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad5f1ca3a94cebd89d45b7cf6a963a535bf28144862cffa3a41a31540f7a409f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 15:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 15:33:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 15:33:20 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 82F4 2 KB
611 B 92ms
70ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Play&display=swap

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5bc0a235ae3bc715be74579c571b77611d6a9edf14e51103d130a5c9ddaa6ee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jan 2024 15:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jan 2024 15:33:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jan 2024 15:33:20 GMT

GET
H2 200 email-decode.min.js Show response
w4.4detik.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 82F4 1 KB
1 KB 74ms
53ms Script
application/javascript 2606:4700:3031::6815:4c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w4.4detik.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:4c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/sydney-jumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Dec 2023 10:36:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"658bfe17-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygKzYBybqm9iyjQyqOh7xr1x5hqtoYYixlOaLJULRKCgE0IdcS93U%2FD4RrRLphS2DtSyuB6zH4pITqP%2F974THjEBETY4PmXiWy82DNFmMlMMjJpYNPnazEtiA4L7WieNDxRJpZHEZfkA8hu2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 844675158f199ae0-MIA
expires: Sun, 14 Jan 2024 15:33:20 GMT

GET
H2 200 comment-reply.min.js Show response
w4.4detik.com/wp-includes/js/ Frame 82F4 3 KB
2 KB 74ms
53ms Script
application/javascript 2606:4700:3031::6815:4c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w4.4detik.com/wp-includes/js/comment-reply.min.js?ver=5.7.8

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:4c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/sydney-jumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1370
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 10 Nov 2023 07:29:01 GMT
server: cloudflare
etag: W/"654ddbbd-ba8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0MU2hC31sf9%2BPKo1w4E%2BJsGJzsVhG147%2BlkvKtn%2B83DB%2BLpsBh76DJxLXUVQ8RjaaU9ELCWWFnh3dv83C8fFqf1mUhsRmKvtSu75%2FFWm%2FqMpvuzMoWaV7tQ1O7tG7N4PGhDL5ZOWMkpuvWFq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 844675158f1c9ae0-MIA

GET
H2 200 smush-lazy-load.min.js Show response
w4.4detik.com/wp-content/plugins/wp-smushit/app/assets/js/ Frame 82F4 8 KB
4 KB 75ms
54ms Script
application/javascript 2606:4700:3031::6815:4c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w4.4detik.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.15.0

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:4c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/sydney-jumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5576
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 10 Nov 2023 07:30:13 GMT
server: cloudflare
etag: W/"654ddc05-1ef2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHbJF%2FRA0f6JHkzsDz3UY61SEbY8M1KxwBxh5DELzPW4n9jV5rCp8mju62R%2FZSKqjNPjt2w8FTtOG5sPqUIBhKE%2Bc6exqeJcib718BG4u5bcfTfggmdKj3O8TGJrBOqsi1xUwFkXgW1yz%2FLv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 844675158f1d9ae0-MIA

GET
H2 200 wp-embed.min.js Show response
w4.4detik.com/wp-includes/js/ Frame 82F4 1 KB
1006 B 75ms
54ms Script
application/javascript 2606:4700:3031::6815:4c5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w4.4detik.com/wp-includes/js/wp-embed.min.js?ver=5.7.8

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:4c5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/sydney-jumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5576
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 10 Nov 2023 07:29:01 GMT
server: cloudflare
etag: W/"654ddbbd-592"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmjB8g7QtTvy8ySkkYbfUHqFnQtQ7j0BSyyIRXT5QK4f0rQh%2F2DCDnEuhXohXarEWXs3%2BAV8LAzCcyzCMgoj%2F1ChWSnSv0UCEhBHk8bFoVM7mINawjBtUQ6BSDLaajnSKf%2BZNQbkjhSmrwJH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 844675158f2b9ae0-MIA

GET
H3 200 wp-emoji-release.min.js Show response
w4.4detik.com/wp-includes/js/ Frame 82F4 14 KB
5 KB 41ms
40ms Script
application/javascript 2606:4700:3037::ac43:c06f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://w4.4detik.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.8

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:c06f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/sydney-jumat/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3887
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 10 Nov 2023 07:29:01 GMT
server: cloudflare
etag: W/"654ddbbd-3795"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjMp1%2B1C5fthRfIGCSSnnlfKM9MzlxPC736ywGBg39y4tuOsKoMxQfOrPj459X2TJc4L78U8uBAGcqVLJmb3rMYuCEzfS36DleMqbtA2do3N4hIrvNqnVPPUGvmShdMUnnY2cyKhI3YqZuBl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 84467516ac1d334d-MIA

GET
DATA 200
OK truncated
/ Frame 82F4 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame 82F4 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6aez4K2oVqwIvtU2Hw.woff2
fonts.gstatic.com/s/play/v19/ Frame 82F4 18 KB
18 KB 61ms
60ms Font
font/woff2 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/play/v19/6aez4K2oVqwIvtU2Hw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0964aee1973c5818130723f3bf5b8e0b51bf775a5074949c91d815d91f2924f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://w4.4detik.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 14:58:04 GMT
x-content-type-options: nosniff
age: 520517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18088
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:26:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Jan 2025 14:58:04 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 82F4 11 KB
5 KB 103ms
39ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 17942
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 844675178def747a-MIA
content-length: 4547

GET
H3 200 bg-fabric.png
w4.4detik.com/wp-content/themes/asteroid/images/ Frame 82F4 1 KB
2 KB 46ms
45ms Image
image/png 2606:4700:3037::ac43:c06f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w4.4detik.com/wp-content/themes/asteroid/images/bg-fabric.png

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:c06f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f11b05f4dbd66215660bd06e02699af276c393436054816140a78a2dc793673

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/wp-content/themes/asteroid/style.css?ver=1.2.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3887
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 05 Nov 2022 03:55:29 GMT
server: cloudflare
etag: W/"6365deb1-516"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7UQfnbMfVXfn5Jr71n6jfb2zOoGuOpD%2BzK7CS62J%2FyX1OQd%2B67fScvbvFAEfTK0U7mJWHURGJEHjuxmWcc7ts9BcbBy1HMM517KHkJ%2F5%2BmnD2NXhrDWcmvVH7UJ3fXuAJAxPPej1EaWmPHm5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 844675173d01334d-MIA

GET
H/1.1 200
OK 4653648.php Show response
s4.histats.com/stats/ Frame 82F4 391 B
526 B 290ms
62ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4653648.php?4653648&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mSydney%20Jumat%20-%20MASTER%20PAITO%20%7C%7C%20PREDIKSI%20TOGEL%20%7C%7C%20REKAP%20ANGKA&@n0&@ohttps%3A%2F%2Fw3.planet4d.cc%2F&@q0&@r0&@s112&@ten-US&@u1600&@b1:-159440086&@b3:1705073601&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fw4.4detik.com%2Fsydney-jumat%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 718dc995b3639cac8955ca7cbf178ef2f11a7c93c1bd7a38d6f4243d6664e965

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 15:33:21 GMT
Connection: close
Content-Length: 391
Content-Type: text/html;charset=UTF-8

GET
H2 200 cc_112.js Show response
s10.histats.com/counters/ Frame 82F4 16 KB
7 KB 49ms
48ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_112.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff36c4dc6b2313fc36b3361f04384537a99e7fd504e700ffb9b68945c834c845

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:47 GMT
server: cloudflare
age: 64579
etag: "1196600954"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 8446751a2ab0747a-MIA
content-length: 6764

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 82F4 7 KB
4 KB 545ms
263ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw4.4detik.com%2Fsydney-jumat%2F&j=https%3A%2F%2Fw3.planet4d.cc%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4653648.php?4653648&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mSydney%20Jumat%20-%20MASTER%20PAITO%20%7C%7C%20PREDIKSI%20TOGEL%20%7C%7C%20REKAP%20ANGKA&@n0&@ohttps%3A%2F%2Fw3.planet4d.cc%2F&@q0&@r0&@s112&@ten-US&@u1600&@b1:-159440086&@b3:1705073601&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fw4.4detik.com%2Fsydney-jumat%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6c40ef4bb3aeb7e11f391add5a4d077f673e1116ecfe29ebabbf656ed2d05d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:22 GMT
x-t: 0.221
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2ffdfLBkTbExinA6G7z7cH1Y6DNpS92MdZD04Or8IeaWahg6Nn3QGFxTvlGyRLAb3CBrX3XoRt36T%2Bn6LHkEfrETJIH1MrpqllghxI0p%2FH2C3wvOarYo35SF842ISFdGRd3UovfcRXfHNg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 8446751befee8df7-MIA
expires: Fri, 12 Jan 2024 15:33:21 GMT

GET
H2 200 close.png
2.bp.blogspot.com/-ZFzykzuBVBk/V7CP0CL7X5I/AAAAAAAAAh8/T_Yu_4N_V4QhkCdcnPCOXRonulGBbXTtgCLcB/s1600/ Frame 82F4 2 KB
2 KB 343ms
77ms Image
image/png 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-ZFzykzuBVBk/V7CP0CL7X5I/AAAAAAAAAh8/T_Yu_4N_V4QhkCdcnPCOXRonulGBbXTtgCLcB/s1600/close.png

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

08ee145d75eed8be290285f1a8b9fd40b9b8dc029ad10cc6283945b536270506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v221"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="close.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1610
x-xss-protection: 0
expires: Sat, 13 Jan 2024 15:33:21 GMT

GET
H2 200 visabet88_gif_728x90-6.gif
sniperbom.files.wordpress.com/2023/11/ Frame 82F4 547 KB
548 KB 293ms
28ms Image
image/gif 192.0.72.18
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sniperbom.files.wordpress.com/2023/11/visabet88_gif_728x90-6.gif

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.18 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

000ea4272bcb4d1d9c29979afa8fd75712bc38af4478b083217396651c57acad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nc: HIT mia 18 np
date: Fri, 12 Jan 2024 15:33:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 20 Nov 2023 06:17:24 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://sniperbom.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 559808
expires: Sat, 20 Jan 2024 02:15:28 GMT

GET
DATA 200
OK truncated
/ Frame 82F4 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8960eba1fafab344502e5fcae83c50e29f8df70a7b2f93c8885d45ef329c4108

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 klikfifa_gif-banner_prediksi_728x90-1.gif
sniperbom.files.wordpress.com/2023/11/ Frame 82F4 124 KB
125 KB 150ms
28ms Image
image/gif 192.0.72.18
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sniperbom.files.wordpress.com/2023/11/klikfifa_gif-banner_prediksi_728x90-1.gif

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.18 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6963e86573890f778d03899b9705fb946100ca6b11d6e11a88be9fc0573f0a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-nc: HIT mia 18 np
date: Fri, 12 Jan 2024 15:33:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Nov 2023 04:15:38 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://sniperbom.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 127406
expires: Sat, 20 Jan 2024 08:03:14 GMT

GET
H2 200 / Show response
t.dtscout.com/idg/ Frame 8776 1 KB
759 B 257ms
256ms Document
text/html 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=51A01705073602C10DD356067AE7E7FD
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw4.4detik.com%2Fsydney-jumat%2F&j=https%3A%2F%2Fw3.planet4d.cc%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 214badc4f1376704056ffbb16c5e5784f041f5030c8395d48ba499d031898f32

Request headers

Referer: https://w4.4detik.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8446751dfb0a8df7-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 12 Jan 2024 15:33:22 GMT
expires: Fri, 12 Jan 2024 15:33:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdjrZQvQTWcjfq7VzyZkvIDe6WPddBTSnHduVLCFYo5HBFFEs2Mqoo%2FxthDPjhUW0wnHNkCtuJqLwBW0Mxhrcn5ZAURVZvpH%2F2vSxn5KzhrLgo2myBJzLU2DAcMOTjE4D4xE8uzEqXx3Nac%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 82F4 33 KB
11 KB 270ms
68ms Script
text/javascript 54.230.202.35

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw4.4detik.com%2Fsydney-jumat%2F&j=https%3A%2F%2Fw3.planet4d.cc%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.202.35 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 04:30:14 GMT
x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
via: 1.1 e3be99317e4109ce83aca4f45d81e950.cloudfront.net (CloudFront)
x-amz-cf-pop: MSP50-C2
etag: W/"b338879bf41a826d9e1b316528a8409d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
age: 39789
x-amz-cf-id: qgzYHumNwHrLYGOHQWhxDEWEwCEvpTDpOO33paD7ewvfBM2I3L-MyA==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 82F4 2 KB
3 KB 320ms
62ms Script
application/javascript 3.129.242.3

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw4.4detik.com%2Fsydney-jumat%2F&j=https%3A%2F%2Fw3.planet4d.cc%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.129.242.3 -, , ASN (),

Reverse DNS

Software

Resource Hash

d41bb2ddd151f5d1703ee56a7f8ca49c7e81d4d87571b7a32906e6b65125be02

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 15:33:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 82F4 51 B
347 B 259ms
257ms Script
application/javascript 2606:4700:21::8d65:780a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=w4.4detik.com&_ss=3ywmnd1ej2&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=5csa&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw4.4detik.com%2Fsydney-jumat%2F&j=https%3A%2F%2Fw3.planet4d.cc%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51087b22960820bfe655e81a81cd66343417946b1b87eec1149bfca0dc6e07c5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:22 GMT
x-t: 0.132
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvNLztnmL3GlkrqR3Oo0KYyvNCgRo7C2o5%2FnmfHVDlhxqDuBZ%2Ba4MBB74Ow36%2BEBLvVSj%2Fb%2FNhdOjkvdFwfyDUuQUtRj4cwbG64x9f9JIDu2S5sanOXEmxX6Q%2BCCHKBr7sYiEwpMAbxZh44%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 8446751dfb0c8df7-MIA
expires: Fri, 12 Jan 2024 15:33:21 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 82F4 50 B
455 B 314ms
94ms Fetch
application/json 13.227.37.24

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.37.24 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:22 GMT
via: 1.1 22459bbbd30dde841847a0907f3ba96c.cloudfront.net (CloudFront), 1.1 3f6cef1b5ed86729efaa93542c4d1d36.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P2, MSP50-C1
x-amzn-requestid: d8fb9c69-6c1b-4305-8fc2-5bbfe9e43e95
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: RbtGfFMwiYcEv6w=
content-length: 50
x-amz-cf-id: 1-lF2LORUITatsorQjnii8bvEunP2QKzoM-b_6q89YwQxmhOcacY_w==

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame 82F4 58 KB
18 KB 291ms
73ms Script
text/javascript 18.160.96.96

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw4.4detik.com%2Fsydney-jumat%2F&j=https%3A%2F%2Fw3.planet4d.cc%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.96.96 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 20:50:29 GMT
content-encoding: gzip
via: 1.1 e6fc591873ddd292f5dfc0e6774e8bd4.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: MSP50-P1
age: 67374
x-amz-server-side-encryption: AES256
etag: W/"eb52f900499b46d1088df97dad487c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: qZ0gmeHZ1Z-QIhaezyD732HZPlKjwxB2_XrBuYel__aBWi7HVXGurQ==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 82F4 0
598 B 322ms
104ms Script
application/javascript 2606:4700:20::ac43:4aba

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705073602C10DD356067AE7E7FD&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fw4.4detik.com%2Fsydney-jumat%2F&r=https%3A%2F%2Fw3.planet4d.cc%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw4.4detik.com%2Fsydney-jumat%2F&j=https%3A%2F%2Fw3.planet4d.cc%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4aba -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:22 GMT
x-t: 11.91
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wn58noW4cFGNRf8iL3CKqcefGxs3Jpmpmzh6q6Qe18zBGzTGtPQChRmw9cQ9nWoMjgH4eunBK%2FZsyfyTihEXbUtgAaNVE1yEhyTZWxcw%2Bn5ugIvr2xLljMzChvCylWkg5q9xJQGvI1Z4QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 844675214a8567d5-MIA
expires: Fri, 12 Jan 2024 15:10:40 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 82F4
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=51A01705073602C10DD356067AE7E7FD
https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=12413363fb913ef5
https://ps.eyeota.net/pixel/bounce/?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=12413363fb913ef5
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?uid=5d3de7a4-7041-425e-b0b2-c47640e6b80b&bid=1e2n4ou

70 B
440 B

54ms
54ms

Image
image/gif

54.156.26.12

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5d3de7a4-7041-425e-b0b2-c47640e6b80b&bid=1e2n4ou
Requested by: Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/
Protocol: HTTP/1.1
Server: 54.156.26.12 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 12 Jan 2024 15:33:23 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?uid=5d3de7a4-7041-425e-b0b2-c47640e6b80b&bid=1e2n4ou
date: Fri, 12 Jan 2024 15:33:23 GMT
server: Kestrel
content-length: 191

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 82F4 2 KB
2 KB 232ms
53ms Script
application/javascript 23.212.251.27

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.023875121522539455&stid=ZHiABmWhW8IAAAAIA9ypAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.212.251.27 -, , ASN (),

Reverse DNS

Software

Resource Hash

58627f33bcb7b5ed28675fa89d0a45aa0107bfcbec0b17bd3ffb5ac99b763943

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 15:33:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Fri, 12 Jan 2024 16:33:22 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 82F4 42 B
265 B 62ms
61ms Image
image/gif 3.129.242.3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fw3.planet4d.cc%2F&event_source=dtscout&rnd=0.023875121522539455&exptid=ZHiABmWhW8IAAAAIA9ypAw%3D%3D&fcmp=false

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.129.242.3 -, , ASN (),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 15:33:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 02D7 2 KB
1 KB 57ms
54ms Document
text/html 23.212.251.27

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.023875121522539455&stid=ZHiABmWhW8IAAAAIA9ypAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.212.251.27 -, , ASN (),

Reverse DNS

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://w4.4detik.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Fri, 12 Jan 2024 15:33:22 GMT
Expires: Fri, 19 Jan 2024 15:33:22 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1268.23380/a/US/ Frame 0A6A 19 KB
9 KB 56ms
55ms Script
text/javascript 23.212.251.27

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.212.251.27 -, , ASN (),

Reverse DNS

Software

Resource Hash

069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 15:33:22 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8535
Expires: Fri, 19 Jan 2024 15:33:22 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 82F4 5 KB
2 KB 167ms
153ms Script
text/javascript 54.230.202.35

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.202.35 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 e3be99317e4109ce83aca4f45d81e950.cloudfront.net (CloudFront)
date: Fri, 12 Jan 2024 14:44:36 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: MSP50-C2
age: 2928
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: pqYK5oYqRXmUWBVJ0a1LEiyQHt0ADqP2OLYei7thDUxwHctMfh5Y3g==

GET
H/1.1 200
OK test_oracle Show response
pd.sharethis.com/pd/ Frame 7B75 438 B
675 B 131ms
130ms Script
application/javascript 3.129.242.3

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/test_oracle

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.129.242.3 -, , ASN (),

Reverse DNS

Software

Resource Hash

fbf32195ecf1557731872e0f75fdd1a5c33dbd80efa3d608c5dd8302f0e20345

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 15:33:23 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 438
Content-Type: application/javascript

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame 0A6A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=5d3de7a4-7041-425e-b0b2-c47640e6b80b&gdpr=0&gdpr_consent=

42 B
297 B

397ms
62ms

Image
image/gif

18.191.83.3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=5d3de7a4-7041-425e-b0b2-c47640e6b80b&gdpr=0&gdpr_consent=

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/

Protocol

HTTP/1.1

Server

18.191.83.3 -, , ASN (),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 15:33:23 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHiABmWhW8IAAAAIA9ypAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/ttd?uid=5d3de7a4-7041-425e-b0b2-c47640e6b80b&gdpr=0&gdpr_consent=
date: Fri, 12 Jan 2024 15:33:23 GMT
server: Kestrel
content-length: 215

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame 0A6A
Redirect Chain

https://idsync.rlcdn.com/386076.gif?partner_uid=ZHiABmWhW8IAAAAIA9ypAw%3D%3D&gdpr=0&gdpr_consent=
https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkhpQUJtV2hXOElBQUFBSUE5eXBBdz09EAAaDQjDt4WtBhIFCOgHEABCAEoA
https://pippio.com/api/sync?pid=5324&it=1&iv=56cfe7beabfdb5743637181892f0db5c46620407f76a197fccda3e11516c00d6791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=56cfe7beabfdb5743637181892f0db5c46620407f76a197fccda3e11516c00d6791426b5417dce21&rand=09841196
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=56cfe7beabfdb5743637181892f0db5c46620407f76a197fccda3e11516c00d6791426b5417dce21&rand=09841196&expected_cookie=b3027ff2-7a05-45f6-89b2-d46f46b69fcb

0
141 B

82ms
82ms

Image
text/plain

2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=56cfe7beabfdb5743637181892f0db5c46620407f76a197fccda3e11516c00d6791426b5417dce21&rand=09841196&expected_cookie=b3027ff2-7a05-45f6-89b2-d46f46b69fcb
Protocol: H2
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:33:23 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 0FAE6E9BA2DC4B31948862EAC163FF78 Ref B: MIAEDGE2910 Ref C: 2024-01-12T15:33:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYOwWJ5KgvsvfqWo6u2nw==

Redirect headers

date: Fri, 12 Jan 2024 15:33:23 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 4ED784424AD647CD967DC1FC4934B07C Ref B: MIAEDGE2910 Ref C: 2024-01-12T15:33:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: /db_sync?pid=10339&puuid=56cfe7beabfdb5743637181892f0db5c46620407f76a197fccda3e11516c00d6791426b5417dce21&rand=09841196&expected_cookie=b3027ff2-7a05-45f6-89b2-d46f46b69fcb
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYOwWJ3RZupsLQRRB2t6Q==

GET
H/1.1

200
OK

eyeota
sync.sharethis.com/ Frame 0A6A
Redirect Chain

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://sync.sharethis.com/eyeota?uid=205opNnUoaaEBR3_YhQP2bRT5SqUcAiIKNBiYUKGMXhE&gdpr=0&gdpr_consent=

42 B
297 B

344ms
62ms

Image
image/gif

18.191.83.3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/eyeota?uid=205opNnUoaaEBR3_YhQP2bRT5SqUcAiIKNBiYUKGMXhE&gdpr=0&gdpr_consent=

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/

Protocol

HTTP/1.1

Server

18.191.83.3 -, , ASN (),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 15:33:23 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHiABmWhW8IAAAAIA9ypAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/eyeota?uid=205opNnUoaaEBR3_YhQP2bRT5SqUcAiIKNBiYUKGMXhE&gdpr=0&gdpr_consent=
Date: Fri, 12 Jan 2024 15:33:23 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

csync.ashx
ml314.com/ Frame 0A6A
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHiABmWhW8IAAAAIA9ypAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3641302050815868945
https://ml314.com/csync.ashx?fp=00e533fb54d983e02ffa9a50ecd0440e503da3d4810822c4c1f7132341dedc88f4cb09cee1a4f8eb&person_id=3641302050815868945&eid=50082

43 B
115 B

76ms
75ms

Image
image/gif

34.117.77.79

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=00e533fb54d983e02ffa9a50ecd0440e503da3d4810822c4c1f7132341dedc88f4cb09cee1a4f8eb&person_id=3641302050815868945&eid=50082
Requested by: Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/
Protocol: H2
Server: 34.117.77.79 -, , ASN (),
Reverse DNS
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 13 Jan 2024 15:33:23 GMT
date: Fri, 12 Jan 2024 15:33:23 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

Redirect headers

date: Fri, 12 Jan 2024 15:33:23 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=00e533fb54d983e02ffa9a50ecd0440e503da3d4810822c4c1f7132341dedc88f4cb09cee1a4f8eb&person_id=3641302050815868945&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

oracle
sync.sharethis.com/ Frame 0A6A
Redirect Chain

https://tags.bluekai.com/site/59574?id=ZHiABmWhW8IAAAAIA9ypAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

42 B
297 B

351ms
62ms

Image
image/gif

18.191.83.3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Requested by

Host: w4.4detik.com
URL: https://w4.4detik.com/sydney-jumat/

Protocol

HTTP/1.1

Server

18.191.83.3 -, , ASN (),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 15:33:23 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHiABmWhW8IAAAAIA9ypAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
date: Fri, 12 Jan 2024 15:33:23 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

v2 Show response
ap.lijit.com/readerinfo/ Frame 82F4
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
461 B

60ms
59ms

Fetch
application/json

63.251.86.49

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Protocol: HTTP/1.1
Server: 63.251.86.49 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 042ac31ecb9e870014b420d4bfbe6744dc943ad6fdf52d1b2e863ffdf946bbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 15:33:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://w4.4detik.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

Redirect headers

Date: Fri, 12 Jan 2024 15:33:23 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin: https://w4.4detik.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 bk-coretag.js Show response
tags.bkrtx.com/js/ Frame 7B75 51 KB
16 KB 454ms
31ms Script
application/javascript 23.34.194.26

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.34.194.26 -, , ASN (),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Fri, 12 Jan 2024 15:33:23 GMT
last-modified: Fri, 21 May 2021 19:14:21 GMT
server: nginx/1.15.8
etag: W/"60a8068d-cbc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
content-length: 16078
expires: Fri, 19 Jan 2024 15:33:23 GMT

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ Frame 82F4 4 KB
1 KB 270ms
146ms XHR
application/json 18.160.96.96

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.96.96 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer: https://w4.4detik.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 12 Jan 2024 15:33:24 GMT
content-encoding: gzip
via: 1.1 b70652ef13a805740c3f1a14f25d8c3c.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: MSP50-P1
x-amz-server-side-encryption: AES256
etag: W/"f16e89fd08a708a6bd2e69be50fd30ab"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
cache-control: public, max-age=86400
x-amz-cf-id: 5tnCSVoi8gUZHOTrg-eXZgh15qRjgKUHzhRm06mGeGsZjwNIFBxDRg==

GET
H2

200

2981 Show response
tags.bluekai.com/site/ Frame 84BF
Redirect Chain

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHiABmWhW8IAAAAIA9ypAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23380%26cid%3Dc010%26...
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=ZEdHeDlId005OU9aRHZhaw%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm=&google_sc=&google_hm=ZEdHeDlId005OU9aRHZhaw%3D%3D&google_tc=
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEOu3FMZcml0gCcsvMjrsI38&google_cver=1

62 B
306 B

132ms
132ms

Document
image/gif

23.55.200.222

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEOu3FMZcml0gCcsvMjrsI38&google_cver=1
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.200.222 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://t.sharethis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 62
content-type: image/gif
date: Fri, 12 Jan 2024 15:33:24 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 296
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 15:33:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEOu3FMZcml0gCcsvMjrsI38&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ Frame 82F4 554 B
1 KB 587ms
89ms XHR
application/json 52.20.53.186

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.53.186 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 7f6efbd809c264da00af75623adcd4087350949b3ed491a501887ffb88e3b4cc

Request headers

Referer: https://w4.4detik.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:33:24 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://w4.4detik.com
cache-control: no-cache
x-server: 10.40.14.51
access-control-allow-credentials: true
content-length: 554
expires: 0

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 82F4 43 B
178 B 192ms
65ms Script
image/gif 44.199.118.113

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=H-slhSZH6ipe4Vs8Qu6gebkg
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.199.118.113 -, , ASN (),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w4.4detik.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:33:24 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame E398 2 KB
1 KB 65ms
64ms Document
text/html 18.160.96.96

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.96.96 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer: https://w4.4detik.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 84449
cache-control: public, max-age=86400
content-encoding: gzip
content-type: text/html
date: Thu, 11 Jan 2024 16:05:56 GMT
etag: W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified: Tue, 05 Sep 2023 17:36:56 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 e6fc591873ddd292f5dfc0e6774e8bd4.cloudfront.net (CloudFront)
x-amz-cf-id: chQg7qQ-q1hgywfVxYpMl89_hKCqZktJ48_DDe1pvMDL1QnV4pz65Q==
x-amz-cf-pop: MSP50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame 291D 4 KB
4 KB 57ms
57ms Document
text/html 52.20.53.186

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C136%2C116%2C106%2C104%2C94%2C92%2C81%2C78%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.53.186 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 74c8e107e67dd6f27d910e1f92161438b808731df7c84e442648cd7444d570b2

Request headers

Referer: https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-length: 4202
content-type: text/html
date: Fri, 12 Jan 2024 15:33:24 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.40.51.123

GET

/
partner.mediawallahscript.com/ Frame 291D
Redirect Chain

https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=422335f3d731f293ce284f6c3504f073&custom=&tag_format=img&tag_action=sync
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=422335f3d731f293ce284f6c3504f073&custom=&tag_format=img&tag_action=sync&final=true&reqid=ecb70190-b15f-11ee-80b2-bd2b2503d...
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2016%26partner_id%3D2087%26uid%3D%24UID%26tag_format%3Dimg%26tag_action%3Dsync
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=1090915401468408085&tag_format=img&tag_action=sync

0
0

GET
H2

200

m
cm.mgid.com/ Frame 291D
Redirect Chain

https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=422335f3d731f293ce284f6c3504f073
https://cm.mgid.com/m?c=422335f3d731f293ce284f6c3504f073&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

43 B
158 B

66ms
65ms

Image
image/gif

2606:4700:1::6813:854c

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?c=422335f3d731f293ce284f6c3504f073&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C136%2C116%2C106%2C104%2C94%2C92%2C81%2C78%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D

Protocol

Server

2606:4700:1::6813:854c -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:33:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 8446752d1833db0d-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:33:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
location: https://cm.mgid.com/m?c=422335f3d731f293ce284f6c3504f073&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 8446752caf99db0d-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 291D
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=422335f3d731f293ce284f6c3504f073
https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=422335f3d731f293ce284f6c3504f073&dcc=t

43 B
855 B

84ms
83ms

Image
image/gif

52.46.143.56

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=422335f3d731f293ce284f6c3504f073&dcc=t

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Jan 2024 15:33:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1HGK2Z8XK1GK9ATBMPH6
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 12 Jan 2024 15:33:24 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7YP84R9VR1CGW9WZ78FZ
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=422335f3d731f293ce284f6c3504f073&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame 291D
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0
https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1

0
316 B

52ms
51ms

Image
text/plain

216.22.16.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C136%2C116%2C106%2C104%2C94%2C92%2C81%2C78%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Server: 216.22.16.8 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:33:24 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
pragma: no-cache
date: Fri, 12 Jan 2024 15:33:23 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 291D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=5804C400-4917-4A5C-BD1B-3DAE4891FB7B&gdpr=0

49 B
264 B

66ms
66ms

Image
image/gif

52.20.53.186

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=5804C400-4917-4A5C-BD1B-3DAE4891FB7B&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C136%2C116%2C106%2C104%2C94%2C92%2C81%2C78%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.20.53.186 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:33:24 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.6.223
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=5804C400-4917-4A5C-BD1B-3DAE4891FB7B&gdpr=0
date: Fri, 12 Jan 2024 15:33:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=5d3de7a4-7041-425e-b0b2-c47640e6b80b/gdpr=0/ Frame 291D
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=5d3de7a4-7041-425e-b0b2-c47640e6b80b/gdpr=0/gdpr_consent=

49 B
265 B

68ms
64ms

Image
image/gif

52.20.53.186

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=5d3de7a4-7041-425e-b0b2-c47640e6b80b/gdpr=0/gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C136%2C116%2C106%2C104%2C94%2C92%2C81%2C78%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.20.53.186 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:33:24 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.49.123
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=5d3de7a4-7041-425e-b0b2-c47640e6b80b/gdpr=0/gdpr_consent=
date: Fri, 12 Jan 2024 15:33:24 GMT
server: Kestrel
content-length: 249

GET
H2

200

tpid=62ce6e18-06d4-4af4-bf88-40b37e06c98a
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 291D
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=422335f3d731f293ce284f6c3504f073&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=422335f3d731f293ce284f6c3504f073&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=62ce6e18-06d4-4af4-bf88-40b37e06c98a%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=5d3de7a4-7041-425e-b0b2-c47640e6b80b&ttd_puid=62ce6e18-06d4-4af4-bf88-40b37e06c98a%2Chttps%253A%252F%252Fsync.crwdcntrl.n...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=62ce6e18-06d4-4af4-bf88-40b37e06c98a

49 B
264 B

66ms
65ms

Image
image/gif

52.20.53.186

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=62ce6e18-06d4-4af4-bf88-40b37e06c98a
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C136%2C116%2C106%2C104%2C94%2C92%2C81%2C78%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.20.53.186 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:33:24 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.6.205
content-length: 49
expires: 0

Redirect headers

date: Fri, 12 Jan 2024 15:33:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=62ce6e18-06d4-4af4-bf88-40b37e06c98a
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

tpid=8891c4e31188818a3fb2226d8cee1334
sync.crwdcntrl.net/map/c=10832/tp=TRUP/ Frame 291D
Redirect Chain

https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=8891c4e31188818a3fb2226d8cee1334

49 B
264 B

62ms
58ms

Image
image/gif

52.20.53.186

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=8891c4e31188818a3fb2226d8cee1334
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C136%2C116%2C106%2C104%2C94%2C92%2C81%2C78%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.20.53.186 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:33:24 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.7.155
content-length: 49
expires: 0

Redirect headers

date: Fri, 12 Jan 2024 15:33:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 142
x-xss-protection: 1; mode=block
pragma: no-cache
to-dmp-sync: s1b-dmp-use1-aws.truoptik.com
server: cloudflare
user-agent: Tru Optik DMP 1.3.1
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=8891c4e31188818a3fb2226d8cee1334
access-control-allow-origin: *
cache-control: no-store
cf-ray: 8446752ccc8db3f1-MIA
expires: 0

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=01375214200632281941740581951858646507/ Frame 291D
Redirect Chain

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=422335f3d731f293ce284f6c3504f073&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=422335f3d731f293ce284f6c3504f073&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUI...
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=01375214200632281941740581951858646507/gdpr=0

49 B
265 B

61ms
60ms

Image
image/gif

52.20.53.186

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=01375214200632281941740581951858646507/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C136%2C116%2C106%2C104%2C94%2C92%2C81%2C78%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.20.53.186 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:33:24 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.56.164
content-length: 49
expires: 0

Redirect headers

dcs: dcs-prod-va6-1-v053-085f0cb8d.edge-va6.demdex.com 6 ms
pragma: no-cache
date: Fri, 12 Jan 2024 15:33:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: Lw7LVV6FQaI=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=01375214200632281941740581951858646507/gdpr=0
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK identity
c.cintnetworks.com/ Frame 291D 0
543 B 278ms
75ms Image
text/plain 40.71.11.141

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.cintnetworks.com/identity?a=5461&gdpr=0&id=Lotame:422335f3d731f293ce284f6c3504f073
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C136%2C116%2C106%2C104%2C94%2C92%2C81%2C78%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 40.71.11.141 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 15:33:24 GMT
Cache-Control: max-age=60, private, must-revalidate
Access-Control-Allow-Credentials: true
Arr-Disable-Session-Affinity: true
Content-Length: 0
Vary: Origin
P3P: CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."

GET
H/1.1 200
OK lotame
sync.sharethis.com/ Frame 291D 42 B
297 B 63ms
62ms Image
image/gif 18.191.83.3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/lotame?uid=422335f3d731f293ce284f6c3504f073&gdpr=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.191.83.3 -, , ASN (),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Fri, 12 Jan 2024 15:33:24 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHiABmWhW8IAAAAIA9ypAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET image.sbxx
global.ib-ibi.com/ Frame 291D 0
0

GET

qmap
sync.crwdcntrl.net/ Frame 291D
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-68641954-ff85-58a9-70a8-0a45c4c12580$ip$38.132.118.69&gdpr=0&gdpr_consent=

0
0

GET

qmap
sync.crwdcntrl.net/ Frame 291D
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0
https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-gXXg.gFE2pxn0tIQlL8Wgbzt8VrFydu3mTQ-~A&gdpr=0

0
0

GET

gdpr=0
sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=e36dd4d5-919a-4841-9c25-cc9b670bf4e1-65a15bc4-5553/ Frame 291D
Redirect Chain

https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=e36dd4d5-919a-4841-9c25-cc9b670bf4e1-65a15bc4-5553/gdpr=0

0
0

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 291D 0
676 B 224ms
53ms Image
text/plain 69.173.151.100

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=7&puid=422335f3d731f293ce284f6c3504f073&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C136%2C116%2C106%2C104%2C94%2C92%2C81%2C78%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 29af2665c43893332e84c235bac366c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

gdpr=0&_test=ZaFbxAAN-hi6-gBH
sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZaFbxAAN-hi6-gBH/ Frame 291D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=ZaFbxAAN-hi6-gBH
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZaFbxAAN-hi6-gBH/gdpr=0&_test=ZaFbxAAN-hi6-gBH

49 B
265 B

61ms
61ms

Image
image/gif

52.20.53.186

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZaFbxAAN-hi6-gBH/gdpr=0&_test=ZaFbxAAN-hi6-gBH
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C136%2C116%2C106%2C104%2C94%2C92%2C81%2C78%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.20.53.186 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:33:25 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.14.226
content-length: 49
expires: 0

Redirect headers

x-served-by: cache-mia-kmia1760059-MIA
pragma: no-cache
date: Fri, 12 Jan 2024 15:33:24 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1705073605.987501,VS0,VE0
x-cache: HIT
location: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZaFbxAAN-hi6-gBH/gdpr=0&_test=ZaFbxAAN-hi6-gBH
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 291D 170 B
188 B 64ms
63ms Image
image/png 142.251.163.155

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NDIyMzM1ZjNkNzMxZjI5M2NlMjg0ZjZjMzUwNGYwNzM&gdpr=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.155 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:33:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5907
tags.bluekai.com/site/ Frame 291D 62 B
306 B 176ms
173ms Image
image/gif 23.55.200.222

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=24fb5d407af205b27bc35687b6364a01
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C136%2C116%2C106%2C104%2C94%2C92%2C81%2C78%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.55.200.222 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 12 Jan 2024 15:33:24 GMT
content-length: 62
content-type: image/gif

GET
H2 200 g.json Show response
aa.agkn.com/adscores/ Frame 291D 108 B
730 B 297ms
97ms Script
application/json 13.227.37.97

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C153%2C148%2C136%2C116%2C106%2C104%2C94%2C92%2C81%2C78%2C54%2C41%2C33%2C31%2C26%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.37.97 -, , ASN (),
Reverse DNS
Software: AAWebServer /
Resource Hash: 77333672e13995a95431a23c535e924e19990ca7b194af799245072e581e8eca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:33:24 GMT
via: 1.1 cc66f99a23df85de70ae5abde8d154fa.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: MSP50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 108
x-amz-cf-id: 0HQtRdNI0jB_NTD1_KDO5BzOdrmxL8mo1s_DmKbAODtLIhgxDknynA==
expires: 0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 291D 170 B
188 B 64ms
62ms Image
image/png 142.251.163.155

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_hm=NDIyMzM1ZjNkNzMxZjI5M2NlMjg0ZjZjMzUwNGYwNzM&gdpr=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.155 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jan 2024 15:33:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

gdpr=0
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3152026031512301527/ Frame 291D
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/422335f3d731f293ce284f6c3504f073/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3152026031512301527/gdpr=0

0
0

GET

rand=617804030
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=5940878010670812859/gdpr=0/ Frame 291D
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=617804030
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D281%252Ftp%253DANXS%252Ftpid%253D%2524UID%252Fgdpr%253D0%252Frand%3D617804030
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=5940878010670812859/gdpr=0/rand=617804030

0
0

GET
H2 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 1CED 0
0 311ms
96ms Document
text/plain 13.227.37.96

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=21005
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.37.96 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://w4.4detik.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Fri, 12 Jan 2024 15:33:24 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 555bebea249594e74cdee34bc44a8e6c.cloudfront.net (CloudFront)
x-amz-cf-id: wzSbJI4skOv1XcEWHDK9B7lSm--pe91ep06mgbjyGpHQ0hZ2DCzW4g==
x-amz-cf-pop: MSP50-C1
x-cache: Miss from cloudfront

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: partner.mediawallahscript.com
URL: https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=1090915401468408085&tag_format=img&tag_action=sync

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=422335f3d731f293ce284f6c3504f073

Domain: sync.crwdcntrl.net
URL: https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-68641954-ff85-58a9-70a8-0a45c4c12580$ip$38.132.118.69&gdpr=0&gdpr_consent=

Domain: sync.crwdcntrl.net
URL: https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-gXXg.gFE2pxn0tIQlL8Wgbzt8VrFydu3mTQ-~A&gdpr=0

Domain: sync.crwdcntrl.net
URL: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=e36dd4d5-919a-4841-9c25-cc9b670bf4e1-65a15bc4-5553/gdpr=0

Domain: sync.crwdcntrl.net
URL: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3152026031512301527/gdpr=0

Domain: sync.crwdcntrl.net
URL: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=5940878010670812859/gdpr=0/rand=617804030

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dtscout.com/	1970-01-20 17:37:58	Name: m Value: 1
.dtscout.com/	1970-01-20 17:37:57	Name: st Value: 1
.dtscout.com/	1970-01-20 17:38:08	Name: oa Value: 1
.dtscout.com/	1970-01-20 20:01:53	Name: df Value: 1705073602
.dtscout.com/	1970-01-20 19:46:03	Name: l Value: 51A01705073602C10DD356067AE7E7FD
.sharethis.com/	1970-01-21 02:24:56	Name: __stid Value: ZHiABmWhW8IAAAAIA9ypAw==
.sharethis.com/	1970-01-21 02:24:56	Name: __stidv Value: 2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://w4.4detik.com/sydney-jumat/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=H-slhSZH6ipe4Vs8Qu6gebkg' because its MIME type ('image/gif') is not executable.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
aa.agkn.com
ap.lijit.com
api.intentiq.com
bcp.crwdcntrl.net
c.cintnetworks.com
cm.g.doubleclick.net
cm.mgid.com
data-beacons.s-onetag.com
dmp.truoptik.com
dpm.demdex.net
e.dtscout.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
global.ib-ibi.com
idsync.rlcdn.com
image6.pubmatic.com
match.adsrvr.org
ml314.com
onetag-geo.s-onetag.com
partner.mediawallahscript.com
pd.sharethis.com
pippio.com
pixel.onaudience.com
pixel.tapad.com
ps.eyeota.net
px.ads.linkedin.com
s.amazon-adsystem.com
s10.histats.com
s4.histats.com
sniperbom.files.wordpress.com
stags.bluekai.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.sharethis.com
sync.smartadserver.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
track2.securedvisit.com
w1.4detik.com
w3.planet4d.cc
w4.4detik.com
global.ib-ibi.com
partner.mediawallahscript.com
sync.crwdcntrl.net
104.17.216.204
107.178.254.65
13.227.37.24
13.227.37.96
13.227.37.97
141.94.171.212
142.251.163.155
149.56.240.128
15.197.193.217
151.101.2.49
18.160.96.96
18.191.83.3
192.0.72.18
216.22.16.8
23.212.251.27
23.34.194.26
23.55.200.222
2606:4700:10::6814:5063
2606:4700:1::6813:854c
2606:4700:20::ac43:4aba
2606:4700:21::8d65:780a
2606:4700:3031::6815:4c5f
2606:4700:3035::6815:2806
2606:4700:3037::ac43:c06f
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c07::84
2607:f8b0:4004:c08::5f
2620:1ec:21::14
3.129.242.3
34.111.113.62
34.117.77.79
34.195.167.11
35.244.154.8
40.71.11.141
44.199.118.113
52.20.53.186
52.46.143.56
54.156.26.12
54.230.202.35
63.251.86.49
69.173.151.100
8.28.7.81
000ea4272bcb4d1d9c29979afa8fd75712bc38af4478b083217396651c57acad
0129e6a27c5d6514bfb6de7a14f8f802d1b9421eaad49081073785d1304503f3
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
042ac31ecb9e870014b420d4bfbe6744dc943ad6fdf52d1b2e863ffdf946bbd7
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6
08ee145d75eed8be290285f1a8b9fd40b9b8dc029ad10cc6283945b536270506
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363
13a5dc3a25bbd3569748d253da787d6ce1bb25cb95de0dc92c3a1875fe5c5d94
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1e550040cad9ea0793bac854e5fcf03d6ca81419f93f625d71effab941e17382
214badc4f1376704056ffbb16c5e5784f041f5030c8395d48ba499d031898f32
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2
2c18587dfce8157256c0c811b1305b24bd405e8920b0fbe5c78abbd0eaae6182
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414
41363d95f200297a555ccea614c8bbd0faefb767e4882afc616b8ede24d8a39d
437d3d383bc67ed1710a16fe1c6d04cf69f649131614e3df2e8ce61746e88b57
450888e96ad2dabe559355a526a5bb9b3cf53606f7f5da5d4a37c0a0dafce1ab
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
47846faeb1c6509487641877736ccadc24d67a77f0bdd6dfa9944f2ca536f290
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
51087b22960820bfe655e81a81cd66343417946b1b87eec1149bfca0dc6e07c5
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
555fe7888be851cf1d17038a294020461c0100406bfed4ff255f326dcea35d74
58627f33bcb7b5ed28675fa89d0a45aa0107bfcbec0b17bd3ffb5ac99b763943
58bdfbf23ad43003e25d3ded448275627fe919b82d7a8f6a75325357a52f1384
5998bb651aac7aa2491d92fcde85b7ebb81acb9a84cf1fdf4c3b738df827c7a2
5bc0a235ae3bc715be74579c571b77611d6a9edf14e51103d130a5c9ddaa6ee3
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5f11b05f4dbd66215660bd06e02699af276c393436054816140a78a2dc793673
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6963e86573890f778d03899b9705fb946100ca6b11d6e11a88be9fc0573f0a39
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
718dc995b3639cac8955ca7cbf178ef2f11a7c93c1bd7a38d6f4243d6664e965
74c8e107e67dd6f27d910e1f92161438b808731df7c84e442648cd7444d570b2
76a10aa5497e49e8927273884af8f708fe7fe7fdbbddadc7fae1bd391f030123
77333672e13995a95431a23c535e924e19990ca7b194af799245072e581e8eca
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b
7f6efbd809c264da00af75623adcd4087350949b3ed491a501887ffb88e3b4cc
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8960eba1fafab344502e5fcae83c50e29f8df70a7b2f93c8885d45ef329c4108
8e3bedc96b7e94ea9a2000db007a5a448a3924337e404f6ab9bda9ed613153c5
91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc
9cdd30c7792fb7264e8d3175cb21a27803f91df0fb1e64fe2d217be20437496a
a4f5230d39a7a21971fe62ccde2443345638d2beaa369b752820390a687b91b6
a6c40ef4bb3aeb7e11f391add5a4d077f673e1116ecfe29ebabbf656ed2d05d2
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad5f1ca3a94cebd89d45b7cf6a963a535bf28144862cffa3a41a31540f7a409f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d0964aee1973c5818130723f3bf5b8e0b51bf775a5074949c91d815d91f2924f
d170052c16caec3810f2dee6456539045d8e326f6d8ed7c7f78e59ed34de348a
d41bb2ddd151f5d1703ee56a7f8ca49c7e81d4d87571b7a32906e6b65125be02
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e464219a2630cf33846ff90abb728c325088f5a9b2418f095a1b69c5a994a672
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b62978ffcb55c15d6d590f4d97462705e353def14ff9d92477be24758eb502
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
fbf32195ecf1557731872e0f75fdd1a5c33dbd80efa3d608c5dd8302f0e20345
ff36c4dc6b2313fc36b3361f04384537a99e7fd504e700ffb9b68945c834c845
ff62fbe5cd16b3b5530b055525079a7e4348d4295f8262e52546ec154bdcc8b7

w3.planet4d.cc Open in urlscan Pro 2606:4700:3035::6815:2806 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

109 Requests

78 %HTTPS

26 %IPv6

38 Domains

48 Subdomains

34 IPs

2 Countries

5956 kBTransfer

7037 kBSize

7 Cookies

10 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

w3.planet4d.cc Open in urlscan Pro
2606:4700:3035::6815:2806 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

78 %
HTTPS

26 %
IPv6

38
Domains

48
Subdomains

34
IPs

2
Countries

5956 kB
Transfer

7037 kB
Size

7
Cookies

109 HTTP transactions
5 data transactions