107.189.29.134 Open in urlscan Pro
107.189.29.134  Public Scan

28 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

• http://lapakpools.com/luckyspin.html HTTP 301
• https://lapakpools.com/luckyspin.html

Request Chain 64

• http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F107.189.29.134%2F&j= HTTP 301
• https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F107.189.29.134%2F&j=

Request Chain 81

• https://pixel.onaudience.com/?partner=137085098&mapped=10401665765231554CAF5A5E553A3691 HTTP 302
• https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
• https://tags.bluekai.com/site/33141?&id=4e2a572df6d9032c

Request Chain 83

• https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=oUFZuWNJj3FPzbhPdRdWkA%3D%3D&us_privacy=&33random=1665765233420.1&cat=33across HTTP 302
• https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=oUFZuWNJj3FPzbhPdRdWkA%3D%3D&us_privacy=&33random=1665765233420.1&cat=33across HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MmR2amVCbl93SHVwNmJ3M0tUT0dpUVBDN0RjMnVIRGFsSDk2alNLQ2VrZDA&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&&referrer_pid=c9gd671 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MmR2amVCbl93SHVwNmJ3M0tUT0dpUVBDN0RjMnVIRGFsSDk2alNLQ2VrZDA&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_tc= HTTP 302
• https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEBoD6S2-KKDRbzPFJrAWlps&google_cver=1

Request Chain 84

• https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=oUFZuWNJj3FPzbhPdRdWkA%3D%3D&us_privacy=&33random=1665765233420.3&cat=33across HTTP 302
• https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=oUFZuWNJj3FPzbhPdRdWkA%3D%3D&us_privacy=&33random=1665765233420.3&cat=33across HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkViNElGSzdVU0x1YjhrZ2xkTnM5bC1aMTNJLWhzWU9aU1hNSDJXLWhwTGs&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&&referrer_pid=c9gd671 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MkViNElGSzdVU0x1YjhrZ2xkTnM5bC1aMTNJLWhzWU9aU1hNSDJXLWhwTGs&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_tc= HTTP 302
• https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEPju25utxU9_fFT_vHE8sRM&google_cver=1

Request Chain 90

• https://ap.lijit.com/readerinfo/v2 HTTP 307
• https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 91

• http://t.sharethis.com/a/t_.htm?ver=1.1065.23347&cid=c010&cls=C HTTP 307
• https://t.sharethis.com/a/t_.htm?ver=1.1065.23347&cid=c010&cls=C

Request Chain 107

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://sync.sharethis.com/ttd?uid=acf2fea3-68e2-43d3-ba79-520f10ef9b00&gdpr=0&gdpr_consent=

Request Chain 108

• https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= HTTP 302
• https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
• https://sync.sharethis.com/nlsn?uid=f2692dbf6972a1e5d40e1886122f30a6

Request Chain 109

• https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
• https://sync.sharethis.com/eyeota?uid=2OhMasIx5fdWkicOI6J7cA2pVAh8_PZq-nCwesNhslqI&gdpr=0&gdpr_consent=

Request Chain 110

• https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGMAAmNJj3EAAAAIHDt5Aw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
• https://idsync.rlcdn.com/395886.gif?partner_uid=3630750290947342342 HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzMDc1MDI5MDk0NzM0MjM0MhAAGg0I9J6mmgYSBQjoBxAAQgBKAA HTTP 307
• https://ml314.com/csync.ashx?fp=a282d1d39606363341176474a5f758a4cef4857000d74ae68ad8421eef920ec4f4cb09cee1a4f8eb&person_id=3630750290947342342&eid=50082

Request Chain 111

• https://tags.bluekai.com/site/59574?id=ZGMAAmNJj3EAAAAIHDt5Aw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
• https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Request Chain 112

• https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=FewBDSZHwjUIXLmbQQKpY7h0&rnd=98667 HTTP 303
• https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=FewBDSZHwjUIXLmbQQKpY7h0&rnd=98667&_li_chk=true&previous_uuid=0523b34b4a1d4e2eb243377b4a48e690 HTTP 303
• https://i6.liadm.com/s/59074?bidder_id=204553&rnd=98667&bidder_uuid=FewBDSZHwjUIXLmbQQKpY7h0

Request Chain 113

• https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=FewBDSZHwjUIXLmbQQKpY7h0&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=51620 HTTP 302
• https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=FewBDSZHwjUIXLmbQQKpY7h0&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_rand=51620&_expected_cookie=56468504a6eb46275e40143d79e7f9a7 HTTP 302
• https://ce.lijit.com/merge?pid=5014&3pid=56468504a6eb46275e40143d79e7f9a7

Request Chain 114

• https://um.simpli.fi/lj_match?r=99546 HTTP 302
• https://ce.lijit.com/merge?pid=2&3pid=36191B24892D488F8F7562445527E23E

Request Chain 115

• https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=FewBDSZHwjUIXLmbQQKpY7h0&rnd=61561 HTTP 303
• https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=FewBDSZHwjUIXLmbQQKpY7h0&rnd=61561&_li_chk=true&previous_uuid=6c30cb717ac44f72ab615393b9064873 HTTP 303
• https://i6.liadm.com/s/57333?bidder_id=204553&rnd=61561&bidder_uuid=FewBDSZHwjUIXLmbQQKpY7h0

Request Chain 119

• https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=FewBDSZHwjUIXLmbQQKpY7h0/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
• https://ce.lijit.com/merge?pid=5001&3pid=82d4ce5ec5571d8ac943ec68556a4752

Request Chain 122

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://ps.eyeota.net/match?uid=acf2fea3-68e2-43d3-ba79-520f10ef9b00&bid=1e2n4ou

Request Chain 123

• https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=51md42u HTTP 302
• https://d8741087004620656899-t4256678847733387263.id.amgdgt.com/r/telco/tuid/4256678847733387263/duid/8741087004620656899/url/https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D1mpjpn0%26turn_id%3D4256678847733387263%26newuser%3D1%26referrer_pid%3D51md42u HTTP 302
• https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=4256678847733387263&newuser=1&referrer_pid=51md42u

Request Chain 124

• https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u&_test=Y0mPdAAAR0sfIQAr HTTP 302
• https://ps.eyeota.net/match?uid=Y0mPdAAAR0sfIQAr&bid=0rijhbu&referrer_pid=51md42u&_test=Y0mPdAAAR0sfIQAr

Request Chain 125

• https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fps.eyeota.net%252Fmatch%253Fuid%253D%2524UID%2526bid%253D2cr76e1%2526referrer_pid%253D51md42u HTTP 302
• https://ps.eyeota.net/match?uid=2042877780176219891&bid=2cr76e1&referrer_pid=51md42u

Request Chain 126

• https://dpm.demdex.net/ibs:dpid=30064&dpuuid=183d7585669-4f82000001085792&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26referrer_pid%3D51md42u HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=30064&dpuuid=183d7585669-4f82000001085792&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26referrer_pid%3D51md42u HTTP 302
• https://ps.eyeota.net/match?bid=6j5b2cv&uid=46027895164635226253313076383168302721&referrer_pid=51md42u

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response 107.189.29.134/	80 KB 19 KB	1371ms 1024ms	Document text/html	107.189.29.134 PONYNET
General Check archive.org Show headers Download Go to Full URL http://107.189.29.134/ Protocol HTTP/1.1 Server 107.189.29.134 Luxembourg, Luxembourg, ASN53667 (PONYNET, US), Reverse DNS Software LiteSpeed / Resource Hash 41bf8353b1c817aab9835c23160f5d6a04e5ba07b96ac6341e08b498ed05bad4 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers Connection Keep-Alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Fri, 14 Oct 2022 16:33:46 GMT Link <http://107.189.29.134/wp-json/>; rel="https://api.w.org/" Server LiteSpeed Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	style.min.css 107.189.29.134/wp-includes/css/dist/block-library/	87 KB 12 KB	348ms 348ms	Stylesheet text/css	107.189.29.134 PONYNET
General Check archive.org Show headers Download Go to Full URL http://107.189.29.134/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 107.189.29.134 Luxembourg, Luxembourg, ASN53667 (PONYNET, US), Reverse DNS Software LiteSpeed / Resource Hash d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:47 GMT Content-Encoding gzip Last-Modified Mon, 01 Aug 2022 12:27:21 GMT Server LiteSpeed Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 11658 Expires Fri, 21 Oct 2022 16:33:47 GMT
GET H/1.1	200 OK	wp-emoji-release.min.js Show response 107.189.29.134/wp-includes/js/	18 KB 5 KB	1044ms 346ms	Script application/javascript	107.189.29.134 PONYNET
General Check archive.org Show headers Download Go to Full URL http://107.189.29.134/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 107.189.29.134 Luxembourg, Luxembourg, ASN53667 (PONYNET, US), Reverse DNS Software LiteSpeed / Resource Hash 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:47 GMT Content-Encoding gzip Last-Modified Mon, 01 Aug 2022 12:27:20 GMT Server LiteSpeed Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 5021 Expires Fri, 21 Oct 2022 16:33:47 GMT
GET H/1.1	200 OK	styles.css 107.189.29.134/wp-content/plugins/contact-form-7/includes/css/	3 KB 1 KB	661ms 346ms	Stylesheet text/css	107.189.29.134 PONYNET
General Check archive.org Show headers Download Go to Full URL http://107.189.29.134/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 107.189.29.134 Luxembourg, Luxembourg, ASN53667 (PONYNET, US), Reverse DNS Software LiteSpeed / Resource Hash e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:47 GMT Content-Encoding gzip Last-Modified Sun, 04 Sep 2022 05:24:36 GMT Server LiteSpeed Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 972 Expires Fri, 21 Oct 2022 16:33:47 GMT
GET H/1.1	200 OK	ktzagcplugin-public.css 107.189.29.134/wp-content/plugins/ktzagcplugin/public/css/	1 KB 864 B	668ms 347ms	Stylesheet text/css	107.189.29.134 PONYNET
General Check archive.org Show headers Download Go to Full URL http://107.189.29.134/wp-content/plugins/ktzagcplugin/public/css/ktzagcplugin-public.css?ver=1.0.0 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 107.189.29.134 Luxembourg, Luxembourg, ASN53667 (PONYNET, US), Reverse DNS Software LiteSpeed / Resource Hash c48ff796557ad484451094eaf9bdd164a67630f3cbe1269807d97ee4b50d2268 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:47 GMT Content-Encoding gzip Last-Modified Sun, 07 Jun 2020 12:56:20 GMT Server LiteSpeed Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 526 Expires Fri, 21 Oct 2022 16:33:47 GMT
GET H/1.1	200 OK	css fonts.googleapis.com/	9 KB 1 KB	391ms 197ms	Stylesheet text/css	172.217.194.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.0.2 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 172.217.194.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f95.1e100.net Software ESF / Resource Hash cf613b4d30e323b9c9e0d25320225643cd2ad1dca73186ada1c0a47d290ba918 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:47 GMT Content-Encoding gzip X-Content-Type-Options nosniff Transfer-Encoding chunked Cross-Origin-Resource-Policy cross-origin X-XSS-Protection 0 Last-Modified Fri, 14 Oct 2022 16:33:47 GMT Server ESF Cross-Origin-Opener-Policy same-origin-allow-popups X-Frame-Options SAMEORIGIN Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control private, max-age=86400, stale-while-revalidate=604800 Timing-Allow-Origin * Link <http://fonts.gstatic.com>; rel=preconnect; crossorigin Expires Fri, 14 Oct 2022 16:33:47 GMT
GET H/1.1	200 OK	genericons.css 107.189.29.134/wp-content/themes/frontier/includes/genericons/	28 KB 16 KB	694ms 348ms	Stylesheet text/css	107.189.29.134 PONYNET
General Check archive.org Show headers Download Go to Full URL http://107.189.29.134/wp-content/themes/frontier/includes/genericons/genericons.css?ver=1.3.3 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 107.189.29.134 Luxembourg, Luxembourg, ASN53667 (PONYNET, US), Reverse DNS Software LiteSpeed / Resource Hash 11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:47 GMT Content-Encoding gzip Last-Modified Mon, 05 Sep 2022 04:43:46 GMT Server LiteSpeed Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 16267 Expires Fri, 21 Oct 2022 16:33:47 GMT
GET H/1.1	200 OK	style.css 107.189.29.134/wp-content/themes/frontier/	25 KB 6 KB	694ms 347ms	Stylesheet text/css	107.189.29.134 PONYNET
General Check archive.org Show headers Download Go to Full URL http://107.189.29.134/wp-content/themes/frontier/style.css?ver=1.3.3 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 107.189.29.134 Luxembourg, Luxembourg, ASN53667 (PONYNET, US), Reverse DNS Software LiteSpeed / Resource Hash 07fcb347186015e65edbd8fe1d3bba488e383769e063dc16907cfe8cef0c13bf Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:47 GMT Content-Encoding gzip Last-Modified Mon, 05 Sep 2022 04:43:46 GMT Server LiteSpeed Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 6182 Expires Fri, 21 Oct 2022 16:33:47 GMT
GET H/1.1	200 OK	responsive.css 107.189.29.134/wp-content/themes/frontier/	3 KB 1 KB	694ms 347ms	Stylesheet text/css	107.189.29.134 PONYNET
General Check archive.org Show headers Download Go to Full URL http://107.189.29.134/wp-content/themes/frontier/responsive.css?ver=1.3.3 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 107.189.29.134 Luxembourg, Luxembourg, ASN53667 (PONYNET, US), Reverse DNS Software LiteSpeed / Resource Hash 2c18587dfce8157256c0c811b1305b24bd405e8920b0fbe5c78abbd0eaae6182 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:47 GMT Content-Encoding gzip Last-Modified Mon, 05 Sep 2022 04:43:46 GMT Server LiteSpeed Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 832 Expires Fri, 21 Oct 2022 16:33:47 GMT
GET H/1.1	200 OK	default.min.css 107.189.29.134/wp-content/plugins/tablepress/css/	5 KB 3 KB	695ms 347ms	Stylesheet text/css	107.189.29.134 PONYNET
General Check archive.org Show headers Download Go to Full URL http://107.189.29.134/wp-content/plugins/tablepress/css/default.min.css?ver=1.14 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 107.189.29.134 Luxembourg, Luxembourg, ASN53667 (PONYNET, US), Reverse DNS Software LiteSpeed / Resource Hash 97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:47 GMT Content-Encoding gzip Last-Modified Mon, 01 Aug 2022 12:29:05 GMT Server LiteSpeed Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 2237 Expires Fri, 21 Oct 2022 16:33:47 GMT
GET H/1.1	200 OK	jquery.min.js Show response 107.189.29.134/wp-includes/js/jquery/	87 KB 31 KB	1008ms 347ms	Script application/javascript	107.189.29.134 PONYNET
General Check archive.org Show headers Download Go to Full URL http://107.189.29.134/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 107.189.29.134 Luxembourg, Luxembourg, ASN53667 (PONYNET, US), Reverse DNS Software LiteSpeed / Resource Hash bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:47 GMT Content-Encoding gzip Last-Modified Mon, 01 Aug 2022 12:27:21 GMT Server LiteSpeed Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 30969 Expires Fri, 21 Oct 2022 16:33:47 GMT
GET H/1.1	200 OK	jquery-migrate.min.js Show response 107.189.29.134/wp-includes/js/jquery/	11 KB 4 KB	1015ms 347ms	Script application/javascript	107.189.29.134 PONYNET
General Check archive.org Show headers Download Go to Full URL http://107.189.29.134/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 107.189.29.134 Luxembourg, Luxembourg, ASN53667 (PONYNET, US), Reverse DNS Software LiteSpeed / Resource Hash 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:47 GMT Content-Encoding gzip Last-Modified Mon, 01 Aug 2022 12:27:20 GMT Server LiteSpeed Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 4168 Expires Fri, 21 Oct 2022 16:33:47 GMT
GET H/1.1	200 OK	HK.png 107.189.29.134/wp-content/uploads/2020/11/	44 KB 45 KB	352ms 350ms	Image image/png	107.189.29.134 PONYNET
General Check archive.org Show headers Download Go to Show image Full URL http://107.189.29.134/wp-content/uploads/2020/11/HK.png Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 107.189.29.134 Luxembourg, Luxembourg, ASN53667 (PONYNET, US), Reverse DNS Software LiteSpeed / Resource Hash b09a26625b9d2c91d8cdcaa317d3a92d89249ebe8350a4a7a8927d3973f38a9d Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:48 GMT Last-Modified Mon, 16 Nov 2020 09:03:22 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 45366 Expires Fri, 21 Oct 2022 16:33:48 GMT
GET H2	200	axistogel%20baru.gif blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEigPxmCej2DPI6GwamLaMuTPtwXFSiZliHzjhoS38MDXr6peHUFdNkV4uaw4fN4aykS7Xm9Y22xwvuGzy6ly8L8EjHg0o-jboW8LWFpcueMsj5pjiQgEobyv5IaFR78eXGdOTNuQsQSbVf0aYgE...	325 KB 326 KB	2659ms 2265ms	Image image/gif	142.251.10.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEigPxmCej2DPI6GwamLaMuTPtwXFSiZliHzjhoS38MDXr6peHUFdNkV4uaw4fN4aykS7Xm9Y22xwvuGzy6ly8L8EjHg0o-jboW8LWFpcueMsj5pjiQgEobyv5IaFR78eXGdOTNuQsQSbVf0aYgEK1IT-DPhkLHst-vK4WOnymP9VOYT7PfaBgLkafmXWA/s16000/axistogel%20baru.gif Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f132.1e100.net Software fife / Resource Hash 1ac4f0da448dbfcd66100b8fd2bacca031d53bd592d8324de332f500b2558e30 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:50 GMT x-content-type-options nosniff server fife etag "vf9" vary Origin content-type image/gif access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="axistogel baru.gif" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 333032 x-xss-protection 0 expires Sat, 15 Oct 2022 16:33:50 GMT
GET H2	200	AVvXsEg2kzynYVpnzvL2lRbqRsHgfgzNuuWuSDK1YVjgE1AFQZPeZBCpARLJcpdIgojGOJdVz34gjQT5zCEzHIw3lEzMfsVBcrhKiOd9YcYK5AHFJ_YX3U6WRJTga2mpEEUCdFGxYrfL0hxHHJrwxQ2p2cqcmPECmycbAA-wpg2n3FNs22K_fUe3W8PGZqb5ZQ=s1... blogger.googleusercontent.com/img/a/	1017 KB 1018 KB	2828ms 2435ms	Image image/gif	142.251.10.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/a/AVvXsEg2kzynYVpnzvL2lRbqRsHgfgzNuuWuSDK1YVjgE1AFQZPeZBCpARLJcpdIgojGOJdVz34gjQT5zCEzHIw3lEzMfsVBcrhKiOd9YcYK5AHFJ_YX3U6WRJTga2mpEEUCdFGxYrfL0hxHHJrwxQ2p2cqcmPECmycbAA-wpg2n3FNs22K_fUe3W8PGZqb5ZQ=s16000 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f132.1e100.net Software fife / Resource Hash f1292b712a95b0adee9d82d2098b7f37662da899e7d0af6486401a4c9beb9e61 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:50 GMT x-content-type-options nosniff server fife etag "v22" vary Origin content-type image/gif access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="sogo.gif" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1041847 x-xss-protection 0 expires Sat, 15 Oct 2022 16:33:50 GMT
GET H2	200	close3.gif prediksinebraska.com/wp-content/uploads/2020/12/	362 B 745 B	2428ms 408ms	Image image/gif	63.250.38.205 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://prediksinebraska.com/wp-content/uploads/2020/12/close3.gif Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 63.250.38.205 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS business63-3.web-hosting.com Software LiteSpeed / Resource Hash 0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload; X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:50 GMT strict-transport-security max-age=31536000; includeSubDomains; preload; x-content-type-options nosniff referrer-policy no-referrer-when-downgrade last-modified Thu, 17 Dec 2020 21:16:57 GMT server LiteSpeed x-frame-options SAMEORIGIN content-type image/gif cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 362 x-xss-protection 1; mode=block expires Fri, 21 Oct 2022 16:33:50 GMT
GET H2	200	hugotogel%20baru.gif blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjfsx9RSQlHwtenG1TwP0I_9HwDn_wt3YbMWViSdbDYFMS5FoeZLhwbR3bWS5PNKciGQshN6GjoY1p-KJib452QEm0BF2nOHqoIKLyTv85wDeYLfCLacRWum5VPUgTPka35plJl6tjZ2fxutKv...	589 KB 589 KB	2850ms 2456ms	Image image/gif	142.251.10.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjfsx9RSQlHwtenG1TwP0I_9HwDn_wt3YbMWViSdbDYFMS5FoeZLhwbR3bWS5PNKciGQshN6GjoY1p-KJib452QEm0BF2nOHqoIKLyTv85wDeYLfCLacRWum5VPUgTPka35plJl6tjZ2fxutKvwNXE-bOexGjuBRe119T-sLyYrQmO7OR07WY99GMD5A/s16000/hugotogel%20baru.gif Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f132.1e100.net Software fife / Resource Hash 4e933e87abdc1ee09a2640a85747f620329b5714c17fa0eaa6d941194cdcb450 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:50 GMT x-content-type-options nosniff server fife etag "v12f" vary Origin content-type image/gif access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="hugotogel baru.gif" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 603087 x-xss-protection 0 expires Sat, 15 Oct 2022 16:33:50 GMT
GET H2	200	marvel4d%20baru.gif blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgX_48Z90a0O7PcM2T2QNO98bfyjOVZ4KAGQTUFsFUzbUCQeSSf9yNySH7QSAz76jwj3qSqM4nBZfonjKDRHsjsqghQsDcn6zGGHsNScj983Wpe0ftv05dbAOrTs5kR-3rzggZC8TUxItgbOcBi...	457 KB 458 KB	2711ms 2317ms	Image image/gif	142.251.10.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgX_48Z90a0O7PcM2T2QNO98bfyjOVZ4KAGQTUFsFUzbUCQeSSf9yNySH7QSAz76jwj3qSqM4nBZfonjKDRHsjsqghQsDcn6zGGHsNScj983Wpe0ftv05dbAOrTs5kR-3rzggZC8TUxItgbOcBib5RBsZSkZ4RjK9FlJ3n6DGYPRXD-NV-VJpzJ9SgGjA/s16000/marvel4d%20baru.gif Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f132.1e100.net Software fife / Resource Hash aa3456d8ce8dd36c2170d02dc27a9535f251a1e85f45652cedd19b5e8601238e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:50 GMT x-content-type-options nosniff server fife etag "v10b" vary Origin content-type image/gif access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="marvel4d baru.gif" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 468346 x-xss-protection 0 expires Sat, 15 Oct 2022 16:33:50 GMT
GET H2	200	xotogel%20baru.gif blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiw4neSUJFADBPcp7NCp__P1PyKWwuNhamYpdmcEZFHSYh6BgSIbAfG4V-Hvk7noNBV1C1IM6fyCtZDQYy0YASh72INXkdH9V7zSZbpuVOSt7Uz2M4bSvU5Ub8hfI6DDu5lIZKRHU0klNMqJpb1...	995 KB 996 KB	2776ms 2383ms	Image image/gif	142.251.10.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiw4neSUJFADBPcp7NCp__P1PyKWwuNhamYpdmcEZFHSYh6BgSIbAfG4V-Hvk7noNBV1C1IM6fyCtZDQYy0YASh72INXkdH9V7zSZbpuVOSt7Uz2M4bSvU5Ub8hfI6DDu5lIZKRHU0klNMqJpb1qsIYdWzZcBquIyPUGfuNl_88KfgrcSkUs5cKvpXtBQ/s16000/xotogel%20baru.gif Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f132.1e100.net Software fife / Resource Hash 44ec1548d9b81af595f9a3e1f33369ecf27c47f239f41e75eae9dfc38ac93a20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:50 GMT x-content-type-options nosniff server fife etag "v103" vary Origin content-type image/gif access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="xotogel baru.gif" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1019142 x-xss-protection 0 expires Sat, 15 Oct 2022 16:33:50 GMT
GET H2	200	retrotogel%20baru.gif blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhOQaQnwrOmoVMSiWu8fQ2OmnyzwwdB5ZFIGTG_Br7mZG3bYVXlBBDcpEOIGbHS1GvM1CfMtXjtqr8NyxHEjh4c6BoiJQeoS5XJiKhYO2EJAZ1juthKbGVjmGtbxKHp-rtmgE9aj3EAb8cy_NwL...	807 KB 808 KB	2796ms 2410ms	Image image/gif	142.251.10.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhOQaQnwrOmoVMSiWu8fQ2OmnyzwwdB5ZFIGTG_Br7mZG3bYVXlBBDcpEOIGbHS1GvM1CfMtXjtqr8NyxHEjh4c6BoiJQeoS5XJiKhYO2EJAZ1juthKbGVjmGtbxKHp-rtmgE9aj3EAb8cy_NwLOkcFGXBK8551_g6-rRyToHmJ1ykPP8Jk__cefevxOw/s16000/retrotogel%20baru.gif Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f132.1e100.net Software fife / Resource Hash 716df851521c05af750314cadf86e32bf7dc63b3c1d83624f79a736196e745bb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:50 GMT x-content-type-options nosniff server fife etag "v101" vary Origin content-type image/gif access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="retrotogel baru.gif" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 826343 x-xss-protection 0 expires Sat, 15 Oct 2022 16:33:50 GMT
GET H2	200	sohotogel%20baru.gif blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjrLwMPFqykL-hn-XZSjeDCe7kZO2xZZNZWXlnecjJnbFUNMENea5UW0ltztZxyfr1h5kKVNELI7L35B0Q7HaEM87Hnsuvtj9nF2VORNyAWYLcReNyDFns38KAq7UyvEkpsAThOKYvy8BaLZWPz...	336 KB 337 KB	1918ms 1532ms	Image image/gif	142.251.10.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjrLwMPFqykL-hn-XZSjeDCe7kZO2xZZNZWXlnecjJnbFUNMENea5UW0ltztZxyfr1h5kKVNELI7L35B0Q7HaEM87Hnsuvtj9nF2VORNyAWYLcReNyDFns38KAq7UyvEkpsAThOKYvy8BaLZWPzR3NiIozqJ1TuDymuXzmc1HH8uZ78G2L3BINbVlyGWQ/s16000/sohotogel%20baru.gif Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f132.1e100.net Software fife / Resource Hash 511d90971510ab6211adde0a91c256fe95a9cfa734831169ae2cdca0b637bd74 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:49 GMT x-content-type-options nosniff server fife etag "vff" vary Origin content-type image/gif access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="sohotogel baru.gif" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 344117 x-xss-protection 0 expires Sat, 15 Oct 2022 16:33:49 GMT
GET H2	200	limatogel%20baru.gif blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZJwdIdWh8vep1lEnqilkt7uS4fTsHlLws56sozq7jm9UCNA7HeTprT_Nvo8x3EajWZxsqeuvlpqAmUnnr0YSLey327uWmhcvEdzUJyrgEiuonQDwaWDzaVwzPn9xK3wTXT_V42K_fea9ozZ1Z...	297 KB 297 KB	2739ms 2353ms	Image image/gif	142.251.10.132 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZJwdIdWh8vep1lEnqilkt7uS4fTsHlLws56sozq7jm9UCNA7HeTprT_Nvo8x3EajWZxsqeuvlpqAmUnnr0YSLey327uWmhcvEdzUJyrgEiuonQDwaWDzaVwzPn9xK3wTXT_V42K_fea9ozZ1ZhPvmIdVwBBI67U4uA8ZWmr6yjcIJRPdQKh8u1hw-aA/s16000/limatogel%20baru.gif Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.10.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sd-in-f132.1e100.net Software fife / Resource Hash 69c1725cb84595fc8bf6d7fdc26ae9ac7a70c9dab81c8f945def050547b93965 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:50 GMT x-content-type-options nosniff server fife etag "vf7" vary Origin content-type image/gif access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="limatogel baru.gif" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 303836 x-xss-protection 0 expires Sat, 15 Oct 2022 16:33:50 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	106 KB 42 KB	590ms 201ms	Script application/javascript	74.125.24.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-159054847-17 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f97.1e100.net Software Google Tag Manager / Resource Hash a558828f39c8153f2bf50d5554df13fc348126532307d146f38388262a8f9076 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:48 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42408 x-xss-protection 0 last-modified Fri, 14 Oct 2022 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 14 Oct 2022 16:33:48 GMT
GET H2	200	snippet.js Show response static.zdassets.com/ekr/	23 KB 7 KB	324ms 111ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/ekr/snippet.js?key=492da222-8a36-4268-9a91-913fcf3c6568 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c71a7bdc6e1f2f8875556b690007a65be9e5ae1fb285f76d85180c89a3fa52d2 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:48 GMT x-amz-version-id TCAqq4sghBBBAAXd3MLZ8Fy8XIds..vO content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id WQRMFQ7WCVWCFH52 age 52 x-amz-server-side-encryption AES256 x-amz-replication-status PENDING x-amz-id-2 4uueRlDkcemRYbYSKqHXHn57qrZq2ncFhFicDKD6PYNE2oymzJf1T9wljNG+p0Ndyb51I+ObrJk= last-modified Thu, 28 Jul 2022 23:44:02 GMT server cloudflare etag W/"5cae6ce528dce0c327b2bcbaad459fdb" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RS8TsY4%2BLb2eOfeirOmcviuBWpM9lpbfuh6xhvEWQKhFbhoVJAf2v6be5dBDZiaCOogNhZyNevHL3Vqs76lyEvBTRcbnH5wKJs19WBBu9qxNrxSbQ2wL04mX8YAYhXGfUdWkTpI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=3600, s-maxage=60 cf-ray 75a1b8059b08a974-SYD
GET H/1.1	200 OK	index.js Show response 107.189.29.134/wp-content/plugins/contact-form-7/includes/swv/js/	9 KB 3 KB	348ms 347ms	Script application/javascript	107.189.29.134 PONYNET
General Check archive.org Show headers Download Go to Full URL http://107.189.29.134/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 107.189.29.134 Luxembourg, Luxembourg, ASN53667 (PONYNET, US), Reverse DNS Software LiteSpeed / Resource Hash 29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:48 GMT Content-Encoding gzip Last-Modified Sun, 04 Sep 2022 05:24:36 GMT Server LiteSpeed Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 2929 Expires Fri, 21 Oct 2022 16:33:48 GMT
GET H/1.1	200 OK	index.js Show response 107.189.29.134/wp-content/plugins/contact-form-7/includes/js/	12 KB 4 KB	353ms 350ms	Script application/javascript	107.189.29.134 PONYNET
General Check archive.org Show headers Download Go to Full URL http://107.189.29.134/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 107.189.29.134 Luxembourg, Luxembourg, ASN53667 (PONYNET, US), Reverse DNS Software LiteSpeed / Resource Hash 985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:48 GMT Content-Encoding gzip Last-Modified Sun, 04 Sep 2022 05:24:36 GMT Server LiteSpeed Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 3925 Expires Fri, 21 Oct 2022 16:33:48 GMT
GET H/1.1	200 OK	honeycomb.png 107.189.29.134/wp-content/themes/frontier/images/	265 B 557 B	347ms 346ms	Image image/png	107.189.29.134 PONYNET
General Check archive.org Show headers Download Go to Show image Full URL http://107.189.29.134/wp-content/themes/frontier/images/honeycomb.png Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 107.189.29.134 Luxembourg, Luxembourg, ASN53667 (PONYNET, US), Reverse DNS Software LiteSpeed / Resource Hash 5ff46b82c72bcf5b303048058fff29bbc9a760a0fd65c75682b45c43ddfab637 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:48 GMT Last-Modified Mon, 05 Sep 2022 04:43:46 GMT Server LiteSpeed Content-Type image/png Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 265 Expires Fri, 21 Oct 2022 16:33:48 GMT
GET H/1.1	200 OK	ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 fonts.gstatic.com/s/robotocondensed/v25/	15 KB 16 KB	386ms 193ms	Font font/woff2	142.251.12.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 Requested by Host: fonts.googleapis.com URL: http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.0.2 Protocol HTTP/1.1 Server 142.251.12.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f94.1e100.net Software sffe / Resource Hash 6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://fonts.googleapis.com/ Origin http://107.189.29.134 accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 07:23:31 GMT X-Content-Type-Options nosniff Age 33017 Content-Security-Policy-Report-Only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes Cross-Origin-Resource-Policy cross-origin Content-Length 15700 X-XSS-Protection 0 Last-Modified Tue, 19 Apr 2022 18:51:55 GMT Server sffe Cross-Origin-Opener-Policy same-origin; report-to="apps-themes" Report-To {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} Content-Type font/woff2 Access-Control-Allow-Origin * Cache-Control public, max-age=31536000 Accept-Ranges bytes Timing-Allow-Origin * Expires Sat, 14 Oct 2023 07:23:31 GMT
GET H2	200	luckyspin.html Show response lapakpools.com/ Frame 5158 Redirect Chain http://lapakpools.com/luckyspin.html https://lapakpools.com/luckyspin.html	2 KB 715 B	777ms 194ms	Document text/html	194.233.72.95 CAPL-AS-AP Contab...
General Check archive.org Show headers Download Go to Full URL https://lapakpools.com/luckyspin.html Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.233.72.95 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG), Reverse DNS vmi589094.contaboserver.net Software Apache / Resource Hash b3205af999cf9a5bf20b2bd38eaa2ea2f7114c0520bf5a394f5026daeadb7077 Request headers Referer http://107.189.29.134/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers accept-ranges bytes content-encoding gzip content-length 577 content-type text/html date Fri, 14 Oct 2022 16:33:49 GMT etag "8eb-5e566d0b349c3-gzip" last-modified Thu, 04 Aug 2022 09:17:14 GMT server Apache vary Accept-Encoding Redirect headers Connection close Content-Length 309 Content-Type text/html; charset=iso-8859-1 Date Fri, 14 Oct 2022 16:33:48 GMT Location https://lapakpools.com/luckyspin.html Server Apache
GET H/1.1	200 OK	all Show response 107.189.29.224/iframe/result/ Frame 1B93	10 KB 3 KB	901ms 559ms	Document text/html	107.189.29.224 PONYNET
General Check archive.org Show headers Download Go to Full URL http://107.189.29.224/iframe/result/all Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 107.189.29.224 Luxembourg, Luxembourg, ASN53667 (PONYNET, US), Reverse DNS Software LiteSpeed / PHP/7.2.34 Resource Hash 25e95f2aa8f82929bbc0124ddeefe7a683fe432649ec440b5b2866bddb7a084e Request headers Referer http://107.189.29.134/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers Cache-Control no-cache, private Connection Keep-Alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Fri, 14 Oct 2022 16:33:48 GMT Server LiteSpeed Transfer-Encoding chunked Vary Accept-Encoding X-Powered-By PHP/7.2.34
GET H/1.1	200 OK	js15_as.js Show response s10.histats.com/	11 KB 5 KB	643ms 320ms	Script application/javascript	46.105.201.240 OVH
General Check archive.org Show headers Download Go to Full URL http://s10.histats.com/js15_as.js Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 46.105.201.240 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:28:18 GMT content-encoding gzip last-modified Thu, 16 Apr 2020 10:44:16 GMT x-cacheable Matched cache x-cdn-pop-ip 137.74.122.0/26 x-iplb-request-id ADF5D175:AD1C_2E69C9F0:0050_63498F6C_6803A:3865 etag W/"-375139978" x-iplb-instance 42341 vary Accept-Encoding content-type application/javascript; charset=UTF-8 x-cdn-pop bhs accept-ranges bytes content-length 4547 x-request-id 974684398
GET H/1.1	200 OK	P5sMzZCDf9_T_10ZxCE.woff2 fonts.gstatic.com/s/arimo/v27/	18 KB 19 KB	386ms 193ms	Font font/woff2	142.251.12.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2 Requested by Host: fonts.googleapis.com URL: http://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.0.2 Protocol HTTP/1.1 Server 142.251.12.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f94.1e100.net Software sffe / Resource Hash 1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://fonts.googleapis.com/ Origin http://107.189.29.134 accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 08 Oct 2022 03:09:18 GMT X-Content-Type-Options nosniff Age 566670 Content-Security-Policy-Report-Only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes Cross-Origin-Resource-Policy cross-origin Content-Length 18260 X-XSS-Protection 0 Last-Modified Mon, 11 Jul 2022 21:03:24 GMT Server sffe Cross-Origin-Opener-Policy same-origin; report-to="apps-themes" Report-To {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} Content-Type font/woff2 Access-Control-Allow-Origin * Cache-Control public, max-age=31536000 Accept-Ranges bytes Timing-Allow-Origin * Expires Sun, 08 Oct 2023 03:09:18 GMT
GET DATA	200 OK	truncated /	14 KB 14 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6 Request headers Referer http://107.189.29.134/ Origin http://107.189.29.134 accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/x-font-woff;charset=utf-8
GET H/1.1	200 OK	abc.jpeg 107.189.29.134/wp-content/uploads/2022/05/	25 KB 25 KB	348ms 347ms	Image image/jpeg	107.189.29.134 PONYNET
General Check archive.org Show headers Download Go to Show image Full URL http://107.189.29.134/wp-content/uploads/2022/05/abc.jpeg Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 107.189.29.134 Luxembourg, Luxembourg, ASN53667 (PONYNET, US), Reverse DNS Software LiteSpeed / Resource Hash 147f829a631745226cf0531c66deb4819cb72355db104a07f9502e9e999f312e Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:48 GMT Last-Modified Thu, 26 May 2022 05:23:37 GMT Server LiteSpeed Content-Type image/jpeg Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 25186 Expires Fri, 21 Oct 2022 16:33:48 GMT
GET H/1.1	200 OK	tabel-shio-2022-sogotogel.jpg 107.189.29.134/wp-content/uploads/2022/02/	144 KB 144 KB	347ms 346ms	Image image/jpeg	107.189.29.134 PONYNET
General Check archive.org Show headers Download Go to Show image Full URL http://107.189.29.134/wp-content/uploads/2022/02/tabel-shio-2022-sogotogel.jpg Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 107.189.29.134 Luxembourg, Luxembourg, ASN53667 (PONYNET, US), Reverse DNS Software LiteSpeed / Resource Hash 6fba7f9f5514c6de4ff6f2ac985d84399f2e72ef4916bb99c15f9ac57c5a6a9d Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:48 GMT Last-Modified Sun, 27 Feb 2022 10:39:12 GMT Server LiteSpeed Content-Type image/jpeg Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 147329 Expires Fri, 21 Oct 2022 16:33:48 GMT
GET H2	200	492da222-8a36-4268-9a91-913fcf3c6568 Show response ekr.zdassets.com/compose/	329 B 1 KB	519ms 305ms	XHR application/json	104.18.72.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ekr.zdassets.com/compose/492da222-8a36-4268-9a91-913fcf3c6568 Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=492da222-8a36-4268-9a91-913fcf3c6568 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.72.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f1615e6baab9c2ed47cd6052e791c3035d6fb5e2ee3663aafa2c49cdde1bae27 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:48 GMT strict-transport-security max-age=0 x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-permitted-cross-domain-policies none content-encoding br status 200 OK x-xss-protection 1; mode=block x-request-id 8a42ced135640ca0d4a9aa5d397905a6, 8a42ced135640ca0d4a9aa5d397905a6 x-runtime 0.002090 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"f1615e6baab9c2ed47cd6052e791c303" x-download-options noopen x-frame-options SAMEORIGIN access-control-max-age 7200 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZdDx0FRvDMgry0kTS7z0Q8zCKaqcVV4DpYxF2IXA%2FmSYnzeF8ApIilaH6BFsyAA10TOMhM7PFVWVRJ%2Fo08mg4wzQG22LfrRSfq2NEHxrM%2F2mPyqX3Joj9a44f1X2rGKAek%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers cache-control max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600 content-type application/json; charset=utf-8 x-zendesk-zorg yes vary Origin, Accept-Encoding cf-ray 75a1b807ac56a7f3-SYD
GET H2	200	23e9.svg s.w.org/images/core/emoji/14.0.0/svg/	252 B 484 B	307ms 100ms	Image image/svg+xml	192.0.77.48 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://s.w.org/images/core/emoji/14.0.0/svg/23e9.svg Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS s.w.org Software nginx / Resource Hash 5ec172bae1671e47c5b44c8bc850d1ec30739659b565c53d99fa6d234a6aa445 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-nc HIT syd 2 date Fri, 14 Oct 2022 16:33:48 GMT x-content-type-options nosniff last-modified Tue, 12 Apr 2022 03:53:44 GMT server nginx x-frame-options SAMEORIGIN access-control-allow-methods GET, HEAD content-type image/svg+xml access-control-allow-origin * cache-control max-age=315360000 accept-ranges bytes content-length 252 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	4391016.php Show response s4.histats.com/stats/	419 B 554 B	1572ms 345ms	Script text/html	192.99.8.27 OVH
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/4391016.php?4391016&@f16&@g1&@h1&@i1&@j1665765228821&@k0&@l1&@mPrediksi%20HK%20Jitu%20Malam%20Hari%20Ini&@n0&@o1000&@q0&@r0&@s433&@ten-US&@u1600&@b1:-85380029&@b3:1665765229&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2F107.189.29.134%2F&@w Requested by Host: s10.histats.com URL: http://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.99.8.27 , Canada, ASN16276 (OVH, FR), Reverse DNS ns500876.ip-192-99-8.net Software / Resource Hash 2ac6c9e502c18563546108e7ab9d7e67ac0c14f2f4514e4453e8d633d7d2541c Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:50 GMT Connection close Content-Length 419 Content-Type text/html;charset=UTF-8
GET H2	200	web-widget-framework-8bd776911afeefa93f7a.js Show response static.zdassets.com/web_widget/latest/ Frame F242	151 KB 49 KB	114ms 113ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/web-widget-framework-8bd776911afeefa93f7a.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/ekr/snippet.js?key=492da222-8a36-4268-9a91-913fcf3c6568 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c97397ccc8fe27ea815ec4e25c4efe519986d922630ed0d047b4af790ff25d9 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:49 GMT x-amz-version-id Mvofx3wTqz8ALsJ8d8lsKCM3bSR6VfqY content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id YZWT26MMJXK4J3XN age 215293 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 2NY5IsbXEJqpR+YuDVEM9V610AaqzVX6tFh1TMkHlDzNQWXwoikIIoKwPcNETijYM6IajEHTPYI= last-modified Wed, 12 Oct 2022 04:22:21 GMT server cloudflare etag W/"1e30c3ac655ff8afe1406becbd37987a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFiFKOt8MPD7CU%2F1l%2B3j5zttHq7hdD0B6gT4XAXVMpyv5jWDtFRyMt3MMX0KqjwgPI6%2Fdu1CAYtPeglhLmGmy%2BQwqSDxQyWmChpA%2BeFT0v%2B9B2hdbZqNzJWFT6%2F%2Fw3Aj%2FgjTAko%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 75a1b809bde4a974-SYD expires Thu, 12 Oct 2023 04:22:20 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	582ms 193ms	Script text/javascript	142.251.12.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-159054847-17 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f101.1e100.net Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 14 Oct 2022 15:37:34 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 3375 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Fri, 14 Oct 2022 17:37:34 GMT
GET H2	200	css2 fonts.googleapis.com/ Frame 1B93	2 KB 930 B	586ms 198ms	Stylesheet text/css	172.217.194.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap Requested by Host: 107.189.29.224 URL: http://107.189.29.224/iframe/result/all Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f95.1e100.net Software ESF / Resource Hash 808f97075fc1233d487b23401e97c6c11fb39eb115ec0d9fc251ec09d9b2d5d4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.224/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 14 Oct 2022 16:33:49 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 14 Oct 2022 16:33:49 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 14 Oct 2022 16:33:49 GMT
GET H/1.1	200 OK	iframe.css 107.189.29.224/public/css/ Frame 1B93	5 KB 2 KB	343ms 343ms	Stylesheet text/css	107.189.29.224 PONYNET
General Check archive.org Show headers Download Go to Full URL http://107.189.29.224/public/css/iframe.css Requested by Host: 107.189.29.224 URL: http://107.189.29.224/iframe/result/all Protocol HTTP/1.1 Server 107.189.29.224 Luxembourg, Luxembourg, ASN53667 (PONYNET, US), Reverse DNS Software LiteSpeed / Resource Hash 8570f5829f429388fc655835e4db937d56abce68ff7ecc294c82bdc6d03f30d9 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.224/iframe/result/all User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:49 GMT Content-Encoding gzip Last-Modified Tue, 22 Dec 2020 14:16:30 GMT Server LiteSpeed Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 1309 Expires Fri, 21 Oct 2022 16:33:49 GMT
GET H2	200	config Show response xotogel88.zendesk.com/embeddable/ Frame F242	725 B 1 KB	509ms 297ms	Fetch application/json	104.16.51.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xotogel88.zendesk.com/embeddable/config Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-8bd776911afeefa93f7a.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.51.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4496f37c7618107edb22c379009d28f00f67f88eec669182dedfbb0ef69a71a3 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:49 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-zendesk-origin-server embeddable-app-server-d9bfc6d44-s7lb6 x-cached MISS x-request-id be2c2419e3e1d54586be18038732dc23 x-runtime 0.001586 last-modified Fri, 14 Oct 2022 16:33:49 GMT server cloudflare access-control-max-age 7200 access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k515Sl8HR%2FEd2Fd6xLb1v3rm%2Frukxcjc8Au557TDmlXPY2RE0PCsvwU65fJ7oCCY2ewH3npjN%2BZ698%2BjmIYuoubR97RQLGCwshWtRvnKQakOy6zlxgIEoukB6zfGQOUdX9ppPRLjHQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers cache-control public, max-age=60, stale-while-revalidate=600, stale-if-error=3600 vary Origin, Accept-Encoding cf-ray 75a1b80be9d8558d-SYD
GET H2	200	bootstrap.min.css lapakpools.com/luckyspin_files/ Frame 5158	120 KB 20 KB	199ms 198ms	Stylesheet text/css	194.233.72.95 CAPL-AS-AP Contab...
General Check archive.org Show headers Download Go to Full URL https://lapakpools.com/luckyspin_files/bootstrap.min.css Requested by Host: lapakpools.com URL: https://lapakpools.com/luckyspin.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.233.72.95 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG), Reverse DNS vmi589094.contaboserver.net Software Apache / Resource Hash 1e3839572c1b4ca3706f155f282aa59d4321c0b431c16a825883bdde0ac96203 Request headers accept-language en-AU,en;q=0.9 Referer https://lapakpools.com/luckyspin.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:49 GMT content-encoding gzip last-modified Sun, 29 Nov 2020 07:12:04 GMT server Apache etag "1de1a-5b5399c52f900-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 19835
GET H2	200	darkly-bootstrap.css lapakpools.com/luckyspin_files/ Frame 5158	139 KB 20 KB	586ms 585ms	Stylesheet text/css	194.233.72.95 CAPL-AS-AP Contab...
General Check archive.org Show headers Download Go to Full URL https://lapakpools.com/luckyspin_files/darkly-bootstrap.css Requested by Host: lapakpools.com URL: https://lapakpools.com/luckyspin.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.233.72.95 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG), Reverse DNS vmi589094.contaboserver.net Software Apache / Resource Hash fa1c601173e2269fecc3c1c1197e5071455beb2a780577d8620b9ae2940045ed Request headers accept-language en-AU,en;q=0.9 Referer https://lapakpools.com/luckyspin.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:49 GMT content-encoding gzip last-modified Sun, 29 Nov 2020 07:12:04 GMT server Apache etag "22a90-5b5399c52f900-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 20008
GET H2	200	style1.css lapakpools.com/luckyspin_files/ Frame 5158	2 KB 653 B	585ms 584ms	Stylesheet text/css	194.233.72.95 CAPL-AS-AP Contab...
General Check archive.org Show headers Download Go to Full URL https://lapakpools.com/luckyspin_files/style1.css Requested by Host: lapakpools.com URL: https://lapakpools.com/luckyspin.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.233.72.95 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG), Reverse DNS vmi589094.contaboserver.net Software Apache / Resource Hash f11369ab5c265a8741674dbef624d65e7ecd9128aef27601926bfc22584d8475 Request headers accept-language en-AU,en;q=0.9 Referer https://lapakpools.com/luckyspin.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:49 GMT content-encoding gzip last-modified Sun, 29 Nov 2020 07:12:04 GMT server Apache etag "981-5b5399c52f900-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 599
GET H2	200	style2.css lapakpools.com/luckyspin_files/ Frame 5158	61 KB 9 KB	779ms 778ms	Stylesheet text/css	194.233.72.95 CAPL-AS-AP Contab...
General Check archive.org Show headers Download Go to Full URL https://lapakpools.com/luckyspin_files/style2.css Requested by Host: lapakpools.com URL: https://lapakpools.com/luckyspin.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.233.72.95 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG), Reverse DNS vmi589094.contaboserver.net Software Apache / Resource Hash a9eed0881fb17dd5dcffada790c9bed0972556dba2342d0038558ea9285d6e96 Request headers accept-language en-AU,en;q=0.9 Referer https://lapakpools.com/luckyspin.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:49 GMT content-encoding gzip last-modified Sun, 29 Nov 2020 07:12:04 GMT server Apache etag "f36d-5b5399c52f900-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 8998
GET H2	200	reset.css lapakpools.com/luckyspin_files/ Frame 5158	1 KB 702 B	778ms 777ms	Stylesheet text/css	194.233.72.95 CAPL-AS-AP Contab...
General Check archive.org Show headers Download Go to Full URL https://lapakpools.com/luckyspin_files/reset.css Requested by Host: lapakpools.com URL: https://lapakpools.com/luckyspin.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.233.72.95 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG), Reverse DNS vmi589094.contaboserver.net Software Apache / Resource Hash 3b6e667c1b9ba1b3f2f4236c19322fc8bc300346a3f0472c33aaa80c3a574859 Request headers accept-language en-AU,en;q=0.9 Referer https://lapakpools.com/luckyspin.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:49 GMT content-encoding gzip last-modified Sun, 29 Nov 2020 07:12:04 GMT server Apache etag "48d-5b5399c52f900-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 648
GET H2	200	slot.css lapakpools.com/luckyspin_files/ Frame 5158	9 KB 1 KB	779ms 777ms	Stylesheet text/css	194.233.72.95 CAPL-AS-AP Contab...
General Check archive.org Show headers Download Go to Full URL https://lapakpools.com/luckyspin_files/slot.css Requested by Host: lapakpools.com URL: https://lapakpools.com/luckyspin.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.233.72.95 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG), Reverse DNS vmi589094.contaboserver.net Software Apache / Resource Hash eb9a0704e6b6ffee698502dc677d707663dd561a687b5e260b36b772be9fef48 Request headers accept-language en-AU,en;q=0.9 Referer https://lapakpools.com/luckyspin.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:49 GMT content-encoding gzip last-modified Sun, 29 Nov 2020 07:12:04 GMT server Apache etag "23c2-5b5399c52f900-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 1144
GET H2	200	jquery-ui.css lapakpools.com/luckyspin_files/ Frame 5158	37 KB 9 KB	779ms 778ms	Stylesheet text/css	194.233.72.95 CAPL-AS-AP Contab...
General Check archive.org Show headers Download Go to Full URL https://lapakpools.com/luckyspin_files/jquery-ui.css Requested by Host: lapakpools.com URL: https://lapakpools.com/luckyspin.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.233.72.95 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG), Reverse DNS vmi589094.contaboserver.net Software Apache / Resource Hash 01bcc0a6143a756e2b68d47c4a36ef3ac504b647b89b0d106c42bf0b27cfd172 Request headers accept-language en-AU,en;q=0.9 Referer https://lapakpools.com/luckyspin.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:49 GMT content-encoding gzip last-modified Sun, 29 Nov 2020 07:12:04 GMT server Apache etag "94a8-5b5399c52f900-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 8691
GET H2	200	jquery.min.js.download Show response lapakpools.com/luckyspin_files/ Frame 5158	95 KB 33 KB	779ms 778ms	Script application/javascript	194.233.72.95 CAPL-AS-AP Contab...
General Check archive.org Show headers Download Go to Full URL https://lapakpools.com/luckyspin_files/jquery.min.js.download Requested by Host: lapakpools.com URL: https://lapakpools.com/luckyspin.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.233.72.95 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG), Reverse DNS vmi589094.contaboserver.net Software Apache / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Request headers accept-language en-AU,en;q=0.9 Referer https://lapakpools.com/luckyspin.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:49 GMT content-encoding gzip last-modified Sun, 29 Nov 2020 07:12:04 GMT server Apache etag "17b8b-5b5399c52f900-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 33760
GET H2	200	slot.js.download Show response lapakpools.com/luckyspin_files/ Frame 5158	3 KB 1011 B	779ms 778ms	Script application/javascript	194.233.72.95 CAPL-AS-AP Contab...
General Check archive.org Show headers Download Go to Full URL https://lapakpools.com/luckyspin_files/slot.js.download Requested by Host: lapakpools.com URL: https://lapakpools.com/luckyspin.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.233.72.95 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG), Reverse DNS vmi589094.contaboserver.net Software Apache / Resource Hash ac4aab009a241da617810e8d021b9a22aa6e41b32472c05e6efb396acb142f8e Request headers accept-language en-AU,en;q=0.9 Referer https://lapakpools.com/luckyspin.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:49 GMT content-encoding gzip last-modified Sun, 29 Nov 2020 07:12:04 GMT server Apache etag "a83-5b5399c52f900-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 940
GET H2	200	slot1.js.download Show response lapakpools.com/luckyspin_files/ Frame 5158	3 KB 995 B	1551ms 1550ms	Script application/javascript	194.233.72.95 CAPL-AS-AP Contab...
General Check archive.org Show headers Download Go to Full URL https://lapakpools.com/luckyspin_files/slot1.js.download Requested by Host: lapakpools.com URL: https://lapakpools.com/luckyspin.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.233.72.95 Singapore, Singapore, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG), Reverse DNS vmi589094.contaboserver.net Software Apache / Resource Hash c36b4cdb67aa3dfda56c9fd5cf10680b8655a26179005fccb483d0819951bee4 Request headers accept-language en-AU,en;q=0.9 Referer https://lapakpools.com/luckyspin.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:49 GMT content-encoding gzip last-modified Sun, 29 Nov 2020 07:12:04 GMT server Apache etag "a84-5b5399c52f900-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 941
GET H2	200	web-widget-classic-de934ba.js Show response static.zdassets.com/web_widget/latest/classic/ Frame F242	13 KB 4 KB	111ms 110ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-de934ba.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-8bd776911afeefa93f7a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6dc9f804148f8e57555339025bc4d3360bc224f4950ee3f985be094f14ebe182 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:49 GMT x-amz-version-id 7P.5y1MiLu6pNiVpnxTUczigrAX.JVsq content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id X0T67JMYPS7429QT age 215292 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 x7/FbQBzH7KHkiBiZBvqaZshChjwPcL9y7HR+EMS2UwLy0WP0zKZz1tuWVBJ/ZA0ld4DHxevmf4= last-modified Wed, 12 Oct 2022 04:22:33 GMT server cloudflare etag W/"b954678001199f8e50b4d9d618350332" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJSG0z4ZJmCnEa%2FTobKYGrLmd1Jt06ptD9l%2BTsXKyYJ0uEpxapDcy22CW2SDfoCYd9EbG3x3sX9wpR0dBb2S367yQrEYvzlevvk9ytHgd9eKpB5FsauBLDee7UTrxmFhclIknPY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 75a1b80dc85da974-SYD expires Thu, 12 Oct 2023 04:22:32 GMT
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v23/ Frame 1B93	23 KB 23 KB	582ms 194ms	Font font/woff2	142.251.12.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f94.1e100.net Software sffe / Resource Hash c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://107.189.29.224 accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 Oct 2022 20:12:48 GMT x-content-type-options nosniff age 591662 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23040 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:56:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 07 Oct 2023 20:12:48 GMT
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v23/ Frame 1B93	23 KB 23 KB	773ms 385ms	Font font/woff2	142.251.12.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f94.1e100.net Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://107.189.29.224 accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 14:34:09 GMT x-content-type-options nosniff age 7181 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23580 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:48:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 14 Oct 2023 14:34:09 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 204 B	195ms 194ms	XHR text/plain	142.251.12.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=320038816&t=pageview&_s=1&dl=http%3A%2F%2F107.189.29.134%2F&ul=en-us&de=UTF-8&dt=Prediksi%20HK%20Jitu%20Malam%20Hari%20Ini&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1732850033&gjid=666988199&cid=28606243.1665765230&tid=UA-159054847-17&_gid=1119233769.1665765230&_r=1&gtm=2ouaa0&z=742773701 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f101.1e100.net Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://107.189.29.134/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 14 Oct 2022 16:33:49 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin http://107.189.29.134 cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 132 B	194ms 193ms	Image image/gif	142.251.12.101 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j98&a=320038816&t=pageview&_s=2&dl=http%3A%2F%2F107.189.29.134%2F&ul=en-us&de=UTF-8&dt=Prediksi%20HK%20Jitu%20Malam%20Hari%20Ini&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=28606243.1665765230&tid=UA-159054847-17&_gid=1119233769.1665765230&gtm=2ouaa0&z=527766102 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.12.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f101.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 14 Oct 2022 02:38:55 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 50094 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	web-widget-8165-de934ba.js Show response static.zdassets.com/web_widget/latest/classic/ Frame F242	663 KB 190 KB	222ms 221ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/classic/web-widget-8165-de934ba.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-de934ba.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dbee8bfe903d4ea9f71b1de60e45e2226d77fe1ff3101cb9f0362f20b44fd96a Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:49 GMT x-amz-version-id hSZFoEqEDVfSEQz6gZ6RVgkyJZ1wVhpo content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id AVTG768F1GYWM3DK age 215290 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 wyBaCzYNeg3CaVsMaO8DCTi3uA0OpzIjLfcj/5Fws+MKA0svvtOWD0vEbGl/S7AC/mDt7zWwWPw= last-modified Wed, 12 Oct 2022 04:22:33 GMT server cloudflare etag W/"d519ea27f763cb6ec80aeec5b45213a7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2alwLz7fosFUFTx%2B%2BynoliTCnjXSFU9%2BpVMz7cCYKvt%2BvHvDCctczBOBPS34UKkSFy%2FdZi6rq8Cl0mBokRItO3GZzSMoHOpoJlvxM780sgNsNZLk7OCYGt%2FVvJR5UthZW%2Bs1aI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 75a1b80e789ba974-SYD expires Thu, 12 Oct 2023 04:22:32 GMT
GET H2	200	web-widget-5324-de934ba.js Show response static.zdassets.com/web_widget/latest/classic/ Frame F242	491 KB 108 KB	117ms 116ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/classic/web-widget-5324-de934ba.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-de934ba.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d92aace170c818854396bfa1b4035677918295b17abb4618b7c7b3938a08e312 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:49 GMT x-amz-version-id Ta2bAYBAel51YZQz2scu55DxFdOBAiSK content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id AVTV4K7TKSN4E2V2 age 215290 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 103yDYkxfgi9fvCRq8MNCfc9iovyR29BH69J1NVBxb0Pmg2apU2a01y0nKdPoUvS4/Y5isJc1Yw= last-modified Wed, 12 Oct 2022 04:22:33 GMT server cloudflare etag W/"42bbde2d6f9114e30197fe178ffb83f8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9YTgVzg8lpXZg%2FSRD5tFSB6aZ4izlITjVFvYucvhCuwLAOymQHm0jyG95KHzl7JBNYhfP4G92cTfqm1QhvkCf7eoRvV4QdRYb2AKm%2F2nWKx2s4SUXQIloDHVESZu2FtuCSrvjw%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 75a1b80e789ca974-SYD expires Thu, 12 Oct 2023 04:22:32 GMT
GET H2	200	embeddable_blip Show response xotogel88.zendesk.com/ Frame F242	0 454 B	276ms 276ms	XHR text/plain	104.16.51.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xotogel88.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJlbi1BVSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZW4tYXUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2V9LCJhY3Rpb24iOiJsb2NhbGVNaXNtYXRjaCIsImNhdGVnb3J5IjoibG9jYWxlIn0sImJ1aWQiOiIzYWJjNTNjYmI0OTc0MzdmOTA4YTFlZDE3YWJjYjcxOSIsInN1aWQiOiJjMzMyNGRhZjU2M2Y0YWVjOTEzYTcyZThiNDVmY2UxMyIsInZlcnNpb24iOiJkZTkzNGJhIiwidGltZXN0YW1wIjoiMjAyMi0xMC0xNFQxNjozMzo1MC4xOTdaIiwidXJsIjoiaHR0cDovLzEwNy4xODkuMjkuMTM0LyJ9 Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-8bd776911afeefa93f7a.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.51.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:50 GMT cf-cache-status MISS last-modified Fri, 14 Oct 2022 16:33:50 GMT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare x-zendesk-zorg yes vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jry%2BoqiO2O%2Bpbga3%2BFtIUDaiiaDdCV9yjziVqfVVOuPP5KIH5X8SYgHBL%2F%2FiyiRC4BnLdXitWg4A2EhqB55X5hZ0BsBJCIligWIi1%2F1TpCMDJqVysrddgieLL2FEXe7W4EJ7lmpKfw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * accept-ranges bytes cf-ray 75a1b8111b68558d-SYD content-length 0 x-request-id d30fe21cf335e57e3189c9bb0384a05b
GET H2	200	en-au-json-de934ba.js Show response static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/ Frame F242	25 KB 6 KB	113ms 113ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/classic/web-widget-locales/classic/en-au-json-de934ba.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-de934ba.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f6380f735899499b6f205cbc905d7464ed2b7ef2622479a7818d7a03909eee4 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:50 GMT x-amz-version-id P.ISsdSs8irks4e30jm2VYFWmRwv..9Z content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id 73MNDXPMD9WBQRSN age 215289 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 Tz/ksv2S14I9O2qWwMaP4CBW3vIWVewV9N/oHvNgnDTr7ApksHETA1r985YY7g0IBZyiJ6yo7js= last-modified Wed, 12 Oct 2022 04:22:34 GMT server cloudflare etag W/"448ed82e58eeea9b6a6a1716e3a3bc4f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zG9fj%2BWgsHYEy8tOeDIh6hBDrU%2BQ4mfpb%2BzZhAaS4bdiO%2Fw6gFdiYF2yKeHINAUqo5xj3%2BXrzC47w09yTnSyU%2F6xb5WwDQ7F0Dq8reG9mg3QkSvaUAc%2BK%2FMzKFMLqfCqm%2FnUPNY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 75a1b81119fda974-SYD expires Thu, 12 Oct 2023 04:22:33 GMT
GET H2	200	css fonts.googleapis.com/ Frame 5158	2 KB 524 B	498ms 197ms	Stylesheet text/css	172.217.194.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:400,700,400italic Requested by Host: lapakpools.com URL: https://lapakpools.com/luckyspin_files/darkly-bootstrap.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f95.1e100.net Software ESF / Resource Hash 635a067512ee3bb9724e69b005302a3caaef1284f7d134b9b773f3085548d1e3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://lapakpools.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 14 Oct 2022 16:33:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 14 Oct 2022 15:44:17 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 14 Oct 2022 16:33:50 GMT
GET H2	200	web-widget-chat-sdk-de934ba.js Show response static.zdassets.com/web_widget/latest/classic/ Frame F242	202 KB 51 KB	115ms 114ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-sdk-de934ba.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-de934ba.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 83b6f9b5c75ff60e6d4228b0a46fa4c0c80c18dabef5d89534d9c7255e10df35 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:50 GMT x-amz-version-id p3BdYA62KSeQq44F3wsTmforNGPu8Msx content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id PYGCKVH7ZNSQMEFF age 215288 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 nQp3TB/6HgLB6P0jmleuMZiRtCfCTDIG6DND9eqlmZiYsaAqk8mT8Yyu31PiE7NIOaBfQdUwDjk= last-modified Wed, 12 Oct 2022 04:22:33 GMT server cloudflare etag W/"865d0cd066636165cf7f35fb97a1d90d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2YecP0dUhyv3USiqBNUeJzoDZYkJ5PZJiJ3P9AQLkmK%2FrOjZpkPkFRDzIg1EsEN2YTkLTrOeGTuBlC1AbGioV8l%2FxSRN%2BK2YmI4wGQS3UPoFXcf%2BZu%2FyeEOh%2FfrCivDrS6f5YU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 75a1b811ea68a974-SYD expires Thu, 12 Oct 2023 04:22:32 GMT
GET H2	200	cc_433.js Show response s10.histats.com/counters/	20 KB 9 KB	963ms 320ms	Script application/javascript	46.105.201.240 OVH
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/counters/cc_433.js Requested by Host: s10.histats.com URL: http://s10.histats.com/js15_as.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.201.240 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash 6faef2a9122a84c8ef399b819a303ed612e3aefded8e5dfca6419bc9a2677de3 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:25:02 GMT content-encoding br last-modified Thu, 16 Apr 2020 10:45:32 GMT x-cacheable Matched cache x-cdn-pop-ip 137.74.122.0/26 etag "1576520610" content-type application/javascript; charset=UTF-8 x-cdn-pop bhs accept-ranges bytes content-length 8508 x-request-id 956203669
GET H/1.1	200 OK	/ Show response e.dtscout.com/e/ Redirect Chain http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F107.189.29.134%2F&j= https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F107.189.29.134%2F&j=	8 KB 9 KB	966ms 324ms	Script application/javascript	158.69.139.238 OVH
General Check archive.org Show headers Download Go to Full URL https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F107.189.29.134%2F&j= Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 158.69.139.238 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ip238.ip-158-69-139.net Software nginx/1.14.0 (Ubuntu) / Resource Hash b271b58341b10be4486806944609c7be661aaa4887c90ae90c68af02a0fd611a Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:51 GMT X-T 2.284 Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked Content-Type application/javascript Cache-Control no-cache Connection close X-S mtl2 Expires Fri, 14 Oct 2022 16:33:50 GMT Redirect headers Location https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F107.189.29.134%2F&j= Date Fri, 14 Oct 2022 16:33:50 GMT Server nginx/1.14.0 (Ubuntu) Connection keep-alive Content-Length 194 Content-Type text/html
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f89f1fe1c86dc63bdd3668f2922215318bc10dc9ade1d22300121b41d541f726 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	web-widget-chat-incoming-message-notification-de934ba.js Show response static.zdassets.com/web_widget/latest/classic/ Frame F242	208 B 633 B	115ms 114ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/classic/web-widget-chat-incoming-message-notification-de934ba.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-de934ba.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53be1dac57456d1c758599183b9f5b14c95fe22ea6bc0ee70da5d989ef8a9407 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:51 GMT x-amz-version-id SPWtvJkNU4pYvP5queACSZwnWqydw8yV content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id YY9QWNKFPVSXBVMS age 215287 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 zhaYJJXO69lqE9OANoNwW7kF9tRXX2JcosnE5Gbn3D052f9o/3unuuPJjAX4fl0VJ2gls5KnZjI= last-modified Wed, 12 Oct 2022 04:22:33 GMT server cloudflare etag W/"659635f5ad1b6653645380f46aa42236" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnqD3V%2FpEav5fw5L2DCegC6KJ9DEIDmQjdYQyuufgy3i1X6LOElbud%2BzeUuxnGPr5q7IuneXAXyEhGV1yfXeebQB2dKjHBODZ1C%2BTi90ZCBd2JEYFhYOEd5s7p8nz5yUAh39v5k%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 75a1b81baef8a974-SYD expires Thu, 12 Oct 2023 04:22:32 GMT
GET H2	200	uDKTIGeaIACQuKN5LsJpnPJEg7Im4czd-banner v2assets.zopim.io/ Frame E9EB	46 KB 46 KB	317ms 106ms	Image image/jpeg	104.18.204.90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://v2assets.zopim.io/uDKTIGeaIACQuKN5LsJpnPJEg7Im4czd-banner?1593453786773 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.18.204.90 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02ddf5b58b5c966f55c824939d229775016acbf9ca463d95a688e7a233db3288 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:52 GMT x-amz-version-id null cf-cache-status HIT x-amz-request-id CE2PZNVNGCG3AJ8Y age 402 x-amz-server-side-encryption AES256 content-length 47000 x-amz-id-2 uxou70R9oU+MmR2ZQAEccrqZJXj1RWL0aAwfsuN2BkcB9NivXZNLiUDCVuRCubio9T7Fe75Evms= cf-bgj h2pri last-modified Mon, 29 Jun 2020 18:03:09 GMT server cloudflare etag "aa7cb216a1b035fae3bdf3704afe3e9c" vary Accept-Encoding content-type image/jpeg cache-control public, max-age=86400 accept-ranges bytes x-robots-tag none, noarchive cf-ray 75a1b81d19716a4b-SYD expires Sat, 15 Oct 2022 16:33:52 GMT
GET H2	206	fda6cd35495c75f83508d9d2e77ee33d.mp3 static.zdassets.com/web_widget/latest/classic/ Frame F242	19 KB 20 KB	110ms 110ms	Media audio/mpeg	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/classic/fda6cd35495c75f83508d9d2e77ee33d.mp3 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer Accept-Encoding identity;q=1, *;q=0 accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=0- Response headers date Fri, 14 Oct 2022 16:33:52 GMT x-amz-version-id _mVzk2erAtaFGKY1gdkq6J8Ig_UnngWl cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id NHD6MDSGQ77E5B3K age 15958513 x-amz-server-side-encryption AES256 Content-Range bytes 0-19697/19698 x-amz-replication-status COMPLETED Content-Length 19698 x-amz-id-2 qMBXvkbeSNu4Nx61ivMjkUD2vv/wrpAqFSkQrf0sBVna5nAkwb1EsBhUpKpgBWmpUV94LUOfges= last-modified Tue, 12 Apr 2022 23:16:47 GMT server cloudflare etag "f11ce9e8f40a392830217253fe75d6de" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYzrb6CUQzEeUWjevI2sUPiCZDTjM3HzAERYXZx5NHX5EjWpy00TWxVM95nBfkpAhavi0TMYWT4D2IPAr30r9DQfpDdR60%2FyxavNECKfhFCTkg%2FIkPaPf3eAm2vILI3gw1SgYw8%3D"}],"group":"cf-nel","max_age":604800} content-type audio/mpeg; charset=utf-8 cache-control public, max-age=31536000 cf-ray 75a1b81c5f5ba974-SYD expires Wed, 12 Apr 2023 23:16:46 GMT
GET H/1.1	200 OK	/ Show response t.dtscout.com/idg/ Frame B899	1 KB 755 B	947ms 313ms	Document text/html	167.114.209.61 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/idg/?su=10401665765231554CAF5A5E553A3691 Requested by Host: e.dtscout.com URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F107.189.29.134%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 167.114.209.61 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns515688.ip-167-114-209.net Software nginx/1.10.3 (Ubuntu) / Resource Hash 67c54ec9e351640e9a1299636e95ae52b514bc72af7bb83204f53f639ebc9a88 Request headers Referer http://107.189.29.134/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers Cache-Control no-cache Connection close Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Fri, 14 Oct 2022 16:33:52 GMT Expires Fri, 14 Oct 2022 16:33:51 GMT Server nginx/1.10.3 (Ubuntu) Transfer-Encoding chunked
GET H2	200	tag.min.js Show response get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/	30 KB 10 KB	707ms 214ms	Script text/javascript	13.33.33.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Requested by Host: e.dtscout.com URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F107.189.29.134%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.33.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-33-16.sin2.r.cloudfront.net Software AmazonS3 / Resource Hash caf00dccdfb24b237c2e763929bbdbf10d64d66606688390a39c6456fbddb409 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id ePoTNcv0DaSHt0vz0AKUJEI0tBAExaJ3 content-encoding gzip via 1.1 54d4d00f5a92073c1a23e29f92000462.cloudfront.net (CloudFront) date Thu, 13 Oct 2022 19:39:45 GMT last-modified Thu, 25 Aug 2022 14:07:06 GMT server AmazonS3 x-amz-cf-pop SIN2-P1 age 75248 etag W/"c722c8e06c3a9be75b009576c49f7792" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control max-age=86400 x-amz-cf-id Wfp7uLuInEpQnkul_t_8LCTpjr2YTQQg1SyR95_iTVOPXXWxpVxbZw==
GET H/1.1	200 OK	dtscout Show response pd.sharethis.com/pd/	2 KB 3 KB	1551ms 387ms	Script application/javascript	3.120.104.56 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pd.sharethis.com/pd/dtscout Requested by Host: e.dtscout.com URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F107.189.29.134%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.104.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-104-56.eu-central-1.compute.amazonaws.com Software / Resource Hash 0b695ab195e092ecfcf7c14201acf2319bd29f9ec5452e34845be7060cb246ce Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:53 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Connection keep-alive X-Robots-Tag noindex, nofollow Content-Length 2273 Content-Type application/javascript
GET H2	200	afwu.js Show response cdn.tynt.com/	11 KB 4 KB	327ms 110ms	Script application/javascript	104.18.19.39 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.tynt.com/afwu.js Requested by Host: e.dtscout.com URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F107.189.29.134%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.19.39 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 197ac67d2524c83b22a0c8023678bd639975ba3d6c0c086aa406e7af484201a2 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:52 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 21 Jul 2022 14:57:21 GMT server cloudflare age 92097 etag W/"62d96951-2a93" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 75a1b81deb03aae7-SYD expires Mon, 17 Oct 2022 16:33:52 GMT
GET H/1.1	200 OK	/ Show response t.dtscout.com/pv/	50 B 318 B	948ms 314ms	Script application/javascript	167.114.209.61 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/pv/?_a=v&_h=107.189.29.134&_ss=5w0hob79c7&_pv=1&_ls=0&_u1=1&_u3=1&_cc=au&_pl=d&_cbid=338s&_cb=_dtspv.c Requested by Host: e.dtscout.com URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F107.189.29.134%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 167.114.209.61 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns515688.ip-167-114-209.net Software nginx/1.10.3 (Ubuntu) / Resource Hash 02199ae7fd97d97a8ca4383bcace0561c2911645cf683ccf4d55d0d3bbb22b5c Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:52 GMT X-T 0.218 Server nginx/1.10.3 (Ubuntu) Transfer-Encoding chunked X-C 0 Content-Type application/javascript Cache-Control no-cache Connection close Expires Fri, 14 Oct 2022 16:33:51 GMT
GET H2	200	p ic.tynt.com/b/	35 B 581 B	860ms 285ms	Image image/gif	67.202.105.34 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1665765232363&dn=AFWU&iso=0&t=Prediksi%20HK%20Jitu%20Malam%20Hari%20Ini&cu=http%3A%2F%2F107.189.29.134%2F Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.34 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip34.67-202-105.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:53 GMT last-modified Fri, 16 Apr 2010 15:38:20 GMT server nginx/1.16.1 accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version etag "4bc8846c-23" content-type image/gif p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA" cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" accept-ranges bytes content-length 35 expires "Sat, 26 Jul 1997 05:00:00 GMT"
GET H2	200	v2 Show response de.tynt.com/deb/	811 B 1 KB	905ms 301ms	Script application/javascript	67.202.105.31 STEADFAST
General Check archive.org Show headers Download Go to Full URL https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r= Requested by Host: cdn.tynt.com URL: https://cdn.tynt.com/afwu.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.31 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip31.67-202-105.static.steadfastdns.net Software / Resource Hash 0a4e9f52369e4341a99ecfd0b3bb55f1d5935309c71c66821ae0c5caafaa7497 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA" date Fri, 14 Oct 2022 16:33:52 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false content-type application/javascript accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version content-length 811 expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	/ Show response onetag-geo.s-onetag.com/	535 B 938 B	825ms 407ms	Fetch application/json	13.33.33.31 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onetag-geo.s-onetag.com/ Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.33.31 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-33-31.sin2.r.cloudfront.net Software / Resource Hash c2dff4d99eef4b35e8f498d841d785ec135749647ff00b3efd1a5d66f87e5241 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:53 GMT via 1.1 3227fb8d08d4021d78aad88753ced298.cloudfront.net (CloudFront), 1.1 371f05083da358616e0006a1f34fdb7e.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-C1, SIN2-P1 x-amzn-requestid 18034144-1d79-4cc7-b2cd-728e89d14d41 x-cache Miss from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=86400 x-amz-apigw-id aANZvHeVCYcF97g= content-length 535 x-amz-cf-id UFec3jR9223gohaLQvbYulU76aXsJDVpovhtsq0RaA7C6Ud5FT0qdg==
GET H2	200	embeddable_blip xotogel88.zendesk.com/ Frame F242	0 0	282ms 281ms	Fetch	104.16.51.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xotogel88.zendesk.com/embeddable_blip?type=userAction&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInVzZXJBY3Rpb24iOnsiY2F0ZWdvcnkiOiJjaGF0IiwiYWN0aW9uIjoiY2hhdFN0YXJ0ZWQiLCJsYWJlbCI6Im5ld0NoYXQiLCJ2YWx1ZSI6eyJkZXBhcnRtZW50TmFtZSI6bnVsbCwiZGVwYXJ0bWVudElkIjpudWxsfX0sImJ1aWQiOiIzYWJjNTNjYmI0OTc0MzdmOTA4YTFlZDE3YWJjYjcxOSIsInN1aWQiOiJjMzMyNGRhZjU2M2Y0YWVjOTEzYTcyZThiNDVmY2UxMyIsInZlcnNpb24iOiJkZTkzNGJhIiwidGltZXN0YW1wIjoiMjAyMi0xMC0xNFQxNjozMzo1Mi44NDJaIiwidXJsIjoiaHR0cDovLzEwNy4xODkuMjkuMTM0LyJ9 Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-8bd776911afeefa93f7a.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.51.111 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:53 GMT cf-cache-status MISS last-modified Fri, 14 Oct 2022 16:33:53 GMT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare x-zendesk-zorg yes vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrOn42iNvjam2N%2B4RfoprdGxis7aq%2BnVkhJARNH9taRqNIv5aGbnwlP9MD3rK7xZXHjYmpWlnaELtXtl4MqvApyczKGDxC1GClNula5ou8nCYL%2BX1nahYsnlgMr%2BV9KwG6LeTaRgWQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * accept-ranges bytes cf-ray 75a1b8219847558d-SYD content-length 0 x-request-id 9eae96d8ea995e685dbd57aa801b1052
GET H2	200	lt.min.js Show response tags.crwdcntrl.net/lt/c/3825/	51 KB 16 KB	639ms 231ms	Script text/javascript	54.192.150.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Requested by Host: e.dtscout.com URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F107.189.29.134%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.192.150.36 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-150-36.sin2.r.cloudfront.net Software AmazonS3 / Resource Hash fca354380eb0e64845aeafe51483741f9613dc02e12c9d320f8d767ef4a66708 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 05:09:44 GMT content-encoding gzip via 1.1 b854b2dbed0b7eb7e4e055e04c5ae48a.cloudfront.net (CloudFront) last-modified Mon, 03 Oct 2022 19:27:53 GMT server AmazonS3 x-amz-cf-pop SIN2-C1 age 41072 x-amz-server-side-encryption AES256 etag W/"8aa090b6c862733b7202647b1489d27d" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control max-age: 86400 x-amz-cf-id txWdloS1yjFhNG6p8RYVShnpjNOslrq5z-mdW8wcLEjLa4Npi23PLQ==
GET H/1.1	200 OK	/ Show response t.dtscdn.com/widget/	0 407 B	1219ms 312ms	Script application/javascript	45.55.120.93 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://t.dtscdn.com/widget/?d=10401665765231554CAF5A5E553A3691&nid=300&p=836148727&t=0&s=1600x1200x24&u=http%3A%2F%2F107.189.29.134%2F&r= Requested by Host: e.dtscout.com URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F107.189.29.134%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.55.120.93 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/javascript; charset=UTF-8 Date Fri, 14 Oct 2022 16:42:22 GMT X-T 2.35 Cache-Control no-cache x-server web15.ny1.dtscdn.com Transfer-Encoding chunked Expires Fri, 14 Oct 2022 16:42:21 GMT
GET H2	200	e Show response a.dtssrv.com/	21 B 578 B	843ms 437ms	XHR application/json	172.64.202.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.dtssrv.com/e?i=10401665765231554CAF5A5E553A3691 Requested by Host: e.dtscout.com URL: http://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=http%3A%2F%2F107.189.29.134%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.202.38 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e16f66fcd951951a8118c8d6e2a5dcb5643520afc2f7dc0fa2034d8e735d8da0 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma cache date Fri, 14 Oct 2022 16:33:53 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare access-control-max-age 86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNaBZ51O2rnd%2FNsyBM2zSTiaZKhoJdS6iLxcXbx9zIgKHwB3ktFA%2Fv%2FlKMxJOq9OX0W%2FiLwQA5BOAmfNifQ7%2F25S3QRnzjZOpTvl7SAJN5fiMacq0N%2FXTx2iewXf3nI%3D"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin http://107.189.29.134 cache-control s-maxage=0 access-control-allow-credentials true cf-ray 75a1b825593e4601-SIN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 14 Oct 2022 18:33:53 GMT
GET H2	200	33141 tags.bluekai.com/site/ Redirect Chain https://pixel.onaudience.com/?partner=137085098&mapped=10401665765231554CAF5A5E553A3691 https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m https://tags.bluekai.com/site/33141?&id=4e2a572df6d9032c	62 B 425 B	1276ms 620ms	Image image/gif	104.83.197.32 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/33141?&id=4e2a572df6d9032c Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol H2 Server 104.83.197.32 Singapore, Singapore, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-83-197-32.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" date Fri, 14 Oct 2022 16:33:55 GMT content-length 62 content-type image/gif Redirect headers location https://tags.bluekai.com/site/33141?&id=4e2a572df6d9032c content-length 0
GET H2	200	lotame-sync.html Show response cdn-tc.33across.com/ Frame E939	343 B 459 B	324ms 108ms	Document text/html	104.18.35.34 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-tc.33across.com/lotame-sync.html Requested by Host: de.tynt.com URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.35.34 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120 Request headers Referer http://107.189.29.134/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers age 243242 cache-control public, max-age=259200 cf-cache-status HIT cf-ray 75a1b82789c6a888-SYD content-encoding gzip content-type text/html date Fri, 14 Oct 2022 16:33:53 GMT etag W/"62d96946-157" expires Mon, 17 Oct 2022 16:33:53 GMT last-modified Thu, 21 Jul 2022 14:57:10 GMT server cloudflare vary Accept-Encoding
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=oUFZuWNJj3FPzbhPdRdWkA%3D%3D&us_privacy=&33random=1665765233420.1&cat=33across https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=oUFZuWNJj3FPzbhPdRdWkA%3D%3D&us_privacy=&33random=1665765233420.1&cat=33across https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MmR2amVCbl93SHVwNmJ3M0tUT0dpUVBDN0RjMnVIRGFsSDk2alNLQ2VrZDA&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&... https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MmR2amVCbl93SHVwNmJ3M0tUT0dpUVBDN0RjMnVIRGFsSDk2alNLQ2VrZDA&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=... https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEBoD6S2-KKDRbzPFJrAWlps&google_cver=1	70 B 440 B	200ms 199ms	Image image/gif	54.251.140.206 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEBoD6S2-KKDRbzPFJrAWlps&google_cver=1 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 54.251.140.206 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif Date Fri, 14 Oct 2022 16:33:55 GMT Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers pragma no-cache date Fri, 14 Oct 2022 16:33:55 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEBoD6S2-KKDRbzPFJrAWlps&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 419 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://ps.eyeota.net/pixel?pid=c9gd671&t=gif&uid=oUFZuWNJj3FPzbhPdRdWkA%3D%3D&us_privacy=&33random=1665765233420.3&cat=33across https://ps.eyeota.net/pixel/bounce/?pid=c9gd671&t=gif&uid=oUFZuWNJj3FPzbhPdRdWkA%3D%3D&us_privacy=&33random=1665765233420.3&cat=33across https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkViNElGSzdVU0x1YjhrZ2xkTnM5bC1aMTNJLWhzWU9aU1hNSDJXLWhwTGs&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&... https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MkViNElGSzdVU0x1YjhrZ2xkTnM5bC1aMTNJLWhzWU9aU1hNSDJXLWhwTGs&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=... https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEPju25utxU9_fFT_vHE8sRM&google_cver=1	70 B 440 B	199ms 199ms	Image image/gif	54.251.140.206 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEPju25utxU9_fFT_vHE8sRM&google_cver=1 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 54.251.140.206 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif Date Fri, 14 Oct 2022 16:33:55 GMT Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers pragma no-cache date Fri, 14 Oct 2022 16:33:55 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=1&dc_orig=c9gd671&referrer_pid=c9gd671&google_gid=CAESEPju25utxU9_fFT_vHE8sRM&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 419 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	t.dhj Show response t.sharethis.com/1/d/	2 KB 2 KB	1037ms 260ms	Script application/javascript	23.15.101.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6586342151754929&stid=ZGMAAmNJj3EAAAAIHDt5Aw%3D%3D Requested by Host: pd.sharethis.com URL: https://pd.sharethis.com/pd/dtscout Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.15.101.126 Singapore, Singapore, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-15-101-126.deploy.static.akamaitechnologies.com Software / Resource Hash ea971e470c6a154b788354fee66c88aaf5890b2311ab41bc16eaa11155f673dd Security Headers Name Value Strict-Transport-Security max-age=2628000 ; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:54 GMT Content-Encoding gzip X-Content-Type-Options nosniff Strict-Transport-Security max-age=2628000 ; includeSubDomains Content-Type application/javascript Cache-Control private, max-age=3600 Connection keep-alive X-Robots-Tag noindex, nofollow Content-Length 1363 Expires Fri, 14 Oct 2022 17:33:54 GMT
GET H/1.1	200 OK	dtscout pd.sharethis.com/pd/	42 B 265 B	387ms 387ms	Image image/gif	3.120.104.56 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pd.sharethis.com/pd/dtscout?_t_=px&url=http%3A%2F%2F107.189.29.134%2F&event_source=dtscout&rnd=0.6586342151754929&exptid=ZGMAAmNJj3EAAAAIHDt5Aw%3D%3D&fcmp=false Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.104.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-104-56.eu-central-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:53 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Connection keep-alive X-Robots-Tag noindex, nofollow Content-Length 42 Content-Type image/gif
GET H2	200	dataBeacons.min.js Show response data-beacons.s-onetag.com/	6 KB 2 KB	624ms 199ms	Script text/javascript	13.33.33.105 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://data-beacons.s-onetag.com/dataBeacons.min.js Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.33.105 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-33-105.sin2.r.cloudfront.net Software AmazonS3 / Resource Hash 78009d649db9f062dc6e568dd4f35e634440b36534d063f788f465af1f3397d9 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id qV9NCsYZSqBrcH4UHbD8Pmp65zU2fPAA content-encoding gzip via 1.1 69b39b6769984cf063fcfceb47941eb6.cloudfront.net (CloudFront) date Fri, 14 Oct 2022 16:10:30 GMT last-modified Thu, 25 Aug 2022 05:23:07 GMT server AmazonS3 x-amz-cf-pop SIN2-P1 age 1405 etag W/"c0cf56fa6d8f9665d6e8f16542e3ba9e" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control max-age=3600 x-amz-cf-id pHH-NNM_AjPOFzIq9x2tRbM5_Tb-4OMfXFFbQS__fSCM0GDOMI2j5Q==
GET H2	200	sync.min.js Show response tags.crwdcntrl.net/lt/c/16311/ Frame E939	29 KB 9 KB	215ms 215ms	Script text/javascript	54.192.150.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/16311/sync.min.js Requested by Host: cdn-tc.33across.com URL: https://cdn-tc.33across.com/lotame-sync.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.192.150.36 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-150-36.sin2.r.cloudfront.net Software AmazonS3 / Resource Hash 742451fdc2781b02e4d414c5cb363fe035e482856c13245e3c96c00872995d74 Request headers accept-language en-AU,en;q=0.9 Referer https://cdn-tc.33across.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 02:05:56 GMT content-encoding gzip via 1.1 b854b2dbed0b7eb7e4e055e04c5ae48a.cloudfront.net (CloudFront) last-modified Tue, 19 Jul 2022 18:06:21 GMT server AmazonS3 x-amz-cf-pop SIN2-C1 age 52079 x-amz-server-side-encryption AES256 etag W/"4a94b9a46316c2b68248813a2bc5fbd7" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control max-age: 86400 x-amz-cf-id r4F0sm-Y9MvavH8BXZf-k-Br6atdYCghCjuJzM5MZJitNamPfRw-mA==
POST H2	200	map Show response bcp.crwdcntrl.net/6/ Frame E939	156 B 615 B	652ms 244ms	XHR application/json	18.136.4.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/6/map Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.136.4.3 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-136-4-3.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash b2b5116cf6839e528342d2d32165d73cff52cfe52967de861fa3c14a84909d5b Request headers Referer https://cdn-tc.33across.com/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 14 Oct 2022 16:33:54 GMT server Jetty(9.4.38.v20210224) content-type application/json;charset=utf-8 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://cdn-tc.33across.com cache-control no-cache x-server 10.42.4.32 access-control-allow-credentials true content-length 156 expires 0
GET H/1.1	200 OK	v2 Show response ap.lijit.com/readerinfo/ Redirect Chain https://ap.lijit.com/readerinfo/v2 https://ap.lijit.com/readerinfo/v2?sovrn_retry=true	41 B 461 B	259ms 258ms	Fetch application/json	209.191.163.209 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Full URL https://ap.lijit.com/readerinfo/v2?sovrn_retry=true Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS Software / Resource Hash 8abd1fc9759ed8b4defd8d8d6fba6468f9734772d2fbbd2dd6b46a2034fa2fde Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:55 GMT Content-Encoding gzip Vary Accept-Encoding, User-Agent Access-Control-Allow-Methods GET, POST, DELETE, PUT Content-Type application/json Access-Control-Allow-Origin http://107.189.29.134 Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap3sfo1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 61 Redirect headers Date Fri, 14 Oct 2022 16:33:55 GMT Access-Control-Allow-Methods GET, POST, DELETE, PUT Location https://ap.lijit.com/readerinfo/v2?sovrn_retry=true Access-Control-Allow-Origin http://107.189.29.134 Access-Control-Allow-Credentials true Connection close X-Sovrn-Pod ad_ap3sfo1 Access-Control-Allow-Headers X-Requested-With, Content-Type
GET H/1.1	200 OK	t_.htm Show response t.sharethis.com/a/ Frame 07D9 Redirect Chain http://t.sharethis.com/a/t_.htm?ver=1.1065.23347&cid=c010&cls=C https://t.sharethis.com/a/t_.htm?ver=1.1065.23347&cid=c010&cls=C	2 KB 1 KB	257ms 256ms	Document text/html	23.15.101.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://t.sharethis.com/a/t_.htm?ver=1.1065.23347&cid=c010&cls=C Requested by Host: t.sharethis.com URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.6586342151754929&stid=ZGMAAmNJj3EAAAAIHDt5Aw%3D%3D Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.15.101.126 Singapore, Singapore, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-15-101-126.deploy.static.akamaitechnologies.com Software / Resource Hash ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0 Security Headers Name Value Strict-Transport-Security max-age=2628000 ; includeSubDomains Request headers Referer http://107.189.29.134/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers Cache-Control max-age=604800 Connection keep-alive Content-Encoding gzip Content-Length 1160 Content-Type text/html Date Fri, 14 Oct 2022 16:33:54 GMT Expires Fri, 21 Oct 2022 16:33:54 GMT Strict-Transport-Security max-age=2628000 ; includeSubDomains X-Robots-Tag noindex, nofollow Redirect headers Cross-Origin-Resource-Policy Cross-Origin Location https://t.sharethis.com/a/t_.htm?ver=1.1065.23347&cid=c010&cls=C#cid=c010&cls=C&rnd=0.6586342151754929&stid=ZGMAAmNJj3EAAAAIHDt5Aw%253D%253D&tt=t.dhj&dhjLcy=1665765234625&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1065.23347&ell=d&cck=__stid&dmn=107.189.29.134&pn=%2F&qs=na&rdn=107.189.29.134&rpn=%2F&rqs=na&cc=AU&cont=OC&ipaddr= Non-Authoritative-Reason HSTS
GET H2	200	web-widget-6722-de934ba.js Show response static.zdassets.com/web_widget/latest/classic/ Frame F242	53 KB 15 KB	111ms 110ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/classic/web-widget-6722-de934ba.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-de934ba.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 14fc5796e8e8cfe942719dc8d8ae6c6949a503ede9911b39789418b0dd22b116 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:54 GMT x-amz-version-id cNtPZ3Gv2Y8KiBhzgHiTWUc7qYWZlspw content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id V6Z3CK9WACSN28VY age 215287 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 Ie9lSnTu72Vr9BbYMjLd0Lp83rIBiIVbeZFW0xFKlR/iNWbXcx3WAyKjqIs9oY3a5lk5/7FE0Y8= last-modified Wed, 12 Oct 2022 04:22:34 GMT server cloudflare etag W/"1040e76228e0ab9931172fab787ca2f2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LVWITJsHj58KK7eQ2n2y48Bfpw0KWUddEu5BBmTNArRC7Ba0Y00RnOFW6kPTvJkO1RShLSR3KB3L6LzyvVMdpez8T1fNn%2BTJE81OSS8J7QuOe9uyIIiUgLmVif6%2Fpuv2RTHcIz4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 75a1b82e283ca974-SYD expires Thu, 12 Oct 2023 04:22:33 GMT
GET H2	200	embeds-de934ba.js Show response static.zdassets.com/web_widget/latest/classic/web-widget-lazy/ Frame F242	93 KB 22 KB	112ms 112ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/classic/web-widget-lazy/embeds-de934ba.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-de934ba.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 536fae77e7e3cd431379b62084899aa6c89f9b0fbf5df9eaf92246350a4c6112 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:54 GMT x-amz-version-id eD.Wnr09nilZH7MQ18wLSlh4wm32qda8 content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id B64C2X0BDKAC18J3 age 215288 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 oBrLGkXRp1zIjLeMeAP5YDeDCdcoLKzS4d8OtI9BcO8e6jbCsJn2KqgNAs673ZFbAGbZMO34Gb0= last-modified Wed, 12 Oct 2022 04:22:34 GMT server cloudflare etag W/"dc5d995007476e97c6b1eedbb0b92b15" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4QZ3bBqNeLdJSETOG7JftO%2FaH16X9NoMvUYZVTuCpOlBdriOXYHkQnCF1AAPBSHwSer8aPsyEDDlY0gzDfgP9%2Bdd3PXYpHDSSsgf9gKDmB2xPhvlUe4iLUqHt7nVbm4sIC9seg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 75a1b82e283da974-SYD expires Thu, 12 Oct 2023 04:22:32 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	194ms 193ms	Image image/gif	142.251.12.101 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j98&a=320038816&t=event&_s=3&dl=http%3A%2F%2F107.189.29.134%2F&ul=en-us&de=UTF-8&dt=Prediksi%20HK%20Jitu%20Malam%20Hari%20Ini&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Zendesk%20Web%20Widget&ea=Chat%20Opened&_u=aFBAAUABAAAAACAAI~&jid=&gjid=&cid=28606243.1665765230&tid=UA-159054847-17&_gid=1119233769.1665765230&gtm=2ouaa0&z=513024482 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.12.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f101.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 14 Oct 2022 10:00:25 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 23609 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	195ms 195ms	Image image/gif	142.251.12.101 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j98&a=320038816&t=event&_s=4&dl=http%3A%2F%2F107.189.29.134%2F&ul=en-us&de=UTF-8&dt=Prediksi%20HK%20Jitu%20Malam%20Hari%20Ini&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Zendesk%20Web%20Widget&ea=Chat%20Shown&_u=aFBAAUABAAAAACAAI~&jid=&gjid=&cid=28606243.1665765230&tid=UA-159054847-17&_gid=1119233769.1665765230&gtm=2ouaa0&z=1122884798 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.12.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f101.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 14 Oct 2022 10:00:25 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 23609 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	194ms 194ms	Image image/gif	142.251.12.101 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j98&a=320038816&t=event&_s=5&dl=http%3A%2F%2F107.189.29.134%2F&ul=en-us&de=UTF-8&dt=Prediksi%20HK%20Jitu%20Malam%20Hari%20Ini&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Zendesk%20Web%20Widget&ea=Web%20Widget%20Opened&_u=aFBAAUABAAAAACAAI~&jid=&gjid=&cid=28606243.1665765230&tid=UA-159054847-17&_gid=1119233769.1665765230&gtm=2ouaa0&z=112355339 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.12.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f101.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 14 Oct 2022 10:00:25 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 23609 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	t_.js Show response t.sharethis.com/1.1065.23347/a/AU/ Frame 2E37	20 KB 9 KB	280ms 279ms	Script text/javascript	23.15.101.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://t.sharethis.com/1.1065.23347/a/AU/t_.js?cid=c010&cls=C Requested by Host: t.sharethis.com URL: https://t.sharethis.com/a/t_.htm?ver=1.1065.23347&cid=c010&cls=C Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.15.101.126 Singapore, Singapore, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-15-101-126.deploy.static.akamaitechnologies.com Software / Resource Hash 57f461d70ea6aa694687fb33c4ee5987c2f4f45122ad378406920842dfad3d18 Security Headers Name Value Strict-Transport-Security max-age=2628000 ; includeSubDomains Request headers accept-language en-AU,en;q=0.9 Referer https://t.sharethis.com/a/t_.htm?ver=1.1065.23347&cid=c010&cls=C User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:55 GMT Content-Encoding gzip Strict-Transport-Security max-age=2628000 ; includeSubDomains Content-Type text/javascript Cache-Control max-age=604800 Connection keep-alive X-Robots-Tag noindex, nofollow Content-Length 8748 Expires Fri, 21 Oct 2022 16:33:55 GMT
GET H2	200	web-widget-6136-de934ba.js Show response static.zdassets.com/web_widget/latest/classic/ Frame F242	182 KB 45 KB	114ms 114ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/classic/web-widget-6136-de934ba.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-de934ba.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ba2a7cb2da4a93520a406a3367f4c23b317893261684377f6cf43f59db241bc Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:55 GMT x-amz-version-id AsnTrN4gbMRE7u_MjyfMuXQeUSZ8zHAx content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id 2V257XY55EMQDQ6K age 215287 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 LHMrtnVII9stiYRrEdMubWmv/LGvOXN7AkspMcEOqVPdGKM1a9wjJG1qCOLvX75cNv9zwrnVZrc= last-modified Wed, 12 Oct 2022 04:22:33 GMT server cloudflare etag W/"a6f61b6e11f1ddcf5e833483807230e5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlXjfFVyoKyrZ0djR3pLYRSac4tMqGNGX0VTzGS5f4NatI%2FRIFdPsd6DMLu%2Bm9emFj%2BkRP3K43AeJ4c%2BB00whqC05HNrxBUyKprA8pZyG%2Bi1C5UTqvLs7ev3M%2Bmvl42Ev%2FzyYwc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 75a1b82f18a2a974-SYD expires Thu, 12 Oct 2023 04:22:32 GMT
GET H2	200	web-widget-7566-de934ba.js Show response static.zdassets.com/web_widget/latest/classic/ Frame F242	122 KB 35 KB	120ms 119ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/classic/web-widget-7566-de934ba.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-de934ba.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f42f9b67cfbb7eb03a393145825a4afc2029942f447746bbe877ce277c2170fb Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:55 GMT x-amz-version-id SpZf0635IFHn5s0TRzna_fXVbULto8lw content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id 2V2F2FJCFXFRWG3P age 215287 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 OIOpAKCuVaZG8/ebUcCYLeUAKaOnKRoBYS583jZdia1it4wMS2XgKrRzxo1XmNmScUbEjFSqPXI= last-modified Wed, 12 Oct 2022 04:22:33 GMT server cloudflare etag W/"bd5b80e4e9d0a0ea00a329efd6272af7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTcRQa5SWg6WSzI1bYbEYsrizqGtC2%2FcqK5zHMHfV66jzIYAmPfW4RbAQERQ6Pm5u0e5kyzWHvPv8d8OHuE8lY2%2BBdK2Dfp6O5ueuUHAKWYLR1bxM10kfvomblw9QN7%2F0dydrr4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 75a1b82f18a3a974-SYD expires Thu, 12 Oct 2023 04:22:32 GMT
GET H2	200	web-widget-2178-de934ba.js Show response static.zdassets.com/web_widget/latest/classic/ Frame F242	36 KB 11 KB	110ms 110ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/classic/web-widget-2178-de934ba.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-de934ba.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e2574202ad7c585a98d34ef889f990d90ef0a9d88445e4bc02c910a82e0f56a Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:55 GMT x-amz-version-id HrYnCYD__mess29o1c7XlgJNra6jEjjf content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id 2V2C84H7T2NTA71J age 215287 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 fZYvWTwW60a3JmFspjL67xCAiwM0uNdiVJ4dmmTxwb4ZVJgxnUX2Y6CPPC0Q3X78/OQ0IkJGCQ8= last-modified Wed, 12 Oct 2022 04:22:33 GMT server cloudflare etag W/"21377ab302ded8888bb93998183deaad" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIil8oCqxViZShzuhj3sXrolQVPOwuLoab5ZOeMeUjuDokvz7KvkGm9rtVah1xeFgHS%2BdaNPgQlfkKWfgtIy2BR43NrKvGSjKEvST6pySHpwGNqZXeWAHphjF8NDBikKlcW9GB0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 75a1b82f18a4a974-SYD expires Thu, 12 Oct 2023 04:22:32 GMT
GET H2	200	web-widget-5641-de934ba.js Show response static.zdassets.com/web_widget/latest/classic/ Frame F242	26 KB 12 KB	110ms 110ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/classic/web-widget-5641-de934ba.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-de934ba.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 66cacea9ebc8a19c4fd7c129c25bad84d3852289640d28a3920f3f765a97efb7 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:55 GMT x-amz-version-id kV1cQFH340SFa59HFNR6mYnfBdWSgbxp content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id B9X4DVVMTH0TGEGM age 215286 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 Y6UL/BasnqppEAKDBaYhZkyom87Gj/SSu9mpay2Vo+qrQG/4xnioG6WdA/p16C/9y4qMor9P0CU= last-modified Wed, 12 Oct 2022 04:22:33 GMT server cloudflare etag W/"fd101171b1f8048af2e5ba4020b3e7dd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXptcNC%2FbcHKfyrwfKPLXChKVFIGnRrJNEonVFBPczcjY%2FUg9Ph9GpgBnJrL3f41osfmOH7RRl%2FBn3cZo8z0RfXeJcKtedtsQhqvadaq1zP2vbd4lYgHbAKMyai%2FcnCcDlA8VPA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 75a1b82f18a5a974-SYD expires Thu, 12 Oct 2023 04:22:32 GMT
GET H2	200	web-widget-8837-de934ba.js Show response static.zdassets.com/web_widget/latest/classic/ Frame F242	33 KB 9 KB	120ms 120ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/classic/web-widget-8837-de934ba.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-de934ba.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a881680be6205141f5e1e090027c7fe8ddb22110196a85dfca651875f91f276e Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:55 GMT x-amz-version-id oNbrGZ.fRjmtk3I7oWGwhf8DXyuYO3x8 content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id B9XF4F66SX98PPRS age 215286 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 UQ9DbPNURqKqZT9QSWP1xbk4Nto09NzqkBwxr21Xez1JwU4303g0GY1R9Yw3BmBxButsWRZ13zE= last-modified Wed, 12 Oct 2022 04:22:34 GMT server cloudflare etag W/"6c7bd67a03bafbc0f7d20444f7214365" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwI1F6eas21Jml0fM4c7P4bpKa7TdDhQIyU6%2Firdvw8DaU39DLcuLDnvDrbZSfoT7ndVayc1asahhMHozwjIFhZehmxeyssZB5KCHIvhineQu2%2Bw0NHYfpaq1MRDhR6ug%2B%2B77LI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 75a1b82f18a8a974-SYD expires Thu, 12 Oct 2023 04:22:33 GMT
GET H2	200	web-widget-9033-de934ba.js Show response static.zdassets.com/web_widget/latest/classic/ Frame F242	47 KB 13 KB	116ms 116ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/classic/web-widget-9033-de934ba.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-de934ba.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e416a3f466a8d0e3360263d9b7664491868531e1621e4d0930fc0911c175439f Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:55 GMT x-amz-version-id RNAOOsdmU4w2z8JVMXkJZpa2nVekV.5X content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id B9X1BB46ESHFV14C age 215286 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 KUBH5M5Tex4trgmuEAWzxG5SlwYLWSHyrCP4pDldgAxg1MineD7uDGjg9ZaChspUm9pf1Wrf+LY= last-modified Wed, 12 Oct 2022 04:22:34 GMT server cloudflare etag W/"861ff40ea00c5bece3cddd9a47e4be0f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBoMxY9TLHAf95UfomxwMNdkYNTgBk355Oa4Wx7kla8PjW4gP4Ja4ItULctOP%2Fghy0eNSt93Ws%2Fh1hjsVKqeM%2BE63l3nNVIKFTFPhLU1H77vL5VMSu%2BQDNoJ0w8vQQUV8WDHJ7g%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 75a1b82f18a9a974-SYD expires Thu, 12 Oct 2023 04:22:33 GMT
GET H2	200	chat-de934ba.js Show response static.zdassets.com/web_widget/latest/classic/web-widget-lazy/ Frame F242	230 KB 45 KB	121ms 121ms	Script application/javascript	104.18.70.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.zdassets.com/web_widget/latest/classic/web-widget-lazy/chat-de934ba.js Requested by Host: static.zdassets.com URL: https://static.zdassets.com/web_widget/latest/classic/web-widget-classic-de934ba.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.70.113 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1562a4fcbb718c278ace264e476a8f67d3f4a73fbbe9f9161399cc68bc9967e8 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:55 GMT x-amz-version-id tG4bhAQs6E_4MopRd1fORxrZchB3UiPS content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=0 x-amz-request-id B9X11E9702A4S2FF age 215286 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 BnKL2NmqfxKrwDkQO5hxNuwYMvAWpjSe8Suqhr56Erj/m/MdyfgHVllHqvno/D2xRy2+g5Ed+mQ= last-modified Wed, 12 Oct 2022 04:22:34 GMT server cloudflare etag W/"865397af4f5166a957f2f445aa67735d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMW5qI%2BPzmnFbTlNsxKm28ROfZEfgkNQc%2BDbtCaLWu0WLgTptafa08VPRPXh4Bg5ijRBLS80YR4Zkjqnqx%2BUT1F4EVftxdTSx2ZnKKT67%2Fo9M45DDBr74hJLk8Ily4Z%2BQ9rDbbg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 75a1b82f18aba974-SYD expires Thu, 12 Oct 2023 04:22:32 GMT
GET H2	200	uDKTIGeaIACQuKN5LsJpnPJEg7Im4czd-concierge v2assets.zopim.io/ Frame 7AF8	34 KB 34 KB	1599ms 1599ms	Image image/jpeg	104.18.204.90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://v2assets.zopim.io/uDKTIGeaIACQuKN5LsJpnPJEg7Im4czd-concierge?1593453786846 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.18.204.90 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02d37b60c729c42f883275540e011dda4223033ab23586eb3f3013dd94066232 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:56 GMT x-amz-version-id null cf-cache-status MISS x-amz-request-id REWF5SN4NFG2V7TP x-amz-server-side-encryption AES256 content-length 34466 x-amz-id-2 alUCS/0aUOzFI+xi2e0o9hdXV1y702S0w/XdekaVAjAgQzNPYekoDKESdP2WdSalbZPjIfk8dsU= last-modified Mon, 29 Jun 2020 18:03:09 GMT server cloudflare etag "d320931da79d0d6e0a6cd974a8e7bc2a" vary Accept-Encoding content-type image/jpeg cache-control public, max-age=86400 accept-ranges bytes x-robots-tag none, noarchive cf-ray 75a1b830b9a56a4b-SYD expires Sat, 15 Oct 2022 16:33:56 GMT
GET H/1.1	200 OK	test_oracle Show response pd.sharethis.com/pd/ Frame B8BA	438 B 675 B	387ms 387ms	Script application/javascript	3.120.104.56 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pd.sharethis.com/pd/test_oracle Requested by Host: t.sharethis.com URL: https://t.sharethis.com/a/t_.htm?ver=1.1065.23347&cid=c010&cls=C Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.104.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-104-56.eu-central-1.compute.amazonaws.com Software / Resource Hash 19e0184f8f5cab7a7bee06d90cced7596cfc6bb894156dff7536701cb593b87a Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers accept-language en-AU,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:55 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Connection keep-alive X-Robots-Tag noindex, nofollow Content-Length 438 Content-Type application/javascript
GET H/1.1	200 OK	ttd sync.sharethis.com/ Frame 2E37 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= https://sync.sharethis.com/ttd?uid=acf2fea3-68e2-43d3-ba79-520f10ef9b00&gdpr=0&gdpr_consent=	42 B 297 B	1546ms 392ms	Image image/gif	18.196.212.55 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.sharethis.com/ttd?uid=acf2fea3-68e2-43d3-ba79-520f10ef9b00&gdpr=0&gdpr_consent= Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 18.196.212.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-212-55.eu-central-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers accept-language en-AU,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:57 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Connection keep-alive Stid ZGMAAmNJj3EAAAAIHDt5Aw== X-Robots-Tag noindex, nofollow Content-Length 42 Content-Type image/gif Redirect headers pragma no-cache date Fri, 14 Oct 2022 16:33:55 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://sync.sharethis.com/ttd?uid=acf2fea3-68e2-43d3-ba79-520f10ef9b00&gdpr=0&gdpr_consent= content-type text/html cache-control private,no-cache, must-revalidate content-length 215
GET H/1.1	200 OK	nlsn sync.sharethis.com/ Frame 2E37 Redirect Chain https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent= https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=&xl8blockcheck=1 https://sync.sharethis.com/nlsn?uid=f2692dbf6972a1e5d40e1886122f30a6	42 B 297 B	1036ms 384ms	Image image/gif	18.196.212.55 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.sharethis.com/nlsn?uid=f2692dbf6972a1e5d40e1886122f30a6 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 18.196.212.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-212-55.eu-central-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers accept-language en-AU,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:57 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Connection keep-alive Stid ZGMAAmNJj3EAAAAIHDt5Aw== X-Robots-Tag noindex, nofollow Content-Length 42 Content-Type image/gif Redirect headers date Fri, 14 Oct 2022 16:33:56 GMT server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA location https://sync.sharethis.com/nlsn?uid=f2692dbf6972a1e5d40e1886122f30a6 content-type image/gif cache-control no-cache access-control-allow-credentials true content-length 0
GET H/1.1	200 OK	eyeota sync.sharethis.com/ Frame 2E37 Redirect Chain https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= https://sync.sharethis.com/eyeota?uid=2OhMasIx5fdWkicOI6J7cA2pVAh8_PZq-nCwesNhslqI&gdpr=0&gdpr_consent=	42 B 297 B	1543ms 382ms	Image image/gif	18.196.212.55 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.sharethis.com/eyeota?uid=2OhMasIx5fdWkicOI6J7cA2pVAh8_PZq-nCwesNhslqI&gdpr=0&gdpr_consent= Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 18.196.212.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-212-55.eu-central-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers accept-language en-AU,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:56 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Connection keep-alive Stid ZGMAAmNJj3EAAAAIHDt5Aw== X-Robots-Tag noindex, nofollow Content-Length 42 Content-Type image/gif Redirect headers Location https://sync.sharethis.com/eyeota?uid=2OhMasIx5fdWkicOI6J7cA2pVAh8_PZq-nCwesNhslqI&gdpr=0&gdpr_consent= Date Fri, 14 Oct 2022 16:33:55 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
GET H3	200	csync.ashx ml314.com/ Frame 2E37 Redirect Chain https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGMAAmNJj3EAAAAIHDt5Aw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D https://idsync.rlcdn.com/395886.gif?partner_uid=3630750290947342342 https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzYzMDc1MDI5MDk0NzM0MjM0MhAAGg0I9J6mmgYSBQjoBxAAQgBKAA https://ml314.com/csync.ashx?fp=a282d1d39606363341176474a5f758a4cef4857000d74ae68ad8421eef920ec4f4cb09cee1a4f8eb&person_id=3630750290947342342&eid=50082	43 B 60 B	317ms 113ms	Image image/gif	34.111.234.236 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://ml314.com/csync.ashx?fp=a282d1d39606363341176474a5f758a4cef4857000d74ae68ad8421eef920ec4f4cb09cee1a4f8eb&person_id=3630750290947342342&eid=50082 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol H3 Server 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 236.234.111.34.bc.googleusercontent.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-AU,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 14 Oct 2022 16:33:56 GMT via 1.1 google server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET content-type image/gif cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Sat, 15 Oct 2022 12:33:56 GMT Redirect headers date Fri, 14 Oct 2022 16:33:56 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://ml314.com/csync.ashx?fp=a282d1d39606363341176474a5f758a4cef4857000d74ae68ad8421eef920ec4f4cb09cee1a4f8eb&person_id=3630750290947342342&eid=50082 cache-control no-cache, no-store timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H/1.1	200 OK	oracle sync.sharethis.com/ Frame 2E37 Redirect Chain https://tags.bluekai.com/site/59574?id=ZGMAAmNJj3EAAAAIHDt5Aw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957	42 B 297 B	1378ms 383ms	Image image/gif	18.196.212.55 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 18.196.212.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-212-55.eu-central-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers accept-language en-AU,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:57 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Connection keep-alive Stid ZGMAAmNJj3EAAAAIHDt5Aw== X-Robots-Tag noindex, nofollow Content-Length 42 Content-Type image/gif Redirect headers location https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957 date Fri, 14 Oct 2022 16:33:55 GMT content-length 0 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
GET H/1.1	502 Bad Gateway	59074 i6.liadm.com/s/ Redirect Chain https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=FewBDSZHwjUIXLmbQQKpY7h0&rnd=98667 https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=FewBDSZHwjUIXLmbQQKpY7h0&rnd=98667&_li_chk=true&previous_uuid=0523b34b4a1d4e2eb243377b4a48e690 https://i6.liadm.com/s/59074?bidder_id=204553&rnd=98667&bidder_uuid=FewBDSZHwjUIXLmbQQKpY7h0	0 0	925ms 309ms	Image text/html	52.54.149.65 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://i6.liadm.com/s/59074?bidder_id=204553&rnd=98667&bidder_uuid=FewBDSZHwjUIXLmbQQKpY7h0 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 52.54.149.65 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-54-149-65.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Redirect headers Location https://i6.liadm.com/s/59074?bidder_id=204553&rnd=98667&bidder_uuid=FewBDSZHwjUIXLmbQQKpY7h0 Date Fri, 14 Oct 2022 16:33:56 GMT Strict-Transport-Security max-age=31536000; includeSubDomains Connection keep-alive Content-Length 0 Request-Time 8
GET H/1.1	200 OK	merge ce.lijit.com/ Redirect Chain https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=FewBDSZHwjUIXLmbQQKpY7h0&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_ra... https://p.adsymptotic.com/d/px/?_pid=15697&_psign=0a885fb568701ac53478d88866a10345&_pu&_puuid=FewBDSZHwjUIXLmbQQKpY7h0&_redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5014%263pid%3D${UUID}&_ra... https://ce.lijit.com/merge?pid=5014&3pid=56468504a6eb46275e40143d79e7f9a7	43 B 682 B	757ms 260ms	Image image/gif	209.191.163.210 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=5014&3pid=56468504a6eb46275e40143d79e7f9a7 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 209.191.163.210 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 14 Oct 2022 16:33:56 GMT P3P CP="CUR ADM OUR NOR STA NID" Content-Type image/gif Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap4sfo1 Content-Length 43 Expires Fri, 20 Mar 2009 00:00:00 GMT Redirect headers location https://ce.lijit.com/merge?pid=5014&3pid=56468504a6eb46275e40143d79e7f9a7 date Fri, 14 Oct 2022 16:33:56 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 75a1b8362bf1a82c-SYD content-length 0 p3p CP='NON DSP COR CONi OUR BUS CNT'
GET H/1.1	200 OK	merge ce.lijit.com/ Redirect Chain https://um.simpli.fi/lj_match?r=99546 https://ce.lijit.com/merge?pid=2&3pid=36191B24892D488F8F7562445527E23E	43 B 679 B	793ms 278ms	Image image/gif	209.191.163.210 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=2&3pid=36191B24892D488F8F7562445527E23E Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 209.191.163.210 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 14 Oct 2022 16:33:56 GMT P3P CP="CUR ADM OUR NOR STA NID" Content-Type image/gif Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap4sfo1 Content-Length 43 Expires Fri, 20 Mar 2009 00:00:00 GMT Redirect headers date Fri, 14 Oct 2022 16:33:56 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://ce.lijit.com/merge?pid=2&3pid=36191B24892D488F8F7562445527E23E access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Thu, 13 Oct 2022 16:33:56 GMT
GET		57333 i6.liadm.com/s/ Redirect Chain https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=FewBDSZHwjUIXLmbQQKpY7h0&rnd=61561 https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=FewBDSZHwjUIXLmbQQKpY7h0&rnd=61561&_li_chk=true&previous_uuid=6c30cb717ac44f72ab615393b9064873 https://i6.liadm.com/s/57333?bidder_id=204553&rnd=61561&bidder_uuid=FewBDSZHwjUIXLmbQQKpY7h0	0 0
GET H2	200	Portal.html Show response get.s-onetag.com/underground-sync-portal/ Frame C808	85 B 479 B	198ms 197ms	Document text/html	13.33.33.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.s-onetag.com/underground-sync-portal/Portal.html Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.33.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-33-16.sin2.r.cloudfront.net Software AmazonS3 / Resource Hash c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f Request headers Referer http://107.189.29.134/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers accept-ranges bytes age 417134 cache-control max-age=864000 content-length 85 content-type text/html date Sun, 09 Oct 2022 20:41:42 GMT etag "131a68f1a3ad405d816af56e04b93481" last-modified Mon, 24 Aug 2020 10:07:31 GMT server AmazonS3 vary Accept-Encoding via 1.1 54d4d00f5a92073c1a23e29f92000462.cloudfront.net (CloudFront) x-amz-cf-id Datsu4dcq2fOMF0JwRxT13sne7xJXqEPB-R0liApMVahuOVIe6bUfg== x-amz-cf-pop SIN2-P1 x-amz-version-id DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu x-cache Hit from cloudfront
GET H2	200	Portal.js Show response get.s-onetag.com/underground-sync-portal/ Frame C808	766 B 1 KB	198ms 196ms	Script text/javascript	13.33.33.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.s-onetag.com/underground-sync-portal/Portal.js Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/underground-sync-portal/Portal.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.33.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-33-16.sin2.r.cloudfront.net Software AmazonS3 / Resource Hash b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f Request headers accept-language en-AU,en;q=0.9 Referer https://get.s-onetag.com/underground-sync-portal/Portal.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 09 Oct 2022 15:22:21 GMT x-amz-version-id 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5 via 1.1 54d4d00f5a92073c1a23e29f92000462.cloudfront.net (CloudFront) last-modified Mon, 24 Aug 2020 10:07:19 GMT server AmazonS3 x-amz-cf-pop SIN2-P1 age 436295 etag "145e495d0d92a3c8fd975bfe5485b72c" x-cache Hit from cloudfront content-type text/javascript cache-control max-age=864000 accept-ranges bytes content-length 766 x-amz-cf-id lu66fCzjJCIt8UHE07yPXgLlUEDWK_QHB_Z2-cSjRpnNKds7DgeNQw==
GET H2	200	bk-coretag.js Show response tags.bkrtx.com/js/ Frame B8BA	51 KB 16 KB	1226ms 404ms	Script application/javascript	23.44.17.12 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://tags.bkrtx.com/js/bk-coretag.js Requested by Host: pd.sharethis.com URL: https://pd.sharethis.com/pd/test_oracle Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.44.17.12 Jakarta, Indonesia, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-44-17-12.deploy.static.akamaitechnologies.com Software nginx/1.15.8 / Resource Hash 88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language en-AU,en;q=0.9 Referer https://t.sharethis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding gzip date Fri, 14 Oct 2022 16:33:56 GMT last-modified Fri, 21 May 2021 19:14:21 GMT server nginx/1.15.8 etag W/"60a8068d-cbc2" vary Accept-Encoding content-type application/javascript cache-control max-age=604800 content-length 16078 expires Fri, 21 Oct 2022 16:33:56 GMT
GET H/1.1	200 OK	merge ce.lijit.com/ Redirect Chain https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=FewBDSZHwjUIXLmbQQKpY7h0/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} https://ce.lijit.com/merge?pid=5001&3pid=82d4ce5ec5571d8ac943ec68556a4752	43 B 682 B	779ms 261ms	Image image/gif	209.191.163.210 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=5001&3pid=82d4ce5ec5571d8ac943ec68556a4752 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 209.191.163.210 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 14 Oct 2022 16:33:56 GMT P3P CP="CUR ADM OUR NOR STA NID" Content-Type image/gif Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 X-Sovrn-Pod ad_ap4sfo1 Content-Length 43 Expires Fri, 20 Mar 2009 00:00:00 GMT Redirect headers pragma no-cache date Fri, 14 Oct 2022 16:33:55 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://ce.lijit.com/merge?pid=5001&3pid=82d4ce5ec5571d8ac943ec68556a4752 cache-control no-cache x-server 10.42.12.119 content-length 0 expires 0
GET H/1.1	200 OK	pixel Show response ps.eyeota.net/	845 B 1 KB	310ms 199ms	Script application/javascript	54.251.140.206 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0 Requested by Host: data-beacons.s-onetag.com URL: https://data-beacons.s-onetag.com/dataBeacons.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.251.140.206 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com Software / Resource Hash a3b1d3862cd284e1a2803825699e0c84c69c757d9717441b75572fb3fda5617d Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/javascript Date Fri, 14 Oct 2022 16:33:56 GMT Content-Length 845 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
GET H/1.1	200 OK	sovrn_standalone_beacon.js Show response ap.lijit.com/www/sovrn_beacon_standalone/	6 KB 3 KB	261ms 260ms	Script text/javascript	209.191.163.209 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Full URL https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js Requested by Host: data-beacons.s-onetag.com URL: https://data-beacons.s-onetag.com/dataBeacons.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS Software nginx / Resource Hash 7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 14 Oct 2022 16:33:55 GMT Content-Encoding gzip Last-Modified Tue, 07 Apr 2020 20:06:40 GMT Server nginx ETag W/"5e8cdd50-17e9" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/javascript Access-Control-Allow-Methods GET Cache-Control max-age=604800, must-revalidate Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap3sfo1 X-Robots-Tag noindex Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type Expires Fri, 21 Oct 2022 16:33:55 GMT
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= https://ps.eyeota.net/match?uid=acf2fea3-68e2-43d3-ba79-520f10ef9b00&bid=1e2n4ou	70 B 440 B	205ms 204ms	Image image/gif	54.251.140.206 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=acf2fea3-68e2-43d3-ba79-520f10ef9b00&bid=1e2n4ou Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 54.251.140.206 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif Date Fri, 14 Oct 2022 16:33:56 GMT Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers pragma no-cache date Fri, 14 Oct 2022 16:33:56 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://ps.eyeota.net/match?uid=acf2fea3-68e2-43d3-ba79-520f10ef9b00&bid=1e2n4ou content-type text/html cache-control private,no-cache, must-revalidate content-length 191
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&referrer_pid=51md42u https://d8741087004620656899-t4256678847733387263.id.amgdgt.com/r/telco/tuid/4256678847733387263/duid/8741087004620656899/url/https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D1mpjpn0%26turn_id%3D4256678... https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=4256678847733387263&newuser=1&referrer_pid=51md42u	70 B 440 B	203ms 203ms	Image image/gif	54.251.140.206 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=4256678847733387263&newuser=1&referrer_pid=51md42u Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 54.251.140.206 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif Date Fri, 14 Oct 2022 16:33:58 GMT Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=4256678847733387263&newuser=1&referrer_pid=51md42u Pragma no-cache Date Fri, 14 Oct 2022 16:33:57 GMT Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Strict-Transport-Security max-age=15768000 Content-Length 0 P3P policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u&_test=Y0mPdAAAR0sfIQAr https://ps.eyeota.net/match?uid=Y0mPdAAAR0sfIQAr&bid=0rijhbu&referrer_pid=51md42u&_test=Y0mPdAAAR0sfIQAr	70 B 440 B	201ms 201ms	Image image/gif	54.251.140.206 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=Y0mPdAAAR0sfIQAr&bid=0rijhbu&referrer_pid=51md42u&_test=Y0mPdAAAR0sfIQAr Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 54.251.140.206 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif Date Fri, 14 Oct 2022 16:33:57 GMT Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers x-served-by cache-syd10133-SYD pragma no-cache date Fri, 14 Oct 2022 16:33:56 GMT via 1.1 varnish server Varnish x-timer S1665765237.950235,VS0,VE0 x-cache HIT location https://ps.eyeota.net/match?uid=Y0mPdAAAR0sfIQAr&bid=0rijhbu&referrer_pid=51md42u&_test=Y0mPdAAAR0sfIQAr cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fps.eyeota.net%252Fmatch%253Fuid%253D%2524UID%2526bid%253D2cr76e1%2526referrer_pid%253D51md42u https://ps.eyeota.net/match?uid=2042877780176219891&bid=2cr76e1&referrer_pid=51md42u	70 B 440 B	199ms 198ms	Image image/gif	54.251.140.206 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=2042877780176219891&bid=2cr76e1&referrer_pid=51md42u Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 54.251.140.206 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif Date Fri, 14 Oct 2022 16:33:57 GMT Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Pragma no-cache Date Fri, 14 Oct 2022 16:33:57 GMT AN-X-Request-Uuid 43c847c7-7a68-4a4c-9d4a-68b85de1c235 Server nginx/1.21.3 Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Location https://ps.eyeota.net/match?uid=2042877780176219891&bid=2cr76e1&referrer_pid=51md42u Connection keep-alive X-Proxy-Origin 173.245.209.117; 173.245.209.117; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	match ps.eyeota.net/ Redirect Chain https://dpm.demdex.net/ibs:dpid=30064&dpuuid=183d7585669-4f82000001085792&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26referrer_pid%3D51md42u https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=30064&dpuuid=183d7585669-4f82000001085792&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D6j5b2cv%26uid%3D%24%7BDD_UUID%7D%26referrer_pid%3D5... https://ps.eyeota.net/match?bid=6j5b2cv&uid=46027895164635226253313076383168302721&referrer_pid=51md42u	70 B 440 B	199ms 199ms	Image image/gif	54.251.140.206 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?bid=6j5b2cv&uid=46027895164635226253313076383168302721&referrer_pid=51md42u Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Server 54.251.140.206 Singapore, Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-251-140-206.ap-southeast-1.compute.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers accept-language en-AU,en;q=0.9 Referer http://107.189.29.134/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif Date Fri, 14 Oct 2022 16:33:57 GMT Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers DCS dcs-prod-usw2-2-v040-0f67b974c.edge-usw2.demdex.com 12 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID ZaKMtQACTEA= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://ps.eyeota.net/match?bid=6j5b2cv&uid=46027895164635226253313076383168302721&referrer_pid=51md42u Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	59574 Show response stags.bluekai.com/site/ Frame D79D	62 B 574 B	515ms 505ms	Document image/gif	104.83.197.32 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGMAAmNJj3EAAAAIHDt5Aw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1065.23347%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1065.23347%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=94324862 Requested by Host: tags.bkrtx.com URL: https://tags.bkrtx.com/js/bk-coretag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.83.197.32 Singapore, Singapore, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-83-197-32.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Referer https://t.sharethis.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers content-length 62 content-type image/gif date Fri, 14 Oct 2022 16:33:57 GMT p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
GET H/1.1	204 No Content	a.gif t.sharethis.com/d/ Frame 2E37	0 289 B	274ms 274ms	Image text/plain	23.15.101.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGMAAmNJj3EAAAAIHDt5Aw%253D%253D&tt=t.dhj&dhjLcy=1665765234625&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1065.23347&ell=d&cck=__stid&dmn=107.189.29.134&pn=%2F&qs=na&rdn=107.189.29.134&rpn=%2F&rqs=na&cc=AU&cont=OC&evid=5pFWXPYA6IsmIh6PNW72&urls=!1!1979!b-13j,!1!2147!b-13h,!1!1768!b-14s,!1!0!b-14t,!1!1613!b-150,!1!1991!b-16f&rnd=1665765238334&cid=c010&version=1.1065.23347&cc=AU&cont=OC&cls=C&repeat=0&htmLcy=411 Requested by Host: 107.189.29.134 URL: http://107.189.29.134/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.15.101.126 Singapore, Singapore, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-15-101-126.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=2628000 ; includeSubDomains Request headers accept-language en-AU,en;q=0.9 Referer https://t.sharethis.com/a/t_.htm?ver=1.1065.23347&cid=c010&cls=C User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 14 Oct 2022 16:33:58 GMT Cache-Control max-age=0, no-cache, no-store Strict-Transport-Security max-age=2628000 ; includeSubDomains Connection keep-alive X-Robots-Tag noindex, nofollow Expires Fri, 14 Oct 2022 16:33:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

i6.liadm.com

URL

https://i6.liadm.com/s/57333?bidder_id=204553&rnd=61561&bidder_uuid=FewBDSZHwjUIXLmbQQKpY7h0