sky.pasukanantidepo.shop Open in urlscan Pro
2606:4700:3034::ac43:9ed3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sky.pasukanantidepo.shop/
Submission: On January 21 via api (January 21st 2024, 12:04:29 am UTC) from US — Scanned from US

Summary HTTP 1765 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 81 IPs in 8 countries across 105 domains to perform 1765 HTTP transactions. The main IP is 2606:4700:3034::ac43:9ed3, located in United States and belongs to CLOUDFLARENET, US. The main domain is sky.pasukanantidepo.shop.
TLS certificate: Issued by E1 on December 1st 2023. Valid for: 3 months.

This is the only time sky.pasukanantidepo.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3034::ac43:9ed3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 13	2606:4700:303... 2606:4700:3031::ac43:b058	13335 (CLOUDFLAR...) (CLOUDFLARENET)
138	192.0.72.23 192.0.72.23	2635 (AUTOMATTIC) (AUTOMATTIC)
22	149.56.240.127 149.56.240.127	16276 (OVH) (OVH)
3	2607:f8b0:400... 2607:f8b0:4006:807::2001	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3032::ac43:d74f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 10	2606:4700:303... 2606:4700:3037::ac43:b044	13335 (CLOUDFLAR...) (CLOUDFLARENET)
78	2606:4700:10:... 2606:4700:10::6814:5063	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:303... 2606:4700:3033::6815:51c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
39	149.56.240.128 149.56.240.128	16276 (OVH) (OVH)
77	2606:4700:21:... 2606:4700:21::8d65:780b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
106	18.238.55.108 18.238.55.108	16509 (AMAZON-02) (AMAZON-02)
31	18.224.111.247 18.224.111.247	16509 (AMAZON-02) (AMAZON-02)
1	172.64.153.173 172.64.153.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	18.173.132.31 18.173.132.31	16509 (AMAZON-02) (AMAZON-02)
2	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
60	23.44.203.90 23.44.203.90	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:4006:80f::200a	15169 (GOOGLE) (GOOGLE)
12	2606:4700:303... 2606:4700:3035::6815:5055	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	108.138.128.46 108.138.128.46	16509 (AMAZON-02) (AMAZON-02)
38	2606:4700:20:... 2606:4700:20::681a:d3c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10 13	141.94.171.216 141.94.171.216	16276 (OVH) (OVH)
1 2	2606:4700:10:... 2606:4700:10::6816:3362	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 8	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
38	108.139.29.87 108.139.29.87	16509 (AMAZON-02) (AMAZON-02)
2 2	67.202.105.21 67.202.105.21	32748 (STEADFAST) (STEADFAST)
7 15	104.126.112.185 104.126.112.185	16625 (AKAMAI-AS) (AKAMAI-AS)
4 11	50.16.174.192 50.16.174.192	14618 (AMAZON-AES) (AMAZON-AES)
15 15	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 38	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	54.92.184.169 54.92.184.169	14618 (AMAZON-AES) (AMAZON-AES)
11 11	68.67.179.153 68.67.179.153	29990 (ASN-APPNEX) (ASN-APPNEX)
5 5	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.199.184.22 34.199.184.22	14618 (AMAZON-AES) (AMAZON-AES)
1	3.222.158.117 3.222.158.117	14618 (AMAZON-AES) (AMAZON-AES)
4 6	35.244.154.8 35.244.154.8	15169 (GOOGLE) (GOOGLE)
1	67.202.105.24 67.202.105.24	32748 (STEADFAST) (STEADFAST)
45	85.187.128.38 85.187.128.38	55293 (A2HOSTING) (A2HOSTING)
1 1	2606:4700:303... 2606:4700:3031::6815:6083	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.21.33.16 52.21.33.16	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
17	2606:4700:303... 2606:4700:3030::ac43:a16f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 40	63.251.86.51 63.251.86.51	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 4	18.116.4.103 18.116.4.103	16509 (AMAZON-02) (AMAZON-02)
1 4	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
1 3	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2.19.130.8 2.19.130.8	16625 (AKAMAI-AS) (AKAMAI-AS)
37	34.193.241.34 34.193.241.34	14618 (AMAZON-AES) (AMAZON-AES)
29	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
51	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
34	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	2607:f8b0:400... 2607:f8b0:4006:80b::2001	15169 (GOOGLE) (GOOGLE)
36	13.226.34.62 13.226.34.62	16509 (AMAZON-02) (AMAZON-02)
12	2606:4700:303... 2606:4700:3033::ac43:c223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
30 84	107.21.138.225 107.21.138.225	14618 (AMAZON-AES) (AMAZON-AES)
6 6	13.225.63.4 13.225.63.4	16509 (AMAZON-02) (AMAZON-02)
3 3	199.38.167.130 199.38.167.130	54312 (ROCKETFUEL) (ROCKETFUEL)
15 448	172.96.191.134 172.96.191.134	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
34 34	35.236.220.17 35.236.220.17	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
35	63.251.86.50 63.251.86.50	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
3 3	2620:112:f002... 2620:112:f002:bbbb::23	6336 (TURN-US-ASN) (TURN-US-ASN)
1	2600:1f18:ed:... 2600:1f18:ed:550a:ac77:9c63:d66e:ebeb	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:303... 2606:4700:3033::6815:e31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 33	34.234.61.205 34.234.61.205	14618 (AMAZON-AES) (AMAZON-AES)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
12 12	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
5 5	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
22 53	54.85.120.53 54.85.120.53	14618 (AMAZON-AES) (AMAZON-AES)
3	3.213.62.40 3.213.62.40	14618 (AMAZON-AES) (AMAZON-AES)
5 7	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1 1	2620:116:800b... 2620:116:800b:21:1456:d0e1:7db4:a56b	14618 (AMAZON-AES) (AMAZON-AES)
2 5	107.23.44.245 107.23.44.245	14618 (AMAZON-AES) (AMAZON-AES)
2 2	64.74.236.255 64.74.236.255	19024 (INTERNAP-...) (INTERNAP-BLK5)
1	216.200.232.253 216.200.232.253	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	2606:4700:303... 2606:4700:3036::ac43:a392	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	34.235.90.44 34.235.90.44	14618 (AMAZON-AES) (AMAZON-AES)
6 7	18.206.31.226 18.206.31.226	14618 (AMAZON-AES) (AMAZON-AES)
1 2	51.222.241.106 51.222.241.106	16276 (OVH) (OVH)
2 2	34.202.221.70 34.202.221.70	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
1 2	216.22.16.57 216.22.16.57	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2 2	185.167.164.39 185.167.164.39	198622 (ADFORM) (ADFORM)
2 2	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	104.17.218.204 104.17.218.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	64.58.232.176 64.58.232.176	13649 (ASN-FLEXE...) (ASN-FLEXENTIAL)
1	69.169.85.7 69.169.85.7	29838 (AMC) (AMC)
2 2	54.204.112.220 54.204.112.220	14618 (AMAZON-AES) (AMAZON-AES)
4 4	207.198.113.86 207.198.113.86	13768 (COGECO-PEER1) (COGECO-PEER1)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	13.225.214.84 13.225.214.84	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:1::... 2606:4700:1::6813:854c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	54.157.70.26 54.157.70.26	14618 (AMAZON-AES) (AMAZON-AES)
2 3	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
8 8	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1 1	18.238.55.69 18.238.55.69	16509 (AMAZON-02) (AMAZON-02)
1	13.226.34.16 13.226.34.16	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::300	54113 (FASTLY) (FASTLY)
1 1	3.229.214.218 3.229.214.218	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.210.53.219 35.210.53.219	15169 (GOOGLE) (GOOGLE)
2 5	50.16.197.56 50.16.197.56	14618 (AMAZON-AES) (AMAZON-AES)
1	40.71.11.141 40.71.11.141	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	3.209.115.69 3.209.115.69	14618 (AMAZON-AES) (AMAZON-AES)
3 3	54.172.238.66 54.172.238.66	14618 (AMAZON-AES) (AMAZON-AES)
2 3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	89.108.119.43 89.108.119.43	197695 (AS-REG) (AS-REG)
2 2	54.165.113.212 54.165.113.212	14618 (AMAZON-AES) (AMAZON-AES)
26	99.83.181.31 99.83.181.31	16509 (AMAZON-02) (AMAZON-02)
1 1	104.18.20.134 104.18.20.134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3036::ac43:84f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3036::6815:5f47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	54.164.227.162 54.164.227.162	14618 (AMAZON-AES) (AMAZON-AES)
2	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200a	15169 (GOOGLE) (GOOGLE)
1765	81

13 2606:4700:3034::ac43:9ed3 (United States)

ASN13335 (CLOUDFLARENET, US)

sky.pasukanantidepo.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3031::ac43:b058 (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

m2.treksantuy.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bolo.treksantuy.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

138 192.0.72.23 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

antoboomerblog.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 149.56.240.127 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534295.ip-149-56-240.net

s4is.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:807::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:d74f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

treksantuy.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3037::ac43:b044 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

widget.angkapaito.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wget.angkapaito.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

78 2606:4700:10::6814:5063 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3033::6815:51c (United States)

ASN13335 (CLOUDFLARENET, US)

king.laskar2d.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 149.56.240.128 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534296.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

77 2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

106 18.238.55.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-108.jfk52.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 18.224.111.247 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-224-111-247.us-east-2.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.153.173 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.173.132.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-31.jfk52.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.32 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 23.44.203.90 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-203-90.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::200a (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3035::6815:5055 (United States)

ASN13335 (CLOUDFLARENET, US)

bolo.treksantuy.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 108.138.128.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-46.jfk50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2606:4700:20::681a:d3c (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 141.94.171.216 (France) 10 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3362 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.32.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 108.139.29.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-87.jfk50.r.cloudfront.net

data-beacons.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.21 (Chicago, United States) 2 redirects

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net

dp2.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.126.112.185 (New York, United States) 7 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-185.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 50.16.174.192 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-174-192.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 35.71.131.137 (United States) 15 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.92.184.169 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-184-169.compute-1.amazonaws.com

map.go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 68.67.179.153 (North Bergen, United States) 11 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.111.113.62 (Kansas City, United States) 5 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.184.22 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-184-22.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.158.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-158-117.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.154.8 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.24 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net

dp1.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 85.187.128.38 (Singapore, Singapore)

ASN55293 (A2HOSTING, US)
PTR: sg1-tr1.supercp.com

markas-prediktor.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kaptenoleng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bungaprediction.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
w1.bungaprediction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:6083 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

treksantuy.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.33.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: us-ip-1.short.io

momen.tm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:3030::ac43:a16f (United States)

ASN13335 (CLOUDFLARENET, US)

rtx.dudasoleh.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 63.251.86.51 (United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.116.4.103 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-116-4-103.us-east-2.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.178.254.65 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.117.77.79 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.130.8 (Seattle, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-130-8.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 34.193.241.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-241-34.compute-1.amazonaws.com

track2.securedvisit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2607:f8b0:4006:80b::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 13.226.34.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-62.ewr53.r.cloudfront.net

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3033::ac43:c223 (United States)

ASN13335 (CLOUDFLARENET, US)

raja.hoki2d.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

84 107.21.138.225 (Ashburn, United States) 30 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-138-225.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.225.63.4 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-4.ewr53.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.38.167.130 (United States) 3 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

448 172.96.191.134 (Singapore, Singapore) 15 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
PTR: 172.96.191.134-static.reverse.arandomserver.com

zona-bermain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 35.236.220.17 (Washington, United States) 34 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 63.251.86.50 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:112:f002:bbbb::23 (United States) 3 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550a:ac77:9c63:d66e:ebeb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:e31 (United States)

ASN13335 (CLOUDFLARENET, US)

dtsedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 34.234.61.205 (Ashburn, United States) 7 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-61-205.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.200.65.202 (Ashburn, United States) 12 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.2.49 (United States) 5 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtd-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 54.85.120.53 (Ashburn, United States) 22 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-120-53.compute-1.amazonaws.com

thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nlsn.thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.213.62.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-62-40.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.211.178.172 (North Charleston, United States) 5 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:1456:d0e1:7db4:a56b (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 107.23.44.245 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-44-245.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.255 (United States) 2 redirects

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.253 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:a392 (United States)

ASN13335 (CLOUDFLARENET, US)

a.dtssrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.235.90.44 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-90-44.compute-1.amazonaws.com

mid.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.206.31.226 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-31-226.compute-1.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.222.241.106 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: haproxy-ca-012.roqad.pl

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wt.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.202.221.70 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-221-70.compute-1.amazonaws.com

obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
thrtl.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.128.147 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.22.16.57 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.39 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.81 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.218.204 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.232.176 (United States) 1 redirects

ASN13649 (ASN-FLEXENTIAL, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.169.85.7 (Commack, United States)

ASN29838 (AMC, US)

ib.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.204.112.220 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-112-220.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 207.198.113.86 (Herndon, United States) 4 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.214.84 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-84.ewr50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:1::6813:854c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.157.70.26 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-70-26.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 141.95.98.65 (France) 8 redirects

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.55.69 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-69.jfk52.r.cloudfront.net

synchroscript.deliveryengine.adswizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.34.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-16.ewr53.r.cloudfront.net

audex.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.229.214.218 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-214-218.compute-1.amazonaws.com

pixel.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 50.16.197.56 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.71.11.141 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.cintnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.209.115.69 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-115-69.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.172.238.66 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-238-66.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.43 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.165.113.212 (United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-113-212.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 99.83.181.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com

connect-metrics-collector.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.20.134 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

idsync.reson8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::ac43:84f6 (United States)

ASN13335 (CLOUDFLARENET, US)

rankcrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6815:5f47 (United States)

ASN13335 (CLOUDFLARENET, US)

opesia.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.164.227.162 (United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-227-162.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200a (Colchester, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
448	zona-bermain.com 15 redirects zona-bermain.com	7 MB
180	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 5021 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6723 data-beacons.s-onetag.com — Cisco Umbrella Rank: 14306 connect-metrics-collector.s-onetag.com — Cisco Umbrella Rank: 5129	546 KB
139	histats.com s4is.histats.com — Cisco Umbrella Rank: 634486 s10.histats.com — Cisco Umbrella Rank: 14576 s4.histats.com — Cisco Umbrella Rank: 14129	523 KB
138	wordpress.com antoboomerblog.files.wordpress.com	88 MB
95	sharethis.com 1 redirects pd.sharethis.com — Cisco Umbrella Rank: 12612 t.sharethis.com — Cisco Umbrella Rank: 5730 sync.sharethis.com — Cisco Umbrella Rank: 2756	226 KB
85	liadm.com 30 redirects i.liadm.com — Cisco Umbrella Rank: 550 i6.liadm.com — Cisco Umbrella Rank: 2884	59 KB
77	dtscout.com e.dtscout.com — Cisco Umbrella Rank: 16248 t.dtscout.com — Cisco Umbrella Rank: 13665	125 KB
75	lijit.com 1 redirects ap.lijit.com — Cisco Umbrella Rank: 671 ce.lijit.com — Cisco Umbrella Rank: 859	64 KB
53	thrtle.com 22 redirects thrtle.com — Cisco Umbrella Rank: 1397 nlsn.thrtle.com — Cisco Umbrella Rank: 20005	27 KB
51	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	850 KB
42	crwdcntrl.net 7 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 bcp.crwdcntrl.net — Cisco Umbrella Rank: 898 sync.crwdcntrl.net — Cisco Umbrella Rank: 853	114 KB
38	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 349	6 KB
38	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 14516	17 KB
37	securedvisit.com track2.securedvisit.com — Cisco Umbrella Rank: 4440	6 KB
36	intentiq.com api.intentiq.com — Cisco Umbrella Rank: 1555
34	simpli.fi 34 redirects um.simpli.fi — Cisco Umbrella Rank: 856	14 KB
34	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1019	1 MB
29	w.org s.w.org — Cisco Umbrella Rank: 3198	15 KB
28	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12324	42 MB
25	treksantuy.xyz 6 redirects m2.treksantuy.xyz bolo.treksantuy.xyz	150 KB
17	dudasoleh.lol rtx.dudasoleh.lol	133 KB
16	kaptenoleng.com kaptenoleng.com	39 KB
15	bungaprediction.top bungaprediction.top	49 KB
15	adsrvr.org 15 redirects match.adsrvr.org — Cisco Umbrella Rank: 357	6 KB
13	onaudience.com 10 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3060	5 KB
13	pasukanantidepo.shop sky.pasukanantidepo.shop	860 KB
12	yahoo.com 12 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1388 ups.analytics.yahoo.com — Cisco Umbrella Rank: 358	3 KB
12	hoki2d.xyz raja.hoki2d.xyz	122 KB
12	markas-prediktor.info markas-prediktor.info	127 KB
12	bluekai.com 6 redirects tags.bluekai.com — Cisco Umbrella Rank: 727 stags.bluekai.com — Cisco Umbrella Rank: 940	4 KB
12	laskar2d.xyz king.laskar2d.xyz	122 KB
11	adnxs.com 11 redirects secure.adnxs.com — Cisco Umbrella Rank: 490 ib.adnxs.com — Cisco Umbrella Rank: 253	10 KB
11	eyeota.net 4 redirects ps.eyeota.net — Cisco Umbrella Rank: 1074	6 KB
10	angkapaito.net 5 redirects widget.angkapaito.net wget.angkapaito.net	7 KB
8	id5-sync.com 8 redirects id5-sync.com — Cisco Umbrella Rank: 425	11 KB
8	doubleclick.net 6 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 260	2 KB
7	mediawallahscript.com 6 redirects partner.mediawallahscript.com — Cisco Umbrella Rank: 3161	5 KB
7	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 373	3 KB
6	rezync.com 6 redirects live.rezync.com — Cisco Umbrella Rank: 1645	5 KB
6	rlcdn.com 4 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 451	1 KB
5	exelator.com 2 redirects loadus.exelator.com — Cisco Umbrella Rank: 1531 loadm.exelator.com — Cisco Umbrella Rank: 1780	3 KB
5	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 239	3 KB
5	everesttech.net 5 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 716 rtd-tm.everesttech.net — Cisco Umbrella Rank: 3124	1 KB
5	tapad.com 5 redirects pixel.tapad.com — Cisco Umbrella Rank: 501	1 KB
4	sitescout.com 4 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 722	2 KB
4	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 790	1 KB
3	rankcrack.com rankcrack.com	4 KB
3	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 524	860 B
3	clickagy.com 3 redirects aorta.clickagy.com — Cisco Umbrella Rank: 1875	2 KB
3	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2267 pbid.pro-market.net — Cisco Umbrella Rank: 8214	1 KB
3	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1259	853 B
3	addthis.com 1 redirects x.dlx.addthis.com — Cisco Umbrella Rank: 1651	2 KB
3	turn.com 3 redirects d.turn.com — Cisco Umbrella Rank: 1381	1 KB
3	rfihub.com 3 redirects p.rfihub.com — Cisco Umbrella Rank: 841	4 KB
3	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1870	606 B
3	affec.tv 2 redirects map.go.affec.tv — Cisco Umbrella Rank: 7362	2 KB
3	33across.com 2 redirects dp2.33across.com — Cisco Umbrella Rank: 12127 dp1.33across.com — Cisco Umbrella Rank: 7249	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 ajax.googleapis.com — Cisco Umbrella Rank: 369	33 KB
3	tynt.com cdn.tynt.com — Cisco Umbrella Rank: 13409 ic.tynt.com — Cisco Umbrella Rank: 11236 de.tynt.com — Cisco Umbrella Rank: 1526	9 KB
3	blogspot.com 4.bp.blogspot.com — Cisco Umbrella Rank: 15285	8 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 760	154 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 875	1 KB
2	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 874 s.tribalfusion.com — Cisco Umbrella Rank: 2405	1012 B
2	opesia.vip opesia.vip — Cisco Umbrella Rank: 631355	3 KB
2	bungaprediction.com w1.bungaprediction.com	1 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 555	795 B
2	aidata.io 1 redirects x01.aidata.io — Cisco Umbrella Rank: 14168	940 B
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 5392	634 B
2	mgid.com 1 redirects cm.mgid.com — Cisco Umbrella Rank: 1347	737 B
2	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 544	1 KB
2	stackadapt.com 2 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 730	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 805	550 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 583	1 KB
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1369	1 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 326	2 KB
2	imrworldwide.com 2 redirects obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 4870 thrtl.redinuid.imrworldwide.com — Cisco Umbrella Rank: 19562	643 B
2	rqtrk.eu 1 redirects ws.rqtrk.eu — Cisco Umbrella Rank: 3537 wt.rqtrk.eu — Cisco Umbrella Rank: 1452	652 B
2	rkdms.com 2 redirects mid.rkdms.com — Cisco Umbrella Rank: 1924	862 B
2	dtssrv.com a.dtssrv.com — Cisco Umbrella Rank: 22509	723 B
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 626	1 KB
2	dtsedge.com dtsedge.com — Cisco Umbrella Rank: 53979	755 B
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1811 beacon.krxd.net — Cisco Umbrella Rank: 784	499 B
2	zeotap.com 1 redirects spl.zeotap.com — Cisco Umbrella Rank: 3325 mwzeom.zeotap.com — Cisco Umbrella Rank: 3434	898 B
1	reson8.com 1 redirects idsync.reson8.com — Cisco Umbrella Rank: 3332	389 B
1	postrelease.com 1 redirects jadserve.postrelease.com — Cisco Umbrella Rank: 1144	538 B
1	cintnetworks.com c.cintnetworks.com — Cisco Umbrella Rank: 9630	543 B
1	shareaholic.com 1 redirects pixel.shareaholic.com — Cisco Umbrella Rank: 26442	514 B
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 646	412 B
1	userreport.com audex.userreport.com — Cisco Umbrella Rank: 4929	433 B
1	adswizz.com 1 redirects synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2704	428 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 906	480 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 477	675 B
1	mookie1.com ib.mookie1.com — Cisco Umbrella Rank: 3035	981 B
1	ib-ibi.com 1 redirects global.ib-ibi.com — Cisco Umbrella Rank: 2008	513 B
1	truoptik.com 1 redirects dmp.truoptik.com — Cisco Umbrella Rank: 2794	548 B
1	mathtag.com sync.mathtag.com — Cisco Umbrella Rank: 1331	589 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 764	517 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	363 B
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 6188	16 KB
1	gstatic.com fonts.gstatic.com	51 KB
1	momen.tm momen.tm
1	treksantuy.asia 1 redirects treksantuy.asia	429 B
1	treksantuy.tech 1 redirects treksantuy.tech	466 B
0	thebrighttag.com Failed s.thebrighttag.com Failed
0	spotxchange.com Failed sync.search.spotxchange.com Failed
1765	105

	Domain	Requested by
448	zona-bermain.com	15 redirects markas-prediktor.info zona-bermain.com
138	antoboomerblog.files.wordpress.com	sky.pasukanantidepo.shop king.laskar2d.xyz bolo.treksantuy.xyz rtx.dudasoleh.lol raja.hoki2d.xyz
106	get.s-onetag.com	e.dtscout.com get.s-onetag.com
84	i.liadm.com	30 redirects markas-prediktor.info bcp.crwdcntrl.net zona-bermain.com
78	s10.histats.com	sky.pasukanantidepo.shop s10.histats.com king.laskar2d.xyz bolo.treksantuy.xyz rtx.dudasoleh.lol markas-prediktor.info raja.hoki2d.xyz zona-bermain.com kaptenoleng.com w1.bungaprediction.com
60	t.sharethis.com	pd.sharethis.com t.sharethis.com king.laskar2d.xyz bolo.treksantuy.xyz sky.pasukanantidepo.shop rtx.dudasoleh.lol markas-prediktor.info raja.hoki2d.xyz zona-bermain.com
52	thrtle.com	22 redirects sky.pasukanantidepo.shop bcp.crwdcntrl.net markas-prediktor.info zona-bermain.com data-beacons.s-onetag.com
51	cdn.jsdelivr.net	markas-prediktor.info zona-bermain.com
40	ap.lijit.com	1 redirects sky.pasukanantidepo.shop get.s-onetag.com data-beacons.s-onetag.com
39	t.dtscout.com	e.dtscout.com
39	s4.histats.com	s10.histats.com
38	px.ads.linkedin.com	1 redirects sky.pasukanantidepo.shop king.laskar2d.xyz bolo.treksantuy.xyz rtx.dudasoleh.lol markas-prediktor.info raja.hoki2d.xyz zona-bermain.com
38	data-beacons.s-onetag.com	get.s-onetag.com
38	t.dtscdn.com	e.dtscout.com
38	e.dtscout.com	s4.histats.com
37	track2.securedvisit.com	data-beacons.s-onetag.com
36	api.intentiq.com	data-beacons.s-onetag.com
35	ce.lijit.com	sky.pasukanantidepo.shop king.laskar2d.xyz bolo.treksantuy.xyz rtx.dudasoleh.lol markas-prediktor.info zona-bermain.com
34	um.simpli.fi	34 redirects
34	maxcdn.bootstrapcdn.com	markas-prediktor.info maxcdn.bootstrapcdn.com zona-bermain.com
31	pd.sharethis.com	e.dtscout.com sky.pasukanantidepo.shop t.sharethis.com king.laskar2d.xyz bolo.treksantuy.xyz rtx.dudasoleh.lol markas-prediktor.info raja.hoki2d.xyz zona-bermain.com kaptenoleng.com
29	s.w.org	bolo.treksantuy.xyz zona-bermain.com
28	blogger.googleusercontent.com	markas-prediktor.info
26	connect-metrics-collector.s-onetag.com	get.s-onetag.com
24	sync.crwdcntrl.net	4 redirects sky.pasukanantidepo.shop bcp.crwdcntrl.net
22	s4is.histats.com	sky.pasukanantidepo.shop king.laskar2d.xyz bolo.treksantuy.xyz rtx.dudasoleh.lol markas-prediktor.info raja.hoki2d.xyz zona-bermain.com
19	bolo.treksantuy.xyz	sky.pasukanantidepo.shop bolo.treksantuy.xyz king.laskar2d.xyz rtx.dudasoleh.lol raja.hoki2d.xyz
17	rtx.dudasoleh.lol	bolo.treksantuy.xyz rtx.dudasoleh.lol
16	kaptenoleng.com	zona-bermain.com
15	bungaprediction.top	kaptenoleng.com
15	match.adsrvr.org	15 redirects
13	pixel.onaudience.com	10 redirects rtx.dudasoleh.lol e.dtscout.com
13	sky.pasukanantidepo.shop	sky.pasukanantidepo.shop
12	raja.hoki2d.xyz	rtx.dudasoleh.lol raja.hoki2d.xyz
12	markas-prediktor.info	king.laskar2d.xyz markas-prediktor.info
12	king.laskar2d.xyz	sky.pasukanantidepo.shop king.laskar2d.xyz
11	ps.eyeota.net	4 redirects sky.pasukanantidepo.shop bolo.treksantuy.xyz data-beacons.s-onetag.com bcp.crwdcntrl.net
10	tags.bluekai.com	4 redirects de.tynt.com king.laskar2d.xyz tags.bkrtx.com sky.pasukanantidepo.shop bcp.crwdcntrl.net
10	onetag-geo.s-onetag.com	get.s-onetag.com
9	bcp.crwdcntrl.net	3 redirects raja.hoki2d.xyz tags.crwdcntrl.net bcp.crwdcntrl.net
9	tags.crwdcntrl.net	e.dtscout.com tags.crwdcntrl.net
8	id5-sync.com	8 redirects
8	cm.g.doubleclick.net	6 redirects bcp.crwdcntrl.net
7	partner.mediawallahscript.com	6 redirects bcp.crwdcntrl.net
7	x.bidswitch.net	5 redirects zona-bermain.com sky.pasukanantidepo.shop
6	ups.analytics.yahoo.com	6 redirects
6	cms.analytics.yahoo.com	6 redirects
6	live.rezync.com	6 redirects
6	idsync.rlcdn.com	4 redirects sky.pasukanantidepo.shop bcp.crwdcntrl.net
6	secure.adnxs.com	6 redirects
6	m2.treksantuy.xyz	6 redirects
5	dpm.demdex.net	2 redirects raja.hoki2d.xyz rtx.dudasoleh.lol bcp.crwdcntrl.net
5	ib.adnxs.com	5 redirects
5	pixel.tapad.com	5 redirects
5	wget.angkapaito.net	sky.pasukanantidepo.shop king.laskar2d.xyz bolo.treksantuy.xyz rtx.dudasoleh.lol raja.hoki2d.xyz
5	widget.angkapaito.net	5 redirects
4	pixel-sync.sitescout.com	4 redirects
4	sync-tm.everesttech.net	4 redirects
4	pippio.com	1 redirects sky.pasukanantidepo.shop king.laskar2d.xyz bolo.treksantuy.xyz
4	sync.sharethis.com	1 redirects sky.pasukanantidepo.shop
3	rankcrack.com	w1.bungaprediction.com rankcrack.com ajax.googleapis.com
3	us-u.openx.net	2 redirects bcp.crwdcntrl.net
3	aorta.clickagy.com	3 redirects
3	loadus.exelator.com	bcp.crwdcntrl.net zona-bermain.com
3	rtb.adentifi.com	king.laskar2d.xyz bolo.treksantuy.xyz sky.pasukanantidepo.shop
3	x.dlx.addthis.com	1 redirects king.laskar2d.xyz rtx.dudasoleh.lol
3	d.turn.com	3 redirects
3	p.rfihub.com	3 redirects
3	ml314.com	1 redirects sky.pasukanantidepo.shop bcp.crwdcntrl.net
3	map.go.affec.tv	2 redirects sky.pasukanantidepo.shop
3	4.bp.blogspot.com	sky.pasukanantidepo.shop rtx.dudasoleh.lol raja.hoki2d.xyz
2	code.jquery.com	opesia.vip code.jquery.com
2	pm.w55c.net	2 redirects
2	opesia.vip	w1.bungaprediction.com code.jquery.com
2	loadm.exelator.com	2 redirects
2	w1.bungaprediction.com	zona-bermain.com
2	match.prod.bidr.io	2 redirects
2	x01.aidata.io	1 redirects bcp.crwdcntrl.net
2	pool.admedo.com	2 redirects
2	fei.pro-market.net	2 redirects
2	cm.mgid.com	1 redirects bcp.crwdcntrl.net
2	aa.agkn.com	1 redirects bcp.crwdcntrl.net
2	sync.srv.stackadapt.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	c1.adform.net	2 redirects
2	sync.smartadserver.com	1 redirects bcp.crwdcntrl.net
2	s.amazon-adsystem.com	1 redirects bcp.crwdcntrl.net
2	mid.rkdms.com	2 redirects
2	a.dtssrv.com	e.dtscout.com
2	b1sync.zemanta.com	2 redirects
2	dtsedge.com	e.dtscout.com
2	stags.bluekai.com	2 redirects
2	dp2.33across.com	2 redirects
2	fonts.googleapis.com	bolo.treksantuy.xyz rankcrack.com
1	ajax.googleapis.com	rankcrack.com
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	nlsn.thrtle.com	zona-bermain.com
1	thrtl.redinuid.imrworldwide.com	1 redirects
1	idsync.reson8.com	1 redirects
1	jadserve.postrelease.com	1 redirects
1	c.cintnetworks.com	bcp.crwdcntrl.net
1	pixel.shareaholic.com	1 redirects
1	trc.taboola.com	bcp.crwdcntrl.net
1	audex.userreport.com	bcp.crwdcntrl.net
1	synchroscript.deliveryengine.adswizz.com	1 redirects
1	rtd-tm.everesttech.net	1 redirects
1	pbid.pro-market.net	bcp.crwdcntrl.net
1	wt.rqtrk.eu	bcp.crwdcntrl.net
1	sync.ipredictive.com	1 redirects
1	token.rubiconproject.com	bcp.crwdcntrl.net
1	ib.mookie1.com	bcp.crwdcntrl.net
1	global.ib-ibi.com	1 redirects
1	dmp.truoptik.com	1 redirects
1	obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com	1 redirects
1	ws.rqtrk.eu	1 redirects
1	sync.mathtag.com	markas-prediktor.info
1	cms.quantserve.com	1 redirects
1	dis.criteo.com	bolo.treksantuy.xyz
1	i6.liadm.com	sky.pasukanantidepo.shop
1	tags.bkrtx.com	pd.sharethis.com
1	fonts.gstatic.com	fonts.googleapis.com
1	momen.tm	bolo.treksantuy.xyz
1	treksantuy.asia	1 redirects
1	dp1.33across.com	sky.pasukanantidepo.shop
1	beacon.krxd.net	sky.pasukanantidepo.shop
1	usermatch.krxd.net	1 redirects
1	mwzeom.zeotap.com	sky.pasukanantidepo.shop
1	spl.zeotap.com	1 redirects
1	de.tynt.com	cdn.tynt.com
1	ic.tynt.com	sky.pasukanantidepo.shop
1	cdn.tynt.com	e.dtscout.com
1	treksantuy.tech	1 redirects
0	s.thebrighttag.com Failed	zona-bermain.com
0	sync.search.spotxchange.com Failed	bcp.crwdcntrl.net
1765	135

This site contains links to these domains. Also see Links.

Domain
hknalo.us.com
bandarnalo.agency
paitowarna.co.com
slotindo.ws
agennalo.city
gacorbgt.com
www.histats.com
lautan-angka.top
all84.fun
shio.kreasiangka.club
zona.forumdiskusi.vip
info.prediktorangka.xyz
w5.ceriawlatogel88.net
p2.kaisartoto88core.com
p2.indolottery88next.net
p2.grahadunialottery88.com
jabrix22.com
p2.microtogel88cv.com

Subject Issuer	Validity	Valid
pasukanantidepo.shop E1	`2023-12-01` - `2024-02-29`	3 months	crt.sh
*.files.wordpress.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-05` - `2025-01-04`	a year	crt.sh
histats.com R3	`2023-11-23` - `2024-02-21`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
treksantuy.xyz E1	`2023-12-13` - `2024-03-12`	3 months	crt.sh
angkapaito.net GTS CA 1P5	`2024-01-13` - `2024-04-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-11`	a year	crt.sh
laskar2d.xyz GTS CA 1P5	`2024-01-18` - `2024-04-17`	3 months	crt.sh
dtscout.com GTS CA 1P5	`2024-01-18` - `2024-04-17`	3 months	crt.sh
*.s-onetag.com Amazon RSA 2048 M03	`2023-11-04` - `2024-12-01`	a year	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-22` - `2024-06-19`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-05` - `2024-09-30`	a year	crt.sh
cert1-prod.aut.a24365.net R3	`2024-01-18` - `2024-04-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
dtscdn.com GTS CA 1P5	`2024-01-13` - `2024-04-12`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
markas-prediktor.info cPanel, Inc. Certification Authority	`2023-11-16` - `2024-02-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
dudasoleh.lol GTS CA 1P5	`2024-01-19` - `2024-04-18`	3 months	crt.sh
*.bkrtx.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-06` - `2024-12-05`	a year	crt.sh
securedvisit.com Amazon RSA 2048 M03	`2023-08-16` - `2024-09-13`	a year	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2023-12-18` - `2025-01-17`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.intentiq.com Amazon RSA 2048 M02	`2023-04-11` - `2024-05-08`	a year	crt.sh
hoki2d.xyz GTS CA 1P5	`2023-12-11` - `2024-03-10`	3 months	crt.sh
*.onaudience.com Go Daddy Secure Certificate Authority - G2	`2023-03-28` - `2024-04-28`	a year	crt.sh
www.zona-bermain.com.gubukprediction.com R3	`2024-01-07` - `2024-04-06`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
dtsedge.com GTS CA 1P5	`2023-11-25` - `2024-02-23`	3 months	crt.sh
kaptenoleng.com cPanel, Inc. Certification Authority	`2023-12-09` - `2024-03-08`	3 months	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
bungaprediction.top cPanel, Inc. Certification Authority	`2023-11-16` - `2024-02-14`	3 months	crt.sh
*.thrtle.com Go Daddy Secure Certificate Authority - G2	`2023-03-22` - `2024-04-22`	a year	crt.sh
dtssrv.com GTS CA 1P5	`2023-11-25` - `2024-02-23`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-08-31` - `2024-09-28`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
event-horizon.gcp.bomm.in GTS CA 1D4	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
*.rqtrk.eu RapidSSL TLS RSA CA G1	`2023-06-01` - `2024-05-31`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-11-20` - `2024-12-17`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.exelator.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-06-11`	a year	crt.sh
c.cintnetworks.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-12-26` - `2024-06-26`	6 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
b1.track-2d.com cPanel, Inc. Certification Authority	`2023-12-02` - `2024-03-01`	3 months	crt.sh
rankcrack.com GTS CA 1P5	`2024-01-19` - `2024-04-18`	3 months	crt.sh
opesia.vip GTS CA 1P5	`2023-12-14` - `2024-03-13`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh

This page contains 156 frames:

Primary Page: https://sky.pasukanantidepo.shop/
Frame ID: 0AE304FEC4054D9B1B10B34EBBCFCE37
Requests: 83 HTTP requests in this frame

Frame: https://bolo.treksantuy.xyz/
Frame ID: DEC6D3502F9CBA68B86E2DB053F59779
Requests: 61 HTTP requests in this frame

Frame: https://wget.angkapaito.net/result.php
Frame ID: 81C7A6C8A1780BCACD772C072C790B2A
Requests: 1 HTTP requests in this frame

Frame: https://king.laskar2d.xyz/
Frame ID: CDDBF050819595AF32195340C2F24A8B
Requests: 67 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A01705795437671B15BDFA0C3AC9B3
Frame ID: CA20EFC298ECE6EF3A0EEFE9A46C789A
Requests: 1 HTTP requests in this frame

Frame: https://wget.angkapaito.net/result.php
Frame ID: 6CD79C5A0FBE6EE72243FB1037A9C863
Requests: 1 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/27519?id=212429212096049&ret=html&random=1705795438
Frame ID: A1515CD2D7760AD58F6AE26E2B3D62AF
Requests: 1 HTTP requests in this frame

Frame: https://markas-prediktor.info/
Frame ID: 12FE5E194B58F1543CC05BECA138F42E
Requests: 71 HTTP requests in this frame

Frame: https://wget.angkapaito.net/result.php
Frame ID: 00EF6CE0B8F58C94E2176B38C965486D
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
Frame ID: BBDB88788AB2D78F4EADFBA6F7868065
Requests: 1 HTTP requests in this frame

Frame: https://rtx.dudasoleh.lol/
Frame ID: A954808AB278D9FED4B6B2632394557D
Requests: 92 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C
Frame ID: 9628A381C7CE3BA847A9EBDBD657AC38
Requests: 7 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: 8D12EB1BAA96FAD4598F9C30D99F0B92
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
Frame ID: DA69FDF02BF59C65F8B6B432EF2C6960
Requests: 1 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/5386?id=fa46c0a5-b18e-4497-af0b-ad4dc5823d79&gdpr=0&gdpr_consent=
Frame ID: 4C03D731D71628BE3036A2A8F0F24C5C
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C
Frame ID: C43B941F7EA95424C883ACC5D429A4F5
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
Frame ID: 1771EDF32D3BE251A8E8383E39E99DFC
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C
Frame ID: 326DCD4F59AC96B170CA779089988695
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=81593
Frame ID: 1ED5239D46B7FD85AEA1763188F71B32
Requests: 1 HTTP requests in this frame

Frame: https://wget.angkapaito.net/result.php
Frame ID: 27824A61B08E1A4A8B78553DFB3E191B
Requests: 1 HTTP requests in this frame

Frame: https://raja.hoki2d.xyz/
Frame ID: 2D229C0CD0F188F7EA144838D47348A6
Requests: 69 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=45884
Frame ID: 9224EDB7EFDAE5D5AC8A4C4B0F97438A
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=25550
Frame ID: CE080F23F849B986AE8D2FAC5C78CE47
Requests: 1 HTTP requests in this frame

Frame: https://zona-bermain.com/
Frame ID: 7CC9786230432C84956929D74F7763A1
Requests: 50 HTTP requests in this frame

Frame: https://wget.angkapaito.net/result.php
Frame ID: 997B5DB0A50553DF768EF6C813947FBF
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
Frame ID: 13F99BE98B2E7490F71B4D49161C9112
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C
Frame ID: F809BB473DA4C10624B77B8C071DDF16
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 42E42A6B8CC3B3E96975DA09C6AA3022
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
Frame ID: 7D547D55203A873C938B555B324FD657
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C
Frame ID: C3EAB83B33B4A0B9A5019EBD0C51AA04
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 3861D81FB6B60ECBFD98BB8B5B8BF0C2
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 9FCC5387E49AE9B9B98D50EFCDD5CC03
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=59373
Frame ID: 319EF5A31739CBD1E0BFA9D100CD0A26
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
Frame ID: 76F85BF3AF2EF75BD4DDBBFB86FA9070
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C
Frame ID: B0AB10F6D91A0776F1302CD6D952AC2D
Requests: 2 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: 613D379118BAD6CA107ED7771D71F76D
Requests: 22 HTTP requests in this frame

Frame: https://zona-bermain.com/prediksi-cambodia/
Frame ID: B9BF6B8FBA4094D097CABFD26157FD9B
Requests: 51 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=83700
Frame ID: CC02CC727C89C31A882416378776C070
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
Frame ID: 0D8CEC5E2ABD9AC0F8914B073903ADFE
Requests: 1 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: 83CDE1D79ECA6D241DF247C9FDD591B4
Requests: 22 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=34554
Frame ID: 7E3945F54483E445C7B08D9AA09FD001
Requests: 1 HTTP requests in this frame

Frame: https://zona-bermain.com/paito-warna-china/
Frame ID: 7AC4A4BCDE0BE328D37C2C344AB20C65
Requests: 54 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C
Frame ID: 6F49D6F2F0435B151F7C60E0B04F9639
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: A14D89AA80A44A6630CDD2EF00A43119
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
Frame ID: 0ABB1FD2371AD5B217C56FBE0812BE86
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C
Frame ID: 939A698E141DDEBE8087C22E5B942FBB
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=49093
Frame ID: F6B3B9B2B735D6DFDFFA806F824423D5
Requests: 1 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: 9608E5316F357E7667D673A9612F8ACB
Requests: 21 HTTP requests in this frame

Frame: https://zona-bermain.com/prediksi-japan/
Frame ID: 029C0E4D6B14AD8FEB2EC671F1469AF4
Requests: 51 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: FB83867A6986F35DF1CF1C7B2371A19A
Requests: 2 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 700C4DCF215FEA5E22697900127DDBD6
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 7B83EC75D130E6129F896DACB743A0EB
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: DA11CABC1A8DCB4B749FD8E9BAC90371
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=96349
Frame ID: BE4B7EF265F04398479D43018A1FC541
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C153%2C148%2C145%2C136%2C122%2C116%2C106%2C104%2C94%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 65D0B24AFA1EEA15DAE1002BB62B5A9C
Requests: 24 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C155%2C154%2C150%2C142%2C135%2C132%2C125%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C86%2C79%2C76%2C65%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 6FBFCCDF1EB1C2DC0490A5ED196011AC
Requests: 24 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
Frame ID: 959EB791E15A79F79363AB47ED80AD01
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
Frame ID: B3A16032B1CB6FD20CF6E81CFCCAD915
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C
Frame ID: EC2CFC1DEEC9BE32F5F4575E45BF4F56
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C
Frame ID: 31BEC1FB17D13CD91B041A24F31912D2
Requests: 2 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
Frame ID: B389AFC8A86CB99052B7F370C60649B1
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C
Frame ID: 08D657AB0189B4E1935D87A2C275D879
Requests: 2 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: 27E50EB4C4B7C4677BCB9AB5043F8657
Requests: 21 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
Frame ID: 2677007801FD85348646750D2EAD07F2
Requests: 1 HTTP requests in this frame

Frame: https://zona-bermain.com/prediksi-taiwan/
Frame ID: 9C919EEC307520A2D3193AA566F1AAB5
Requests: 51 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C
Frame ID: 66E2746BA2D09B90F0CD44F3F935FBD0
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: AFDBBD79122CC0BF4AF65780DF173EFF
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=86726
Frame ID: FC7E507FB20DBAF14E903EA44F6BF7FC
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=27822
Frame ID: 68AEFF1EE06C2B172507719226C1C758
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=9945
Frame ID: 2B480AEB6553A0B66BB716C64EA77221
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
Frame ID: E707E48324B235E845286EF8DCC0ED93
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C
Frame ID: FC5F08E3C3A1E497E196ADE746692A32
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=90148
Frame ID: 85D7781FA5657A4B8092C162FCAE72C2
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: F05954B8B93A29DADC91C9D5AA28A6BE
Requests: 2 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: 59DF59A8E6321D12405DFE777EE45569
Requests: 18 HTTP requests in this frame

Frame: https://zona-bermain.com/generate-bbfs/
Frame ID: 469393D06559A18190944567289DCFD0
Requests: 49 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
Frame ID: 35969D120CDC1DCF140486B76C5701BE
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C
Frame ID: F21A28E0BA70643F84B5CB11B1C2BFCC
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=48945
Frame ID: DE015AE48094AB8A68EC4A55784D8187
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
Frame ID: 09CC1EEDFE7C3E5B85BA6A859ED51D54
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C
Frame ID: 88C9FD2FE4CD0CD549E34D92815E7598
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 71BC99DB5980D0BAFC80D6522DDCD818
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 7FFAA2D34A7AAA82A86CD93E324CE150
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=4116
Frame ID: 60715BDD940133D5C4AD14BC47E322A5
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: EBA9E3F94CD040F2351B34D056D5BBEC
Requests: 2 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: C4915F82EA8FC274C95BC56BE543FF11
Requests: 18 HTTP requests in this frame

Frame: https://zona-bermain.com/live-china/
Frame ID: 59456EF7EA974A8B5D0BA7221D495223
Requests: 48 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 874B292D5D64BD41C1A23288F916ADA8
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=25574
Frame ID: 55FB0C10B164DAB82601AFE847DCD18B
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=53469
Frame ID: 66FCE3F672804CA1F9DE35197E015109
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 3333B219B5E75D7FE53A0BC36A328FAD
Requests: 2 HTTP requests in this frame

Frame: https://w1.bungaprediction.com/livechina.php
Frame ID: 830B2DA734DCD97524D310B683E73626
Requests: 18 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: 1D26F2892A8A7E6AFFF82205769635B0
Requests: 18 HTTP requests in this frame

Frame: https://zona-bermain.com/live-sydney/
Frame ID: D4AAB2FC6345412E727AF60A543570DE
Requests: 57 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 7707DE49AA8F18B0F859A0F6F08154D3
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=97383
Frame ID: 186F6C747FE59CED2FC0C43EA29253A1
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: B4B2E0CCB4E3B21FA6CC340D4F11D183
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=63792
Frame ID: 76DBCA2C5061E2D5786B286C57E9303C
Requests: 1 HTTP requests in this frame

Frame: https://w1.bungaprediction.com/livesydney.php
Frame ID: 7D6EE3C71096F25CCA3BCFD8936FE8E2
Requests: 17 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: F1D5B62E8EBA8AAAA29342B5915E58C6
Requests: 18 HTTP requests in this frame

Frame: https://zona-bermain.com/jalur-shio/
Frame ID: 36DE6CD6A48E98F2EC7DF15D75FF67AA
Requests: 57 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: B7015770787B3B5E2F4DBA00881A58DB
Requests: 2 HTTP requests in this frame

Frame: https://rankcrack.com/live-draw-china.php
Frame ID: A23CF26BDF836A68B0F3054512DAA88B
Requests: 5 HTTP requests in this frame

Frame: https://opesia.vip/iframe-live/livesydney2.php/
Frame ID: 516279398A7C4668F9D679734A36736F
Requests: 4 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=35498
Frame ID: 4977AB8D9C1F5296B333DF830AEF0949
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 78C0D70878F54D6B419E3E840C8B7D73
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=95710
Frame ID: 7D76CB0CB0E9A0E5F8D9914EC0B5FE9B
Requests: 1 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: 00AFB2EE7D3346D05180A00F90B8E659
Requests: 18 HTTP requests in this frame

Frame: https://zona-bermain.com/paito-warna-hongkong/
Frame ID: 03A8B252D0D849BA22D203E452E666A4
Requests: 50 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: CF538153AEE9AD100B30B7FD2E397F88
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=8886
Frame ID: F612751AFD35982F3100EDEC42FF413A
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=33899
Frame ID: 3F142B1C0035AB6A999BF5C6C57562ED
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=69010
Frame ID: 10CBDC624DBE07240FF6D5C9AD6C9A9D
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 48D7D2E08389D01ABA4E2B314C43285B
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=58512
Frame ID: 6A53FD8D888100E76C742946AFDB1F0D
Requests: 1 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: E2ED526DF036068622F5C050E64761AC
Requests: 17 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 33EEF5BB20834341D728E37B73CE8B47
Requests: 2 HTTP requests in this frame

Frame: https://zona-bermain.com/generate-bbfs/
Frame ID: 7F9BF1B56430B52901E0B816102C40C1
Requests: 57 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=65567
Frame ID: 21F16D323B5ADB64CBA4DA159D8522AB
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 363B1E0BBFA44B71A8E7DB92F1B93104
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 1A2C4C4F6F4EF4E017C36239F15C2C89
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: A0AF539B7CDA031645575BA33656BE22
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 3BF68A2217A2463218C3323B864AF33D
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=55013
Frame ID: 405B27F753627C72E021AF4FE606C4F1
Requests: 1 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: AF1ED0D851CB8EF29EBBE773E9E38058
Requests: 17 HTTP requests in this frame

Frame: https://zona-bermain.com/generator-line-angka/
Frame ID: 4A3A35217E822111A6C98F9C75601925
Requests: 48 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=88831
Frame ID: 5B647FAAAC32428F5BF840C1470E9FFC
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: BA25B0500BE0208A9CEC57C5DA862BB9
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=78975
Frame ID: BB20D41D959E6EC380A43C904E8649A8
Requests: 1 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: 841072F838716170CEDC1907163841FF
Requests: 18 HTTP requests in this frame

Frame: https://zona-bermain.com/kalender-togel/
Frame ID: 67765C6A58042DDC7D01E55C3AB73FE1
Requests: 46 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: F1892CC64F1ABE32FCD0CE0416CC7B3B
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=93754
Frame ID: F3C9FA546667EADF3F829E181C686696
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 533528636CE43E17007D8C211C4B8312
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=16557
Frame ID: 4B24C355F253F820581CC30AA7FBB353
Requests: 1 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: C4BD49A6D669ED70CEA5771A78D013F7
Requests: 16 HTTP requests in this frame

Frame: https://zona-bermain.com/paito-warna-taiwan/
Frame ID: 6014B9EC3C74465FC9F34470A16497F2
Requests: 47 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 83B40E3B67D9B000AD9B050BC7CE0655
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=38280
Frame ID: C2ABD462FA344E74A6145E76F5D94E5E
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=93542
Frame ID: 998B54F509F1EB79924E9D8DC2587022
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: B331498B087FCA8D048B7BA5CE5702F0
Requests: 2 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: 5F0EA59045A3B885AD05F3C8FAC0404E
Requests: 13 HTTP requests in this frame

Frame: https://zona-bermain.com/paito-warna-japan/
Frame ID: 9B99E11D777D004676CC6DF04471AE90
Requests: 45 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 96DFA53BAD3900CADD61760A47571F5E
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=36268
Frame ID: FC58DAE89C7017EFC4B31CD807F31627
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: B1CC6854036FF8501D0CCF7A53711809
Requests: 2 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=14099
Frame ID: 2C43A231AB19B6E58D69D3F1098DFBF4
Requests: 1 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: 4036B6506EDF76F1A1EF817E975DE425
Requests: 11 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 0A2F13B9F0B8FBEBBC4EBA75D334597F
Requests: 2 HTTP requests in this frame

Frame: https://zona-bermain.com/rekap-angka-ct/
Frame ID: 97598CEDD0EFBBB0786DDF5EE6FE3E3E
Requests: 43 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=22612
Frame ID: 1DCD8120ADFB954EB49C941E0464522D
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 89E72264AE5AF7DF098C6EF10327C49A
Requests: 2 HTTP requests in this frame

Frame: https://kaptenoleng.com/poltar.php
Frame ID: 42B30A19514A3D99EA2D4168FA747CD0
Requests: 2 HTTP requests in this frame

Frame: https://zona-bermain.com/live-sydney/
Frame ID: 09C1E2F29980E9D9E8CC97F7AE4EF253
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=43953
Frame ID: 87A3888DBA51364FFBA88CBE8B0EC80A
Requests: 1 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: F5444C10118360F8A96D13D3AB98ACCF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PASUKAN ANTI DEPO – PREDIKSI ANGKA JITU WLA HARI INI

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

1765
Requests

92 %
HTTPS

29 %
IPv6

105
Domains

135
Subdomains

81
IPs

8
Countries

146074 kB
Transfer

160930 kB
Size

161
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://hknalo.us.com/link.php?member=boomer1358

Search URL Search Domain Scan URL

URL: https://bandarnalo.agency/link.php?member=boomer1358

Search URL Search Domain Scan URL

URL: http://paitowarna.co.com/?ref=Boomer1358

Search URL Search Domain Scan URL

URL: http://slotindo.ws/register?ref=1241021

Search URL Search Domain Scan URL

URL: http://agennalo.city/?ref=BOOMER1358

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/tpking/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/rgclock/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/rgbasic/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/jkbrain/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/pkboss/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/ttbright/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/jpkind/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/idticket/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/gtgold/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/gtpath/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/ahart/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/8080salt/

Search URL Search Domain Scan URL

URL: https://gacorbgt.com/8table/

Search URL Search Domain Scan URL

URL: http://www.histats.com/viewstats/?sid=4660281&ccid=3026

Search URL Search Domain Scan URL

URL: https://lautan-angka.top/
Title: Chepy

Search URL Search Domain Scan URL

URL: https://all84.fun/
Title: Al84

Search URL Search Domain Scan URL

URL: https://shio.kreasiangka.club/
Title: Kreasi Angka

Search URL Search Domain Scan URL

URL: https://zona.forumdiskusi.vip/
Title: Forum Diskusi

Search URL Search Domain Scan URL

URL: https://info.prediktorangka.xyz/
Title: Prediktor Angka

Search URL Search Domain Scan URL

URL: https://w5.ceriawlatogel88.net/user/register.html?ref=boomer1358

Search URL Search Domain Scan URL

URL: https://p2.kaisartoto88core.com/user/register.html?ref=BOOMER1358

Search URL Search Domain Scan URL

URL: https://p2.indolottery88next.net/user/register.html?ref=BOOMER1358

Search URL Search Domain Scan URL

URL: https://p2.grahadunialottery88.com/user/register.html?ref=boomer1358

Search URL Search Domain Scan URL

URL: https://jabrix22.com/m/link.php?member=boomer1358

Search URL Search Domain Scan URL

URL: https://p2.microtogel88cv.com/user/register.html?ref=BOOMER1358

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg HTTP 301
https://bolo.treksantuy.xyz/

Request Chain 40

https://treksantuy.tech/ HTTP 301
https://bolo.treksantuy.xyz/

Request Chain 41

https://widget.angkapaito.net/result.php HTTP 301
https://wget.angkapaito.net/result.php

Request Chain 71

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg HTTP 301
https://bolo.treksantuy.xyz/

Request Chain 105

https://pixel.onaudience.com/?partner=137085098&mapped=51A01705795437671B15BDFA0C3AC9B3 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=b426b577e76f6dfa HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1ea13d09-573d-4e12-579b-a77ce727c548&reqId=e25dc35b-cdd8-4d30-5704-9686a41cd39d&zcluid=b426b577e76f6dfa&zdid=1332 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1ea13d09-573d-4e12-579b-a77ce727c548&reqId=e25dc35b-cdd8-4d30-5704-9686a41cd39d&zcluid=b426b577e76f6dfa&zdid=1332&google_tc= HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEELo2uUXDZ_GCbJtsTHMjI8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1ea13d09-573d-4e12-579b-a77ce727c548&reqId=e25dc35b-cdd8-4d30-5704-9686a41cd39d&zcluid=b426b577e76f6dfa&zdid=1332

Request Chain 106

https://widget.angkapaito.net/result.php HTTP 301
https://wget.angkapaito.net/result.php

Request Chain 111

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg HTTP 301
https://bolo.treksantuy.xyz/

Request Chain 136

https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1705795438046.6 HTTP 302
https://tags.bluekai.com/site/27519?id=212429212096049&ret=html&random=1705795438

Request Chain 137

https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1705795438046.1 HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=&us_privacy=&random=1705795438046.1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?uid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79&bid=1e2n4ou

Request Chain 138

https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKR2WsX20CDhmSI60PAg%3D%3D&us_privacy=&_rand=1705795438046.2 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKR2WsX20CDhmSI60PAg%3D%3D&us_privacy=&_rand=1705795438046.2&expected_cookie=aa96b5c7-04c0-42e0-a9e5-b6a11f0edf61

Request Chain 139

https://map.go.affec.tv/map/3a/?pid=CoIKR2WsX20CDhmSI60PAg%3D%3D&us_privacy=&ts=1705795438046.3 HTTP 303
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D65ac5f6e866d6f0001848481%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent= HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D65ac5f6e866d6f0001848481%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%2526gdpr_consent%253D%26gdpr%3D%26gdpr_consent%3D HTTP 302
https://map.go.affec.tv/map/an/2907085194688289057?ch=65ac5f6e866d6f0001848481&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent= HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://map.go.affec.tv/map/ttd/fa46c0a5-b18e-4497-af0b-ad4dc5823d79?ttd_puid=&gdpr=0&gdpr_consent=

Request Chain 140

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKR2WsX20CDhmSI60PAg%3D%3D&us_privacy=&random=1705795438046.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKR2WsX20CDhmSI60PAg%3D%3D&us_privacy=&random=1705795438046.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3f0e3619-356c-4f14-80e4-391e99eb1d58%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3f0e3619-356c-4f14-80e4-391e99eb1d58%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%25253Dtapad%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=fa46c0a5-b18e-4497-af0b-ad4dc5823d79&ttd_puid=3f0e3619-356c-4f14-80e4-391e99eb1d58%2Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad%2C HTTP 302
https://usermatch.krxd.net/um/v2?partner=tapad HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad

Request Chain 141

https://dp2.33across.com/ps/?pid=1205&rand=1705795438046.5 HTTP 302
https://idsync.rlcdn.com/405716.gif?partner_uid=212429230910412

Request Chain 144

https://treksantuy.asia/wp-content/themes/frontier/images/honeycomb.png HTTP 301
https://momen.tm/ZdO9uN

Request Chain 145

https://widget.angkapaito.net/result.php HTTP 301
https://wget.angkapaito.net/result.php

Request Chain 154

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 156

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79&gdpr=0&gdpr_consent=

Request Chain 157

https://idsync.rlcdn.com/386076.gif?partner_uid=ZGgABWWsX20AAAAIA2FBAw%3D%3D&gdpr=0&gdpr_consent= HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkdnQUJXV3NYMjBBQUFBSUEyRkJBdz09EAAaDQjuvrGtBhIFCOgHEABCAEoA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=3784b4914c6554c3bae6837166da419c7ae738d0c7182ea68646479d7781c39d791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3784b4914c6554c3bae6837166da419c7ae738d0c7182ea68646479d7781c39d791426b5417dce21&rand=09278724

Request Chain 158

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/eyeota?uid=2GjaMPnxfELS4ncOzSDTYPOAAyYu5W3S5YOWmphsmkao&gdpr=0&gdpr_consent=

Request Chain 159

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGgABWWsX20AAAAIA2FBAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3641495816933212221 HTTP 307
https://ml314.com/csync.ashx?fp=78092f6aa0fb0e1d3129807cd66a43da5cbc2b759b5dd3e7b9acc285d2083408f4cb09cee1a4f8eb&person_id=3641495816933212221&eid=50082

Request Chain 160

https://tags.bluekai.com/site/59574?id=ZGgABWWsX20AAAAIA2FBAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Request Chain 169

https://pixel.onaudience.com/?partner=137085098&mapped=51A01705795437671B15BDFA0C3AC9B3 HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=75a782b49ce23786 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=SkVqUG0yb1E5OWV2UHZoaw%3D%3D HTTP 302
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEPTQLZ_NTvLRk-1f2Z2V5Eo&google_cver=1

Request Chain 184

https://pixel.onaudience.com/?partner=137085098&mapped=51A01705795437671B15BDFA0C3AC9B3 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=fa46c0a5-b18e-4497-af0b-ad4dc5823d79&icm&gdpr=0&gdpr_consent=&cver HTTP 302
https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=8f3fb1e796987083 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlVfR1djOTE2ZnBpQkE5S2ZEZGJfNzlaWjloYzVibkdROFR5dXFZQl9oT2c&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90 HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESED6t9u2CqtH85xpBidPdkfQ&google_cver=1

Request Chain 189

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGgABWWsX20AAAAIA2FBAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23380%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23380%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=85529210 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
https://tags.bluekai.com/site/5386?id=fa46c0a5-b18e-4497-af0b-ad4dc5823d79&gdpr=0&gdpr_consent=

Request Chain 246

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg HTTP 301
https://bolo.treksantuy.xyz/

Request Chain 283

https://widget.angkapaito.net/result.php HTTP 301
https://wget.angkapaito.net/result.php

Request Chain 285

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg HTTP 301
https://bolo.treksantuy.xyz/

Request Chain 319

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=62118 HTTP 303
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=62118&_li_chk=true&previous_uuid=dee090ffcec649a5b0e86484cc65dae8 HTTP 303
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=dee090ff-cec6-49a5-b0e8-6484cc65dae8 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=66d103cf-1b5e-4d08-9252-8c854edde133%3A1705795441.6341908&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D66d103cf-1b5e-4d08-9252-8c854edde133%253A1705795441.6341908%26pid%3D500040%26it%3D1%26iv%3D66d103cf-1b5e-4d08-9252-8c854edde133%253A1705795441.6341908%26_%3D1705795441.6354823&cb=1705795441.6355224 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=969470222354544275&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D66d103cf-1b5e-4d08-9252-8c854edde133%253A1705795441.6341908%26pid%3D500040%26it%3D1%26iv%3D66d103cf-1b5e-4d08-9252-8c854edde133%253A1705795441.6341908%26_%3D1705795441.6354823 HTTP 302
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=66d103cf-1b5e-4d08-9252-8c854edde133%3A1705795441.6341908&pid=500040&it=1&iv=66d103cf-1b5e-4d08-9252-8c854edde133%3A1705795441.6341908&_=1705795441.6354823 HTTP 303
https://pippio.com/api/sync?it=1&pid=500040&_=1705795441.6354823&iv=66d103cf-1b5e-4d08-9252-8c854edde133:1705795441.6341908

Request Chain 338

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg HTTP 301
https://bolo.treksantuy.xyz/

Request Chain 368

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=58337 HTTP 303
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=58337&_li_chk=true&previous_uuid=8fa0be9921284576ba8e19bd665ac5d9 HTTP 303
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=8fa0be99-2128-4576-ba8e-19bd665ac5d9 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=4f775705-db8e-4490-97cd-6380b73a6a7a%3A1705795441.637368&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D4f775705-db8e-4490-97cd-6380b73a6a7a%253A1705795441.637368%26pid%3D500040%26it%3D1%26iv%3D4f775705-db8e-4490-97cd-6380b73a6a7a%253A1705795441.637368%26_%3D1705795441.6407647&cb=1705795441.6408167 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1813050728802289503&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D4f775705-db8e-4490-97cd-6380b73a6a7a%253A1705795441.637368%26pid%3D500040%26it%3D1%26iv%3D4f775705-db8e-4490-97cd-6380b73a6a7a%253A1705795441.637368%26_%3D1705795441.6407647 HTTP 302
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=4f775705-db8e-4490-97cd-6380b73a6a7a%3A1705795441.637368&pid=500040&it=1&iv=4f775705-db8e-4490-97cd-6380b73a6a7a%3A1705795441.637368&_=1705795441.6407647 HTTP 303
https://pippio.com/api/sync?it=1&pid=500040&_=1705795441.6407647&iv=4f775705-db8e-4490-97cd-6380b73a6a7a:1705795441.637368

Request Chain 375

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=24069 HTTP 303
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=dee090ff-cec6-49a5-b0e8-6484cc65dae8 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=21a5ce20-1abd-480c-a270-4f4023c9dc0f%3A1705795441.6355371&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D21a5ce20-1abd-480c-a270-4f4023c9dc0f%253A1705795441.6355371%26pid%3D500040%26it%3D1%26iv%3D21a5ce20-1abd-480c-a270-4f4023c9dc0f%253A1705795441.6355371%26_%3D1705795441.6374905&cb=1705795441.637532 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=2810035095400931258&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D21a5ce20-1abd-480c-a270-4f4023c9dc0f%253A1705795441.6355371%26pid%3D500040%26it%3D1%26iv%3D21a5ce20-1abd-480c-a270-4f4023c9dc0f%253A1705795441.6355371%26_%3D1705795441.6374905 HTTP 302
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=21a5ce20-1abd-480c-a270-4f4023c9dc0f%3A1705795441.6355371&pid=500040&it=1&iv=21a5ce20-1abd-480c-a270-4f4023c9dc0f%3A1705795441.6355371&_=1705795441.6374905 HTTP 303
https://pippio.com/api/sync?it=1&pid=500040&_=1705795441.6374905&iv=21a5ce20-1abd-480c-a270-4f4023c9dc0f:1705795441.6355371

Request Chain 377

https://widget.angkapaito.net/result.php HTTP 301
https://wget.angkapaito.net/result.php

Request Chain 391

https://um.simpli.fi/lj_match?r=56282 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 413

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=22405 HTTP 303
https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=7169882469513063975 HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0 HTTP 302
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79 HTTP 303
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79

Request Chain 422

https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=51A01705795437671B15BDFA0C3AC9B3 HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=51A01705795437671B15BDFA0C3AC9B3

Request Chain 426

https://um.simpli.fi/lj_match?r=42347 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 427

https://um.simpli.fi/lj_match?r=89772 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 436

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=52662 HTTP 303
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=8fa0be99-2128-4576-ba8e-19bd665ac5d9 HTTP 302
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=8fa0be99-2128-4576-ba8e-19bd665ac5d9&rd=Y

Request Chain 438

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=95151 HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Request Chain 440

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=IBojjSZHx2VQz486REa1YP5c/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=ab64fa0e90b9b1997c07960e3f815611

Request Chain 477

https://zona-bermain.com/prediksi-cambodia HTTP 301
https://zona-bermain.com/prediksi-cambodia/

Request Chain 478

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=79770 HTTP 303
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=8fa0be99-2128-4576-ba8e-19bd665ac5d9

Request Chain 482

https://cms.analytics.yahoo.com/cms?partner_id=Eyeot HTTP 302
https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot HTTP 302
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-h9orpaNE2pXaeEnDlp6BiyDrjnHkkOzRnn0-~A

Request Chain 483

https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u&_test=ZaxfdAAQBIdxCQBH HTTP 302
https://ps.eyeota.net/match?uid=ZaxfdAAQBIdxCQBH&bid=0rijhbu&referrer_pid=51md42u&_test=ZaxfdAAQBIdxCQBH

Request Chain 484

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u HTTP 302
https://ps.eyeota.net/match?uid=2907085194688289057&bid=2cr76e1&referrer_pid=51md42u

Request Chain 485

https://tags.bluekai.com/site/29537?limit=1&id=280j_SntqUi5OVGUm125tWWIUATlVfMZdAIUt7R8R3sE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=SkVqUG0yb1E5OWV2UHZoaw%3D%3D HTTP 302
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEPTQLZ_NTvLRk-1f2Z2V5Eo&google_cver=1

Request Chain 490

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c HTTP 302
https://thrtle.com/sync?_reach=1&vxii_pdid=IBojjSZHx2VQz486REa1YP5c&vxii_pid=12&vxii_pid1=7002&vxii_rcid=7db4e1ff-29b3-4658-93ec-a54ac0e6cd48&vxii_rmax=1 HTTP 302
https://rtb.adentifi.com/CookieSyncThrotle

Request Chain 491

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c HTTP 302
https://thrtle.com/sync?_reach=1&vxii_pdid=IBojjSZHx2VQz486REa1YP5c&vxii_pid=12&vxii_pid1=7002&vxii_rcid=8e9561b3-0dec-477b-8877-09149dad5ed5&vxii_rmax=1 HTTP 302
https://rtb.adentifi.com/CookieSyncThrotle

Request Chain 492

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c HTTP 302
https://thrtle.com/sync?_reach=1&vxii_pdid=IBojjSZHx2VQz486REa1YP5c&vxii_pid=12&vxii_pid1=7002&vxii_rcid=2ac52133-392c-4b27-a2f2-d282db0ba921&vxii_rmax=1 HTTP 302
https://rtb.adentifi.com/CookieSyncThrotle

Request Chain 536

https://um.simpli.fi/lj_match?r=62028 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 538

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=15418 HTTP 303
https://x.bidswitch.net/sync?ssp=liveintent&user_id=8fa0be99-2128-4576-ba8e-19bd665ac5d9 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=8fa0be99-2128-4576-ba8e-19bd665ac5d9 HTTP 302
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=liveintent&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=liveintent&gdpr=0&user_id=1sAAT9WTVhnNlwUc0pZMH4aTUB3NkVgV18S5ytDe HTTP 302
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=6b5464a1-2869-4888-acd3-3d2426159c4f

Request Chain 540

https://zona-bermain.com/paito-warna-china HTTP 301
https://zona-bermain.com/paito-warna-china/

Request Chain 549

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=65224 HTTP 303
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=8fa0be99-2128-4576-ba8e-19bd665ac5d9 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=8fa0be99-2128-4576-ba8e-19bd665ac5d9

Request Chain 550

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=98215 HTTP 303
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=8fa0be99-2128-4576-ba8e-19bd665ac5d9 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=8fa0be99-2128-4576-ba8e-19bd665ac5d9

Request Chain 570

https://um.simpli.fi/lj_match?r=60114 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 615

https://zona-bermain.com/prediksi-japan HTTP 301
https://zona-bermain.com/prediksi-japan/

Request Chain 616

https://um.simpli.fi/lj_match?r=78756 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 617

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=71305 HTTP 303
https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__ HTTP 302
https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__&s=2 HTTP 302
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=1Bu4xf2XPXxbxgMBfx1h HTTP 303
https://sync.mathtag.com/sync/img?mt_exid=36&8fa0be99-2128-4576-ba8e-19bd665ac5d9

Request Chain 637

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=33628 HTTP 303
https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=8fa0be99-2128-4576-ba8e-19bd665ac5d9&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D HTTP 302
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=6b5464a1-2869-4888-acd3-3d2426159c4f HTTP 303
https://ib.adnxs.com/getuid?https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=$UID&gdpr=0 HTTP 302
https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=2907085194688289057&gdpr=0 HTTP 303
https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=8fa0be99-2128-4576-ba8e-19bd665ac5d9&liid=&_ct=im HTTP 302
https://i.liadm.com/s/19948?bidder_id=178256&bidder_uuid=30803faa99724746b4e202a0eaeab930 HTTP 303
https://x.bidswitch.net/sync?dsp_id=42&user_id=

Request Chain 648

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=33303 HTTP 303
https://ib.adnxs.com/getuid?https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=$UID&gdpr=0 HTTP 302
https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=2907085194688289057&gdpr=0 HTTP 303
https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=8fa0be99-2128-4576-ba8e-19bd665ac5d9&liid=&_ct=im HTTP 302
https://i.liadm.com/s/19948?bidder_id=178256&bidder_uuid=64a46fbb83ad4469ae1ee79e792db410 HTTP 303
https://x.bidswitch.net/sync?dsp_id=42&user_id=

Request Chain 657

https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=ab64fa0e90b9b1997c07960e3f815611&custom=&tag_format=img&tag_action=sync HTTP 302
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=ab64fa0e90b9b1997c07960e3f815611&custom=&tag_format=img&tag_action=sync&final=true&reqid=98bd4940-b7f0-11ee-8ef5-8b1ef9e46e69&timestamp=2024-01-21T00%3A04%3A07.765Z HTTP 302
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 302
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=2907085194688289057&tag_format=img&tag_action=sync HTTP 302
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=98c73450-b7f0-11ee-935c-cb27d312f951?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=ab64fa0e90b9b1997c07960e3f815611&tag_format=img&tag_action=sync&cb=348872348 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79&tag_format=img&tag_action=sync&cb= HTTP 302
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=98c73450-b7f0-11ee-935c-cb27d312f951&cb=1705795448348&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2130%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1705795448348 HTTP 302
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=567b8665-1f46-4481-b3fa-010aad7783dc&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1705795448348 HTTP 302
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync HTTP 302
https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=995c6f70-b7f0-11ee-b489-7530d5baf48f

Request Chain 658

https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=ab64fa0e90b9b1997c07960e3f815611 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=ab64fa0e90b9b1997c07960e3f815611&dcc=t

Request Chain 659

https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0 HTTP 302
https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1

Request Chain 660

https://c1.adform.net/serving/cookie/match?party=1040 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1040 HTTP 302
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5570425638240000285/gdpr=/gdpr_consent=

Request Chain 661

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1 HTTP 302
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A0E219F0-02B3-4137-B8CA-48C3BF25EB31&gdpr=0

Request Chain 663

https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79/gdpr=0/gdpr_consent=

Request Chain 664

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=ab64fa0e90b9b1997c07960e3f815611&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D&ch=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D HTTP 302
https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D3f0e3619-356c-4f14-80e4-391e99eb1d58%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252Ftp%25253DTPAD%25252Ftpid%25253D3f0e3619-356c-4f14-80e4-391e99eb1d58%252C%25257B%252522fullVersionList%252522%25253A%25255B%25255D%25252C%252522mobile%252522%25253Afalse%25252C%252522model%252522%25253A%252522%252522%25252C%252522platform%252522%25253A%252522%252522%25252C%252522platformVersion%252522%25253A%252522%252522%25257D HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2907085194688289057&pt=3f0e3619-356c-4f14-80e4-391e99eb1d58%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D3f0e3619-356c-4f14-80e4-391e99eb1d58%2C%257B%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=3f0e3619-356c-4f14-80e4-391e99eb1d58

Request Chain 665

https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP HTTP 302
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=ac03efbe7dcc36e3406ab8835edc0195

Request Chain 667

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=ab64fa0e90b9b1997c07960e3f815611 HTTP 302
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=ab64fa0e90b9b1997c07960e3f815611

Request Chain 669

https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-aafc3a0b-9e29-5b97-53d1-4ca8ee376e7d$ip$38.132.118.71&gdpr=0&gdpr_consent=

Request Chain 671

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-LjXgjWVE2pzjTeXOJ.XFZbPAF6apcX4yhu0-~A&gdpr=0

Request Chain 672

https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=49c0b9de-e1d3-49be-9005-72cadc6c3c81-65ac5f77-5553/gdpr=0

Request Chain 678

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/ab64fa0e90b9b1997c07960e3f815611/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7169882469513063975/gdpr=0

Request Chain 679

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=802876266 HTTP 302
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=2907085194688289057/gdpr=0/rand=802876266

Request Chain 680

https://x.bidswitch.net/syncd?gdpr=0&dsp_id=459&user_group=1&expires=30&user_id=${COOKIE}&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16722%26tp%3DMDAG%26tpid%3D%24%7BBSW_UID%7D%26gdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=16722&tp=MDAG&tpid=6b5464a1-2869-4888-acd3-3d2426159c4f&gdpr=0

Request Chain 681

https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=ab64fa0e90b9b1997c07960e3f815611 HTTP 307
https://cm.mgid.com/m?c=ab64fa0e90b9b1997c07960e3f815611&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

Request Chain 682

https://sync.ipredictive.com/d/sync/cookie/generic?partner=lotame&cspid=20&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16622%26tp%3DALDX%26tpid%3D%24{ADELPHIC_CUID}%26gdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=16622&tp=ALDX&tpid=b1c31223-06f0-43a1-9eea-2c3680072dd5&gdpr=0

Request Chain 684

https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=ab64fa0e90b9b1997c07960e3f815611 HTTP 302
https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=ab64fa0e90b9b1997c07960e3f815611&sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=NzY0NjE1MTYxMjk3MjU1MDE4Mw== HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEHAlbfQ_QkcbxBwQRToPamI&google_cver=1

Request Chain 685

https://id5-sync.com/s/19/9.gif?puid=ab64fa0e90b9b1997c07960e3f815611&gdpr=0 HTTP 302
https://id5-sync.com/c/19/19/9/1.gif?puid=ab64fa0e90b9b1997c07960e3f815611&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79&ttl=%%TTL%% HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/19/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/19/2/7/3.gif?puid=2907085194688289057&gdpr=0&gdpr_consent= HTTP 302
https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F136%2F6%2F4.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/19/136/6/4.gif?puid=ZaxfdAAQBIdxCQBH&gdpr=0&gdpr_consent= HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-bd8bVoH2197rv4p9zkl0akP92SyyEwK3fQnLYWYxwg/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F5%2F5.gif%3Fpuid%3D%24%21%7BTURN_UUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/19/224/5/5.gif?puid=7169882469513063975&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=0/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F4%2F6.gif%3Fpuid%3D%24_BK_UUID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://tags.bluekai.com/site/5907?limit=0&id=7c1513a17521832612a6a3f382314840&redir=https://id5-sync.com/c/19/321/4/6.gif?puid=$_BK_UUID&gdpr=0&gdpr_consent=&gdpr_consent=&gdpr=0 HTTP 302
https://id5-sync.com/c/19/321/4/6.gif?puid=A0oPmthX99OXuvhk HTTP 302
https://sync.sharethis.com/id5?uid=ID5-bd8bVoH2197rv4p9zkl0akP92SyyEwK3fQnLYWYxwg&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fid5-sync.com%2Fa%2F19%2F121%2F3%2F7%2Fgif%2F0%2F0%2F0%2F0%2F HTTP 302
https://id5-sync.com/a/19/121/3/7/gif/0/0/0/0/ZGgABWWsX20AAAAIA2FBAw== HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0&gdpr_consent=&id5=ID5-bd8bVoH2197rv4p9zkl0akP92SyyEwK3fQnLYWYxwg HTTP 302
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79/gdpr=0/gdpr_consent=

Request Chain 686

https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D5979%26tp%3DADWZ%26tpid%3D%24%7BUID%7D%26gdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=5979&tp=ADWZ&tpid=959c865af95602501fce450bb00c5df5&gdpr=0

Request Chain 690

https://pixel.shareaholic.com/sync?r=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D9193%26tp%3DSHLC%26tpid%3D%24u_id%26gdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=4a04df44-9265-4066-9330-e9bc96d5657e&gdpr=0

Request Chain 692

https://pool.admedo.com/aa/j9fmpan1dspyp6ogch79 HTTP 302
https://pool.admedo.com/ul_cb/aa/j9fmpan1dspyp6ogch79 HTTP 302
https://bcp.crwdcntrl.net/map/c=10737/tp=AMBO/tpid=d5fe2fd0-f00b-4636-a65d-dd80f91f0fc9

Request Chain 695

https://pixel.onaudience.com/?mapped=ab64fa0e90b9b1997c07960e3f815611&partner=104&gdpr=0 HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=252&mapped=y-LoM7gTJE2pRajTQv0FVGzMoQsD_RHDac2A--~A&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b426b577e76f6dfa/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=ab64fa0e90b9b1997c07960e3f815611&gdpr=0 HTTP 302
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m HTTP 302
https://stags.bluekai.com/site/52799?id=d30512183e3cb4f9 HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=BLKAI HTTP 302
https://ups.analytics.yahoo.com/ups/58739/cms?partner_id=BLKAI HTTP 302
https://tags.bluekai.com/site/19505?id=y-7aIzTO9E2pJpG07yiZUjqkX5jDIV0H.SXk4-~A

Request Chain 696

https://jadserve.postrelease.com/dmp/5?vk=ab64fa0e90b9b1997c07960e3f815611/gdpr=0&ntv_r=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D8157%2Ftp%3DNLDN%2Ftpid%3DNTV_USER_ID%2Fgdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=66f09bc1-42b4-43b1-b8b5-76e48d490be3/gdpr=0

Request Chain 697

https://aorta.clickagy.com/pixel.gif?ch=120&cm=ab64fa0e90b9b1997c07960e3f815611 HTTP 302
https://idsync.rlcdn.com/420246.gif?partner_uid=ZaxfeEVKSrjcZqDV_b_SZQN1 HTTP 307
https://aorta.clickagy.com/pixel.gif?ch=114&cm=37cba886f9ea8d1917c434b66c050d9d592e80d24983ccec7c62e262ba0fc63225abae5358c0e7bc HTTP 302
https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537073026%2526val%253D%257Bvisitor_id%257D HTTP 302
https://aorta.clickagy.com/pixel.gif?ch=4&cm=93681a69-b85b-4b62-99d2-211d28ea025f&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZaxfeEVKSrjcZqDV_b_SZQN1

Request Chain 698

https://x01.aidata.io/0.gif?pid=LOTAME&id=ab64fa0e90b9b1997c07960e3f815611&gdpr=0 HTTP 302
https://x01.aidata.io/0.gif?pid=LOTAME&id=ab64fa0e90b9b1997c07960e3f815611&gdpr=0&bounce=1

Request Chain 699

https://aa.agkn.com/adscores/g.pixel?sid=9202276048&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=213390604768000039233&gdpr=0&gdpr_consent=

Request Chain 700

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZaxfdAAQBIdxCQBH/gdpr=0

Request Chain 702

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=808919575 HTTP 302
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=2907085194688289057/gdpr=0/rand=808919575

Request Chain 734

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=28082 HTTP 303
https://match.prod.bidr.io/cookie-sync/liveintent HTTP 303
https://match.prod.bidr.io/cookie-sync/liveintent?_bee_ppp=1 HTTP 303
https://i.liadm.com/s/62491?bidder_uuid=AAFEr07LWL8AABJZFwI98A&bidder_id=237139 HTTP 303
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=12&rurl=https://i.liadm.com/s/35758?bidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D HTTP 302
https://i.liadm.com/s/35758?bidder_id=2380&bidder_uuid=49c0b9de-e1d3-49be-9005-72cadc6c3c81-65ac5f77-5553 HTTP 303
https://aa.agkn.com/adscores/g.pixel?sid=9212291498&_puid=8fa0be99-2128-4576-ba8e-19bd665ac5d9 HTTP 302
https://i.liadm.com/s/35637?bidder_id=100905&bidder_uuid=213390604768000039233 HTTP 303
https://s.thebrighttag.com/csx?tp=1YJNAYe

Request Chain 735

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c HTTP 302
https://sync.srv.stackadapt.com/sync?nid=throtle HTTP 302
https://thrtle.com/sync?vxii_pid=5044&vxii_pdid=qvw6C54pW5dT0Uyo7jdufSaEdkc&_t=1705795448

Request Chain 762

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c HTTP 302
https://match.prod.bidr.io/cookie-sync/throtle HTTP 303
https://match.prod.bidr.io/cookie-sync/throtle?_bee_ppp=1 HTTP 303
https://thrtle.com/sync?vxii_pdid=AAFEr07LWL8AABJZFwI98A&vxii_pid=5037&_t=1705795448.5601714

Request Chain 763

https://um.simpli.fi/lj_match?r=16660 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 771

https://zona-bermain.com/prediksi-taiwan HTTP 301
https://zona-bermain.com/prediksi-taiwan/

Request Chain 783

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=36798 HTTP 303
https://s.thebrighttag.com/csx?tp=1YJNAYe

Request Chain 789

https://um.simpli.fi/lj_match?r=36593 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 804

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=17462 HTTP 303
https://loadus.exelator.com/load/?p=204&g=661&j=0

Request Chain 807

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=95705 HTTP 303
https://loadus.exelator.com/load/?p=204&g=661&j=0

Request Chain 831

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=15553 HTTP 303
https://sync.crwdcntrl.net/qmap?c=12611&tp=LVIN&gdpr=0&d=https://i.liadm.com/s/41715?bidder_id%3D127211&bidder_uuid=$%7Bprofile_id%7D HTTP 302
https://i.liadm.com/s/41715?bidder_id=127211

Request Chain 839

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c HTTP 302
https://idsync.reson8.com/sources/pixel/v1/sync?sourcekey=01CH0ZM0TGKTWGX4FTB1AQA71H&userid=7db4e1ff-29b3-4658-93ec-a54ac0e6cd48 HTTP 302
https://thrtle.com/sync?vxii_pid=5017&vxii_pdid=51F3056B8EF2114EAF42108B90F46397

Request Chain 853

https://zona-bermain.com/generate-bbfs HTTP 301
https://zona-bermain.com/generate-bbfs/

Request Chain 870

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=brgeu23&ttd_tpi=1&TTD_PUID=7db4e1ff-29b3-4658-93ec-a54ac0e6cd48 HTTP 302
https://thrtle.com/sync?vxii_pid=5015&vxii_pdid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79

Request Chain 872

https://um.simpli.fi/lj_match?r=11540 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 873

https://um.simpli.fi/lj_match?r=62676 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 887

https://um.simpli.fi/lj_match?r=71217 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 921

https://um.simpli.fi/lj_match?r=50115 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 944

https://zona-bermain.com/live-china HTTP 301
https://zona-bermain.com/live-china/

Request Chain 951

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=THROTLE HTTP 302
https://ups.analytics.yahoo.com/ups/58691/cms?partner_id=THROTLE HTTP 302
https://thrtle.com/sync?vxii_pid=5038&vxii_pdid=y-lzxAIbNE2oT7VWT5C0g.O0B07MeVhuxvE5VKtg--~A

Request Chain 952

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=THROTLE HTTP 302
https://ups.analytics.yahoo.com/ups/58691/cms?partner_id=THROTLE HTTP 302
https://thrtle.com/sync?vxii_pid=5038&vxii_pdid=y-lzxAIbNE2oT7VWT5C0g.O0B07MeVhuxvE5VKtg--~A HTTP 302
https://pixel-sync.sitescout.com/connectors/throtle/usersync?redir=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5026%26vxii_pdid%3D%7BuserId%7D%26vxii_ts%3D14%26_t%3D1705795452 HTTP 302
https://thrtle.com/sync?vxii_pid=5026&vxii_pdid=49c0b9de-e1d3-49be-9005-72cadc6c3c81-65ac5f77-5553&vxii_ts=14&_t=1705795452

Request Chain 960

https://um.simpli.fi/lj_match?r=57840 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 961

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c HTTP 302
https://pixel-sync.sitescout.com/connectors/throtle/usersync?redir=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5026%26vxii_pdid%3D%7BuserId%7D%26vxii_ts%3D14%26_t%3D1705795452%26_reach%3D1 HTTP 302
https://thrtle.com/sync?vxii_pid=5026&vxii_pdid=49c0b9de-e1d3-49be-9005-72cadc6c3c81-65ac5f77-5553&vxii_ts=14&_t=1705795452&_reach=1

Request Chain 970

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c HTTP 302
https://sync.crwdcntrl.net/map/c=10835/tp=ALCT/tpid=/gdpr=0/gdpr_consent=?https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5003%26vxii_pdid%3D%24%7Bprofile_id%7D%26vxii_ts%3D16%26_t%3D1705795452%26_reach%3D1 HTTP 302
https://thrtle.com/sync?vxii_pid=5003&vxii_pdid=ab64fa0e90b9b1997c07960e3f815611&vxii_ts=16&_t=1705795452&_reach=1

Request Chain 1006

https://um.simpli.fi/lj_match?r=37396 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 1018

https://zona-bermain.com/live-sydney HTTP 301
https://zona-bermain.com/live-sydney/

Request Chain 1025

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c HTTP 302
https://thrtl.redinuid.imrworldwide.com/thrtl?url=https%3A%2F%2Fnlsn.thrtle.com%2Fsync%3Fvxii_pid%3D5036%26vxii_ts%3D18%26_reach%3D1 HTTP 302
https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=9c335d30-b7f0-11ee-ab35-159b86e69bdf

Request Chain 1030

https://um.simpli.fi/lj_match?r=17151 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 1048

https://um.simpli.fi/lj_match?r=53193 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 1049

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c HTTP 302
https://loadm.exelator.com/load/?p=204&g=1133&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=1133&j=0&xl8blockcheck=1 HTTP 302
https://thrtle.com/sync?vxii_pid=5007&vxii_pdid=561b135810ef8614dae49e16cd8ed3c1

Request Chain 1097

https://zona-bermain.com/jalur-shio HTTP 301
https://zona-bermain.com/jalur-shio/

Request Chain 1113

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c HTTP 302
https://a.tribalfusion.com/i.match?p=b31&redirect=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5042%26vxii_pdid%3D%24TF_USER_ID_ENC%24%26vxii_ts%3D22%26_t%3D1705795455%26_reach%3D1&u=7db4e1ff-29b3-4658-93ec-a54ac0e6cd48 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b31&redirect=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5042%26vxii_pdid%3D%24TF_USER_ID_ENC%24%26vxii_ts%3D22%26_t%3D1705795455%26_reach%3D1&u=7db4e1ff-29b3-4658-93ec-a54ac0e6cd48 HTTP 302
https://thrtle.com/sync?vxii_pid=5042&vxii_pdid=18072662068712545955&vxii_ts=22&_t=1705795455&_reach=1

Request Chain 1131

https://um.simpli.fi/lj_match?r=41504 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 1137

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c HTTP 302
https://pm.w55c.net/ping_match.gif?rurl=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5011%26vxii_pdid%3D_wfivefivec_%26vxii_ts%3D24%26_t%3D1705795455%26_reach%3D1&st=THROTLE HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&rurl=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5011%26vxii_pdid%3D_wfivefivec_%26vxii_ts%3D24%26_t%3D1705795455%26_reach%3D1&st=THROTLE HTTP 302
https://thrtle.com/sync?vxii_pid=5011&vxii_pdid=v21ecxEE1RrljV5&vxii_ts=24&_t=1705795455&_reach=1&st=THROTLE

Request Chain 1178

https://um.simpli.fi/lj_match?r=91489 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 1205

https://zona-bermain.com/paito-warna-hongkong HTTP 301
https://zona-bermain.com/paito-warna-hongkong/

Request Chain 1218

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5006%26vxii_pdid%3D%24UID%26vxii_ts%3D26%26_t%3D1705795456%26_reach%3D1 HTTP 302
https://thrtle.com/sync?vxii_pid=5006&vxii_pdid=2907085194688289057&vxii_ts=26&_t=1705795456&_reach=1

Request Chain 1219

https://um.simpli.fi/lj_match?r=65469 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 1231

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c HTTP 302
https://i.liadm.com/s/56290?bidder_id=199768&bidder_uuid=7db4e1ff-29b3-4658-93ec-a54ac0e6cd48 HTTP 303
https://thrtle.com/sync?vxii_pid=5028&vxii_pdid=8fa0be99-2128-4576-ba8e-19bd665ac5d9&_t=1705795457

Request Chain 1252

https://um.simpli.fi/lj_match?r=66265 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 1286

https://zona-bermain.com/generate-bbfs HTTP 301
https://zona-bermain.com/generate-bbfs/

Request Chain 1296

https://um.simpli.fi/lj_match?r=29943 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 1297

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c HTTP 302
https://sync-tm.everesttech.net/upi/pid/EhuOE4dM?redir=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5032%26vxii_pdid%3D%24%7BTM_USER_ID%7D%26vxii_ts%3D30%26_reach%3D1 HTTP 302
https://thrtle.com/sync?vxii_pid=5032&vxii_pdid=ZaxfdAAQBIdxCQBH&vxii_ts=30&_reach=1

Request Chain 1306

https://um.simpli.fi/lj_match?r=87105 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 1312

https://um.simpli.fi/lj_match?r=60636 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 1344

https://um.simpli.fi/lj_match?r=47128 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 1381

https://zona-bermain.com/generator-line-angka HTTP 301
https://zona-bermain.com/generator-line-angka/

Request Chain 1385

https://um.simpli.fi/lj_match?r=33750 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 1446

https://um.simpli.fi/lj_match?r=92611 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 1454

https://zona-bermain.com/kalender-togel HTTP 301
https://zona-bermain.com/kalender-togel/

Request Chain 1470

https://um.simpli.fi/lj_match?r=38145 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 1519

https://zona-bermain.com/paito-warna-taiwan HTTP 301
https://zona-bermain.com/paito-warna-taiwan/

Request Chain 1524

https://um.simpli.fi/lj_match?r=89416 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 1549

https://um.simpli.fi/lj_match?r=46290 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 1579

https://um.simpli.fi/lj_match?r=40868 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 1600

https://zona-bermain.com/paito-warna-japan HTTP 301
https://zona-bermain.com/paito-warna-japan/

Request Chain 1615

https://um.simpli.fi/lj_match?r=82778 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 1642

https://um.simpli.fi/lj_match?r=55239 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 1678

https://zona-bermain.com/rekap-angka-ct HTTP 301
https://zona-bermain.com/rekap-angka-ct/

Request Chain 1690

https://um.simpli.fi/lj_match?r=92049 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 1741

https://um.simpli.fi/lj_match?r=61016 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

Request Chain 1758

https://zona-bermain.com/live-sydney HTTP 301
https://zona-bermain.com/live-sydney/

1765 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sky.pasukanantidepo.shop/ 49 KB
12 KB 1268ms
1157ms Document
text/html 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 6fb9b8cebbbfef320e8e27c8fb3e2d2020196dd03d626f45c28209c76fab311a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 848b4bf8ccb3747a-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:03:55 GMT
link: <https://sky.pasukanantidepo.shop/wp-json/>; rel="https://api.w.org/" <https://sky.pasukanantidepo.shop/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json" <https://sky.pasukanantidepo.shop/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHAuMA4xM55LNfzmcID705vU7IHC4%2BHRjVn27S1SL6O7vADz8yQk75cEHl23HnC06iukj22xtkXjRvavvmqj%2Bv9rfUIb9Qw0X3BewR4cyA%2F5g5xo5Nji8U7hqISAavyo9DCD9W2T2XqAch%2BfQUMvTx4fOJrVQRI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 style.min.css
sky.pasukanantidepo.shop/wp-includes/css/dist/block-library/ 107 KB
15 KB 890ms
887ms Stylesheet
text/css 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 21:06:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xw7lUj8qvGTORhnlRean%2BSiQvT4XCD49R8T4gUFkOuIt5CppIcagasWv%2BHdmuPxVBQmUEfkA2FX4f%2B7aCjfTIkJ9mX5WuH2iSrTCjJJrsEVtWr5qGd3zQSRpzKgKjqWdk3lVErubti8fw6KBx649W9jVMd%2BJPU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c001937747a-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 00:03:55 GMT

GET
H2 200 sidebar-login.css
sky.pasukanantidepo.shop/wp-content/plugins/sidebar-login/build/ 2 KB
697 B 611ms
609ms Stylesheet
text/css 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1688220023
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 01 Jul 2023 14:00:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0MAeqYgPZ9wEc8%2FydZYG7glURJWsHEgf6RASEtw2UEJjQRM45LT8q%2BRQAKyLtPP4Kt9%2BsCKe%2FQRDDCq1ZCCXI7U6gNoF0hSRup2BULH0B4tvKCCpP20X7ewp7U5T%2FHoEkaB04XJMT%2BvSuLM5Vzy8rhwM%2BrESXu4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c001939747a-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 00:03:55 GMT

GET
H2 200 style.css
sky.pasukanantidepo.shop/wp-content/themes/asteroid/ 28 KB
8 KB 613ms
612ms Stylesheet
text/css 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-content/themes/asteroid/style.css?ver=1.2.9
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2023 09:04:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2BDymQpC87YHLxZxBf7J4bjUKbVBl28mUhUkvYhNr1AWAKQvm3B55H4jw2VxW3YNJXuW5o8MAUIusomXfIArdGXkvW2%2Fv%2FyjXhY4mSLVAUMljD71%2FcxXh4PWh3dgMQD22kdUaZLOOmckCASu2Y9KItYbUwBqaSQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c00193b747a-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 00:03:55 GMT

GET
H2 200 jquery.min.js Show response
sky.pasukanantidepo.shop/wp-includes/js/jquery/ 86 KB
31 KB 885ms
884ms Script
application/javascript 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 21:06:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BziZcaXoDHYMe4CuOCzzoeA8S1iU11U1SnBwdQjGjZ8iup76UQSIbEB5A7lpUZWWtNMU7NCJuOvNrg3kQ4DGNCBRs88YYEmod3E4IOmhc%2BvErJygPZK2XmdU9QjeMU0n6EoRVLCb4w6uCl4Tky1ABFnqLXipd1M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c00193d747a-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 00:03:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
sky.pasukanantidepo.shop/wp-includes/js/jquery/ 13 KB
5 KB 607ms
607ms Script
application/javascript 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 08 Aug 2023 21:06:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8z7a%2Fw4IoYC%2FESWK1jKT4D0nDoSrjvASa%2FQTcRPTIGgjM7QdttzTGQ940yi3ig1WBzLAwlaGtXX6EqAFxRDYZR%2B3ciQvShWExf4p9BP58U8yXvuI9ctzSaYBvviPT7m3W8vNd%2F1%2BVZJDFotc9qtPnnPbQBSzKw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c001940747a-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 00:03:55 GMT

GET
H2

200

/
bolo.treksantuy.xyz/
Redirect Chain

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg
https://bolo.treksantuy.xyz/

0
0

1092ms
1058ms

Image
text/html

2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bolo.treksantuy.xyz/
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date: Sun, 21 Jan 2024 00:03:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3O6zMvrK%2BfSKBmydqWTi3Vk80MHKXkCcxX6Gqvxj8siIAbZYzuc7QNCgCastPvzS8C%2F01ad8tcbYbR19Lao1a9KttBo2D7iMhXKFbtnSyugWcuNnrsFCQ2Fvk5y6bwkARUTngzmVYoixODvCVViCsw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://bolo.treksantuy.xyz
cache-control: max-age=3600
cf-ray: 848b4c00ff531283-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 21 Jan 2024 01:03:55 GMT

GET
H2 200 hknalo-729x90-1.gif
antoboomerblog.files.wordpress.com/2023/10/ 105 KB
106 KB 125ms
33ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/hknalo-729x90-1.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

daf9a29faaa9b5a3a465f3f5048a5c4a2737ca8a1af1c4e746fddbc8f9910968

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Oct 2023 12:50:00 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 107905
expires: Sat, 17 Feb 2024 16:16:44 GMT

GET
H2 200 new-bandarnalo.gif
antoboomerblog.files.wordpress.com/2023/10/ 100 KB
101 KB 34ms
33ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/new-bandarnalo.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fffe2bbb1e6c64b3540176029b620af1fcbbc30861c94299b895760b80cd7357

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Oct 2023 12:37:19 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 102622
expires: Mon, 05 Feb 2024 20:52:18 GMT

GET
H2 200 paitowarna.gif
antoboomerblog.files.wordpress.com/2023/10/ 156 KB
156 KB 34ms
34ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/paitowarna.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8a68e4e1e0faf5cec1082b25b95f4d820985fda95177b826e7c16a70f5afae19

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Oct 2023 12:35:44 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 159643
expires: Sun, 21 Jan 2024 06:39:22 GMT

GET
H3 200 729x90-animated-1.gif
antoboomerblog.files.wordpress.com/2023/10/ 327 KB
327 KB 35ms
34ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/729x90-animated-1.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2e3778a72114f13a5b18b9d25df758bfbf0d55bf442ba5c9007b96593d959b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 22 Oct 2023 12:16:32 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 335048
expires: Sat, 17 Feb 2024 06:28:12 GMT

GET
H3 200 729x90_agennalo.gif
antoboomerblog.files.wordpress.com/2023/10/ 327 KB
327 KB 35ms
34ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/729x90_agennalo.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f017d1630a163790465f348b29d4721facb1d4353e695dd730b869e28e4bcd3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Oct 2023 19:28:06 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 334612
expires: Sun, 18 Feb 2024 07:31:59 GMT

GET
H3 200 unnamed-10.gif
antoboomerblog.files.wordpress.com/2023/11/ 270 KB
270 KB 35ms
35ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-10.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9c5106cfc1835d6213c497eb31fd0b3f034a3630a33fd51ed1f020f370034b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:31:01 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 276544
expires: Sat, 03 Feb 2024 11:11:36 GMT

GET
H3 200 unnamed-11.gif
antoboomerblog.files.wordpress.com/2023/11/ 247 KB
247 KB 94ms
94ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-11.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f564100347e9b3cc6448108ae2837d97eb49d3009154452879c4a146dd482183

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:32:41 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 252743
expires: Sun, 11 Feb 2024 14:05:02 GMT

GET
H3 200 unnamed-12.gif
antoboomerblog.files.wordpress.com/2023/11/ 282 KB
283 KB 115ms
115ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-12.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

79980af9382b2ed28478d04a6b7e7119b4a3b4cf055978bf0bcf7fbe74a3136f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:33:50 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 289127
expires: Fri, 16 Feb 2024 22:13:10 GMT

GET
H3 200 unnamed-13.gif
antoboomerblog.files.wordpress.com/2023/11/ 514 KB
514 KB 131ms
130ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-13.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dc887f124f649e95762713f34c6e7d8ef383571f6a354d916964732b1950664a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:34:55 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 526000
expires: Sun, 11 Feb 2024 01:50:47 GMT

GET
H3 200 unnamed-14.gif
antoboomerblog.files.wordpress.com/2023/11/ 291 KB
291 KB 142ms
141ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-14.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

efb8d3fc8b90b38cbc75cb3f22e313a370f0eada11e7eba19e8047c6f60943dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:35:54 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 297540
expires: Tue, 06 Feb 2024 19:30:34 GMT

GET
H3 200 unnamed-9.gif
antoboomerblog.files.wordpress.com/2023/11/ 194 KB
194 KB 151ms
151ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-9.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

42e792c4264f30663f715f0019025df6c67066e834c8c36298e9a96fdc8cd038

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:27:00 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 198395
expires: Mon, 12 Feb 2024 22:33:45 GMT

GET
H3 200 unnamed-15.gif
antoboomerblog.files.wordpress.com/2023/11/ 388 KB
388 KB 169ms
168ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-15.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4111d0de448c0dbbb0dc170a0e580da1029ac1fe68de77d330b41ba1cbc4d0c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:37:53 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 396918
expires: Tue, 06 Feb 2024 18:52:34 GMT

GET
H3 200 unnamed-16.gif
antoboomerblog.files.wordpress.com/2023/11/ 326 KB
326 KB 175ms
175ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-16.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a6a3283156db24254aec7fe7b93f88ef8193a0b61d31056cb5bb210617dcd626

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:39:46 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 333383
expires: Sat, 03 Feb 2024 01:45:14 GMT

GET
H3 200 unnamed-17.gif
antoboomerblog.files.wordpress.com/2023/11/ 312 KB
312 KB 183ms
182ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-17.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2689ac2a7453661922762dcd23b84bda4ef74a05c9c3740f817f411af2f6084c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:41:12 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 319266
expires: Wed, 07 Feb 2024 01:41:58 GMT

GET
H3 200 unnamed-18.gif
antoboomerblog.files.wordpress.com/2023/11/ 188 KB
188 KB 184ms
183ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-18.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7380c39ec1fbcf6ff16ff145bd0ed5033c2b84b41270dae4b05a327a19ba9e66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:42:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 192555
expires: Wed, 24 Jan 2024 21:46:19 GMT

GET
H3 200 unnamed-19.gif
antoboomerblog.files.wordpress.com/2023/11/ 280 KB
281 KB 198ms
198ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-19.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

da6d3195e96bfbfe1cecd660de92fe05a71437900b1dff539a9d6f5e45c28277

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:43:23 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 286968
expires: Sat, 03 Feb 2024 06:43:58 GMT

GET
H3 200 unnamed-20.gif
antoboomerblog.files.wordpress.com/2023/11/ 351 KB
352 KB 211ms
210ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-20.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0f1e4f7008ccffa6948dbcc9eb98f7356a0f3e7bbf0d87a77289820eaa8027e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:44:24 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 359746
expires: Wed, 14 Feb 2024 04:16:09 GMT

GET
H3 200 unnamed-21.gif
antoboomerblog.files.wordpress.com/2023/11/ 265 KB
265 KB 224ms
218ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-21.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f7bc1b794480ca073b0a3ff2bdfdd6d5171458d2828ea18e4b80edb151f2289d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:45:42 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 271048
expires: Wed, 21 Feb 2024 00:38:41 GMT

GET
BLOB 200
OK 1f0f2524-8b1e-4d50-bef0-663e94cfde7d
https://sky.pasukanantidepo.shop/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://sky.pasukanantidepo.shop/1f0f2524-8b1e-4d50-bef0-663e94cfde7d
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 pasukan-anti-depo.png
sky.pasukanantidepo.shop/wp-content/uploads/2023/06/ 736 KB
737 KB 1160ms
1158ms Image
image/png 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sky.pasukanantidepo.shop/wp-content/uploads/2023/06/pasukan-anti-depo.png
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95cf5e4b3f56fa2d8aae7f6196f6cadb653b68b19520048c75a91ad12d6203df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:57 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2023 11:48:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7icvXSskx%2BH53r7vNfyV23nHJ8MVEevx%2FpcjjVBb7DEM%2FSC41hgmeEN3S%2FMqT02yOTqNqpimy3oCe6rV5FxRthxc6wjYT23F4Xedc7Avrj6fMYPi1ZR%2FoTjUNcs6SMGloB0PtkcwVMqAGvhhZvlVavyxou3KRgc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 848b4c05ec1b5c5f-MIA
alt-svc: h3=":443"; ma=86400
content-length: 754054
expires: Sun, 28 Jan 2024 00:03:56 GMT

GET
H/1.1 200
OK 4660281.gif
s4is.histats.com/stats/i/ 1 KB
1 KB 247ms
71ms Image
image/png 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4660281.gif?4660281&103
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: d9a92ee857d641345fcf38d17aca905cc0fc9355d9d13d76ff60e999acee449e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:56 GMT
Connection: close
ETag: -1561304774
Content-Length: 1354
Content-Type: image/png

GET
H3 200 wlatogel88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ 2 MB
2 MB 250ms
249ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/wlatogel88-728x90-1.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

574c654adc51059882c66279ee0d42eb585735d5a2bc8cb010f1e91eb04e483f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:30 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1592720
expires: Tue, 27 Feb 2024 02:39:36 GMT

GET
H3 200 kaisartoto88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ 1 MB
1 MB 221ms
220ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/kaisartoto88-728x90-1.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

217bcf44778fff8fe41a593c79e0c86edd524460f7618f12e132566d17fd5b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:51 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1415984
expires: Thu, 15 Feb 2024 03:37:55 GMT

GET
H3 200 indolottery88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ 1 MB
1 MB 220ms
218ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/indolottery88-728x90-1.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a67688ddcf966aaf218b1f154d3830ad065e23ef063d71b4f96436ab9a717a9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:41 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1417070
expires: Tue, 27 Feb 2024 00:44:14 GMT

GET
H3 200 dunialottery88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ 997 KB
998 KB 222ms
221ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/dunialottery88-728x90-1.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fa7337e4bc30dd3db3861c272a32f98911b0bbf1a60557e0f124ba2713f35fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:57 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1021153
expires: Fri, 23 Feb 2024 22:10:23 GMT

GET
H3 200 840x120-jabrix.gif
antoboomerblog.files.wordpress.com/2023/11/ 5 MB
5 MB 238ms
237ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/840x120-jabrix.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2ef8819c623f045339c8a2ffe8b442801765e1245b634c5bc8246b4fbd67a395

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:56 GMT
x-content-type-options: nosniff
last-modified: Fri, 24 Nov 2023 17:22:29 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4858923
expires: Sun, 11 Feb 2024 09:12:08 GMT

GET
H2 200 close.gif
4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/ 2 KB
3 KB 254ms
86ms Image
image/gif 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/close.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

82a61040198394ed6f9e59a3b5131bca0af02f194a690b977ea9b244d9897f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:56 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="close.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
server: fife
etag: "v744"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 00:03:56 GMT

GET
H3 200 indoboss6d728x90.gif
antoboomerblog.files.wordpress.com/2024/01/ 2 MB
2 MB 253ms
252ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/indoboss6d728x90.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

776bf55e5c196430c0d9bb394fdc8a37ea7a55b6e3044ae8c0815d4a3bcc542f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:38:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2431527
expires: Fri, 09 Feb 2024 02:21:29 GMT

GET
H3 200 microtogel88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ 2 MB
2 MB 263ms
262ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/microtogel88-728x90-1.gif

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3e6701810a770c2cdb7710c43056f6c2422cf8c30653dd1ab209bcff5a4548e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:38:06 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2505021
expires: Mon, 12 Feb 2024 04:46:55 GMT

GET
H3 200 email-decode.min.js Show response
sky.pasukanantidepo.shop/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 38ms
37ms Script
application/javascript 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.pasukanantidepo.shop/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Jan 2024 17:29:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65983c8b-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LVcL9DaPyM7edSq5XzHC101RH3UdVgPYUwKWnP09O7fqNpziw3wyVEzzLaEmk2b7uHSPj5VWdU309eUb4bUMy7n0sE8ftfuHzToRmMZijg0eZ9d6b5ebzXW5H9PA1w%2BwbZZ%2FuJHkVODVnV4PLR96pQxpWj3XH8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 848b4c03e8675c5f-MIA
expires: Tue, 23 Jan 2024 00:03:56 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
sky.pasukanantidepo.shop/wp-includes/js/dist/vendor/ 8 KB
3 KB 45ms
45ms Script
application/javascript 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 23:16:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 27128
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lojh0Jz7gZqNtWdlgHkOXDZlC%2Br0lwoQp7E54IgUsEajdiuOb08A%2FEIG%2Bo3EOASDvsnwWeSrsCk%2B4HPPEorV%2FzqIlPbkoj05dT7VLUtlGowW5CilOy7E0SoxRmYiL%2BD0G%2F87JHfEhRY0o2GBk22V8%2FKmW0BRorI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c0428df5c5f-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jan 2024 16:31:47 GMT

GET
H3 200 regenerator-runtime.min.js Show response
sky.pasukanantidepo.shop/wp-includes/js/dist/vendor/ 6 KB
3 KB 45ms
45ms Script
application/javascript 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:06:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 27128
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1vlY5Z%2FZ3MS5jEsiZEtY1V6An1S8eBx6BC%2F3p8ewLvmz4LV1D3Tx87F1yFmaawUtGc3SUI7txrMMMx%2BzgwTjR9wtaYXdTuBdyPrd%2BEX4Zs5EjLkSo1XxP9MAnG06OgvN%2F%2BuUh3CacpqBnsKKjcFzdzIbM%2B7fz8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c0469a85c5f-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jan 2024 16:31:47 GMT

GET
H3 200 wp-polyfill.min.js Show response
sky.pasukanantidepo.shop/wp-includes/js/dist/vendor/ 112 KB
36 KB 47ms
46ms Script
application/javascript 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:06:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 27126
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49ViRP1NvCbrJml%2FLWUK4YdXniiGx3qdtt6QpGok%2FbGZvvl8OT9R3t%2F0dP4aHMbQGsdPJ28pjlQZf311m%2FPzkiJWXmx3qSWT4qchoIe3m2pKzsrfhZQALrvlvDWQgGgj%2B5Uj6iZYH6lVdGxlk%2B57q1z29imBe%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c04ba295c5f-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jan 2024 16:31:49 GMT

GET
H3 200 frontend.js Show response
sky.pasukanantidepo.shop/wp-content/plugins/sidebar-login/build/ 4 KB
2 KB 43ms
43ms Script
application/javascript 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 01 Jul 2023 14:00:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 27127
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ek8M38H2U4Ai4X4YKlQs9d6%2FSE%2FZdXLSm5cyjilfjofIZJmW3BaZ8uft6pjoBnIrc6AfPINldGxr8TA6h4Ysk2T3x5EcDrkvMMrNqCDLhosbWBwDgDMXSPELdLVftF1g68XQPpqQvpZbj3qh3Ek71%2BTpMKV7r2s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c058b735c5f-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jan 2024 16:31:48 GMT

GET
H2

200

/ Show response
bolo.treksantuy.xyz/ Frame DEC6
Redirect Chain

https://treksantuy.tech/
https://bolo.treksantuy.xyz/

61 KB
15 KB

1109ms
1108ms

Document
text/html

2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 5e38f16daac0a0e91bc5a45172eb85bb00d213e02f69507218cb370ccd109c05

Request headers

Referer: https://sky.pasukanantidepo.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 848b4c076d331283-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:03:57 GMT
link: <https://bolo.treksantuy.xyz/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tk4HS53ZzvAXD9mBy0notdI6yomdjBzW86oCNr8F8gG8xRudx3v%2FIr0M1YD2b10zmjEb7DK7DTCG2G7ksjXncCaz%2FYLLiUYWasnh0FoonAJ7tnnRywFD83jG9sbj93rMmh0AFqWNZ%2BPlB0m3bqNPFkJI"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 848b4c071e926dd4-MIA
date: Sun, 21 Jan 2024 00:03:56 GMT
expires: Sun, 21 Jan 2024 01:03:56 GMT
location: https://bolo.treksantuy.xyz
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2F87md2jwCt%2Fc7v%2B0WJnJZ%2FAMAIDmxSYdozlRb%2FPU29T8Bodbxls%2BUkEVb%2FRoCHpEkapsxF4u%2FdIFcdljAZ6eXS883ll4I1X2hX4cERFZqwVUORptxJE%2BY%2Bb%2B9WhEWpClPMwJ2HiEwlnFZWIY%2B4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

result.php Show response
wget.angkapaito.net/ Frame 81C7
Redirect Chain

https://widget.angkapaito.net/result.php
https://wget.angkapaito.net/result.php

5 KB
818 B

158ms
131ms

Document
text/html

2606:4700:3037::ac43:b044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wget.angkapaito.net/result.php
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4ba7b41090aabbe09b55d93951cc7f37e685bf5d27fd3283e73d3e8fcf5bab3

Request headers

Referer: https://sky.pasukanantidepo.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 848b4c094cbc09b2-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zm2OU5E0j061IqNSDwIiLjkhVpo0MVSUdb0ZjDJjc2dH4hSgi%2FGwfveEBnb3F53wC3EfVc73sgIdzp1ntpZWpeCcCg95RbyGxM0eYVOiArF3cfG2JVoUURQF24JiWOYEGFCAoZC6nxmpgIXlxMbAehrX"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 848b4c0768b109b2-MIA
content-type: text/html
date: Sun, 21 Jan 2024 00:03:56 GMT
location: https://wget.angkapaito.net/result.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pI2JvnP%2Bl7JhJHwa3fX3ZDxBlorjGICW%2BckV5NndGdqvAURxYKgEEDfC1TiWw5piP5FX%2FG1g9II7AXFjqjCsDdO%2F%2BvGemGbnmCoE2x%2BtdQIuMJlhw48GDJ0sgn5VbElYYmKjVYvMYyr%2Bkb0OtOHXIKMsS4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 165ms
52ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39471
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c06ade2d9d5-MIA
content-length: 4547

GET
DATA 200
OK truncated
/ 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
king.laskar2d.xyz/ Frame CDDB 47 KB
11 KB 1277ms
1136ms Document
text/html 2606:4700:3033::6815:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:51c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: c85a6709dc39f549e4a522f61e2029a73c42a13c8f7aad181e2a60f57f9574e0

Request headers

Referer: https://sky.pasukanantidepo.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 848b4c0759bdda73-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:03:57 GMT
link: <https://king.laskar2d.xyz/wp-json/>; rel="https://api.w.org/" <https://king.laskar2d.xyz/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json" <https://king.laskar2d.xyz/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJVIe6BEiC7mLDYxNTC9pg753cFzQludRnyfl0OnCSHgPQEt4asto6jWDLFDZQcwQ3n0dwNbyXfSo9XtyPgK3uslDGZiGWVYg3jjbUrFrOBI7H60dUBIHS3iOoJP%2FhatY1PtZw4lMRahoPm7P5Vrkg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H3 200 wp-emoji-release.min.js Show response
sky.pasukanantidepo.shop/wp-includes/js/ 18 KB
5 KB 616ms
601ms Script
application/javascript 2606:4700:3034::ac43:9ed3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sky.pasukanantidepo.shop/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Feb 2023 12:53:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Npc8QCMsh6cx4YrhBFIqsjIRr7ftW5d2jrtEUObDyis5xJHYrRdvCWmxrkAavXjHJcXVfGS25ntoE9rIE2JNa3KaGDXfbhOKb5t61YRmVwtRpD4Vstr2i7fuxJ3zyBnfFycPu%2FzQeVIfemrsybsBUwRb18HPbtE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c069d475c5f-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 00:03:56 GMT

GET
H/1.1 200
OK 4660281.php Show response
s4.histats.com/stats/ 434 B
569 B 414ms
71ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4660281.php?4660281&@f16&@g1&@h1&@i1&@j1705795436621&@k0&@l1&@mPASUKAN%20ANTI%20DEPO%20%E2%80%93%20PREDIKSI%20ANGKA%20JITU%20WLA%20HARI%20INI&@n0&@o1000&@q0&@r0&@s3026&@ten-US&@u1600&@b1:-186873144&@b3:1705795437&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fsky.pasukanantidepo.shop%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 219ea13c5b799ae4cc99cb6f7a00f855e51094dd5e1fb2c4b77510406d74e052

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:57 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H2 200 cc_3026.js Show response
s10.histats.com/counters/ 18 KB
8 KB 59ms
54ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3026.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8084ba0a6b770ebad7c2008062cce2addda48238bae32f6b720766072ed2937b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:57 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 79486
etag: "-935802188"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c09cac3d9d5-MIA
content-length: 7812

GET
H2 200 / Show response
e.dtscout.com/e/ 7 KB
4 KB 353ms
254ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&j=
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4660281.php?4660281&@f16&@g1&@h1&@i1&@j1705795436621&@k0&@l1&@mPASUKAN%20ANTI%20DEPO%20%E2%80%93%20PREDIKSI%20ANGKA%20JITU%20WLA%20HARI%20INI&@n0&@o1000&@q0&@r0&@s3026&@ten-US&@u1600&@b1:-186873144&@b3:1705795437&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fsky.pasukanantidepo.shop%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aa778d80dc657014fdfefa5ee91700d7661df2064836430d14bc13345108b21

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:57 GMT
x-t: 0.264
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVPNxP%2BeG2Oy81LtTPPwbF%2F7SwVMh637NUIFZOcoRp5hITKCKefNNhyv0%2FN4sYCm%2Fc2LK%2FRhPfbf3nQv1KfDNfG8Fw5wIutjoEaAhMrqNlYxixMe4ChgaNK7xCC5iFBQYdn03luDSlugrqo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c0a4ce16dc2-MIA
expires: Sun, 21 Jan 2024 00:03:56 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 943c6368a5480cf4d817121a274cfee0d86b65414ac092b208bd2f256bfac2d5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
t.dtscout.com/idg/ Frame CA20 1 KB
752 B 264ms
262ms Document
text/html 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=51A01705795437671B15BDFA0C3AC9B3
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 681841eebf9baa61026283e6217a4a9e09aa99c0758a9751d06c7321d95181ba

Request headers

Referer: https://sky.pasukanantidepo.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 848b4c0cd8256dc2-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:03:57 GMT
expires: Sun, 21 Jan 2024 00:03:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GFTcDqJ55wSXuUoQAQ8fNiCUm3glDao5HghUH1I4je9kX6udwmpVdqQrwyYtQE3GwBylHCsDaZhsu8LKGm1zK8XytIqzxxGe5f7TIA2YW2lm4SbOqZHu222wnyVtbqtATe7VBq65%2BownTCE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 33 KB
11 KB 243ms
67ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38438
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: T0KD1H9kCRgSSQE4eefiqoCcqZpB5sv-_e_gEMG668_PPrCvxNfRag==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ 2 KB
3 KB 298ms
70ms Script
application/javascript 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&j=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

c4425bf79d38f326138bacaa3c55d3b01eb90cd641e3e0f56f88ac721b3902b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:57 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 afwu.js Show response
cdn.tynt.com/ 19 KB
6 KB 201ms
50ms Script
application/javascript 172.64.153.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/afwu.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.153.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:57 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 15:09:06 GMT
server: cloudflare
age: 213876
etag: W/"651ed192-4c00"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 848b4c0cf8c567ba-MIA
expires: Wed, 24 Jan 2024 00:03:57 GMT

GET
H2 200 / Show response
t.dtscout.com/pv/ 51 B
346 B 262ms
256ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=sky.pasukanantidepo.shop&_ss=32bhiyo63x&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=23u7&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd79ae07d75cd51ad13e70f96b2c69d2b6c3b5e9fcb91296b9dd7b6694fabaf3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:57 GMT
x-t: 0.376
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fb9%2FD8et5G4JwL57B1tf24MT7qIIjPb%2BfH6n3IB%2BJ5pqJ6n6Z8d8DHnE14Ukt7fpILKCqwJEp8Dt49%2BOM3P9sTwjbBVLo21VNtmiz9mjNxDgGYwobNyEQf2WvKraa%2BdbqLd5cuLyP%2FPjb2c%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c0c1f476dc2-MIA
expires: Sun, 21 Jan 2024 00:03:56 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 50 B
459 B 264ms
108ms Fetch
application/json 18.173.132.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-31.jfk52.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:57 GMT
via: 1.1 e811c1e9e6ed756b98bfcf15c74f6bea.cloudfront.net (CloudFront), 1.1 e70925a92da0404e239c3620389c3dd0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C1, JFK52-P2
x-amzn-requestid: 158d9924-84dd-4da4-8b58-d9198d853a41
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: R3PZNFvFCYcEkuA=
content-length: 50
x-amz-cf-id: gKZm9PMwzQqOawhEI4AxbkMZBLxeKoOlMzrKhQCF5MExS5MrXXZAAg==

GET
H2 200 p
ic.tynt.com/b/ 35 B
648 B 222ms
66ms Image
image/gif 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1705795437688&dn=AFWU&iso=0&pu=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&t=PASUKAN%20ANTI%20DEPO%20%E2%80%93%20PREDIKSI%20ANGKA%20JITU%20WLA%20HARI%20INI&chmob=0
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:57 GMT
last-modified: Fri, 16 Apr 2010 15:38:20 GMT
server: nginx/1.16.1
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
etag: "4bc8846c-23"
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges: bytes
content-length: 35
expires: "Sat, 26 Jul 1997 05:00:00 GMT"

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ 2 KB
2 KB 326ms
69ms Script
application/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.8959670569364908&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

58627f33bcb7b5ed28675fa89d0a45aa0107bfcbec0b17bd3ffb5ac99b763943

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Sun, 21 Jan 2024 01:03:58 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ 42 B
265 B 69ms
67ms Image
image/gif 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&event_source=dtscout&rnd=0.8959670569364908&exptid=ZGgABWWsX20AAAAIA2FBAw%3D%3D&fcmp=false

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:57 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 style.min.css
bolo.treksantuy.xyz/wp-includes/css/dist/block-library/ Frame DEC6 107 KB
15 KB 94ms
74ms Stylesheet
text/css 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 23:50:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 79576
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cw71mab%2F3gTof%2BjRQjfECzzpnpFYNTogOdrUTvxjuLedjBTbwZ4gvodMelL677g%2FBEOLWF1G55yQu7el2iEIA1AmmfymsjHG8VNJn3qxRDdFPY9nEvPvKGt66Mc7L%2ByjTiGIwlrC3%2BpzL2Gjt6HXjc8s"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c0e9dd81283-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jan 2024 01:57:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DEC6 9 KB
1 KB 260ms
82ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0b62978ffcb55c15d6d590f4d97462705e353def14ff9d92477be24758eb502

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jan 2024 00:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 00:03:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Jan 2024 00:03:58 GMT

GET
H2 200 genericons.css
bolo.treksantuy.xyz/wp-content/themes/frontier/includes/genericons/ Frame DEC6 28 KB
16 KB 84ms
70ms Stylesheet
text/css 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-content/themes/frontier/includes/genericons/genericons.css?ver=1.3.3
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 13 Jul 2023 07:26:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 230594
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejYS%2BDGwyqlUSJ6XYqUHXl4iUe%2BAqMvZ5lVLJL17Z%2BRRS%2Fys08FK5HKqUmszbbnn15Uhs8qrX6g3FWRkZOfN%2BrdObJWv6vYqOAa6fF0qIxg%2Bxwd5EYfAmcOCeHTei%2FbHCHUAyYc3t49HO%2BIONyXdTZUe"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c0e9ddc1283-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jan 2024 08:00:42 GMT

GET
H2 200 style.css
bolo.treksantuy.xyz/wp-content/themes/frontier/ Frame DEC6 22 KB
6 KB 85ms
72ms Stylesheet
text/css 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-content/themes/frontier/style.css?ver=1.3.3
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7261ac909063abccd2f148d068599ffff4a1b14efaef9d4d6811346195f5fe9c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 17 Dec 2023 14:16:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 79576
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jv2fZuUGMSxiQ0StyeLet41XYkxZB%2FF4jg80ut%2F7WHpeRmku01bi5vr6byOjat6Jahe3v0SUdfGnBBC9LCqEL4xDBAC3ZvgBuqLbCGTRF3D%2F%2F8T9YsnOzL%2FgXIgd7ytUBu2TynM2AR4sAs5jfPzc%2BIAe"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c0e9ddf1283-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jan 2024 01:57:40 GMT

GET
H2 200 jquery.min.js Show response
bolo.treksantuy.xyz/wp-includes/js/jquery/ Frame DEC6 86 KB
31 KB 89ms
76ms Script
application/javascript 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 23:50:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 230594
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZIlzvS1RtwtjlJf5o4m%2FBQBuc7bbc4eZHrHeCRmhgL0wVdpAoE5s5WdeCWFHl23c1lz%2F6Dvp9vO3b9eJDqwzmWcBbb7ro1%2BUgUFuwvyq23W9rnjQXhwrI5ysjNGIkHwoE5jAtmU8HmS1p0pGpmUH9Rg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c0e9de21283-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jan 2024 08:00:42 GMT

GET
H2 200 jquery-migrate.min.js Show response
bolo.treksantuy.xyz/wp-includes/js/jquery/ Frame DEC6 13 KB
5 KB 115ms
103ms Script
application/javascript 2606:4700:3031::ac43:b058
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b058 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 10:08:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 79576
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmIUhdEZ2vbCBlPw14GAgTiGaPKXH%2FY%2B3aHfYZ%2F5W5TWgl%2Fu4LOqjUtnKbwcD%2Bicq0pc0uaDrD8YSgkma30BM1dZRD2edS8AZNr6UT9cVdAswID10aumbRBfX7nTbpUjlQlH8oXFHeIn8lO8vHWIYPj7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c0e9de41283-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jan 2024 01:57:40 GMT

GET
H2 200 style.min.css
king.laskar2d.xyz/wp-includes/css/dist/block-library/ Frame CDDB 107 KB
15 KB 71ms
46ms Stylesheet
text/css 2606:4700:3033::6815:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:51c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:21:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 73060
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BA2KSTqZwOTK8YP9iFp3ZRhJCDA6Y4%2F55IM%2B77xi6%2BBO8yys0%2FpSMhOceOEG%2BcVQxYVGICP2XWlAgQfj%2BK69YEpy%2FkpylcpgnSImTSM6NAQbAt40FYapB%2BVaUqDIlp7kORoys8aWSFlJLDCpuwtNkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c0f081cda73-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jan 2024 03:46:16 GMT

GET
H2 200 sidebar-login.css
king.laskar2d.xyz/wp-content/plugins/sidebar-login/build/ Frame CDDB 2 KB
743 B 62ms
39ms Stylesheet
text/css 2606:4700:3033::6815:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1688220023
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:51c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 01 Jul 2023 14:00:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 159735
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EX6XwIdLGBKBXm%2BNZ9aO8G%2BNtltA4tcJSqY1EvdodDLATGGemXOSCVEeRQmWk8RYfk7wdZaUV9Sr%2B%2FIZAtMzqE8ztGEQqlmbKHrPbQ%2FOvVj6z7QNsKpYJ%2BE4QQWP4IKtS5K7xz3WaOpImkVpdEeqKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c0f081fda73-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 26 Jan 2024 03:41:41 GMT

GET
H2 200 style.css
king.laskar2d.xyz/wp-content/themes/asteroid/ Frame CDDB 28 KB
8 KB 61ms
41ms Stylesheet
text/css 2606:4700:3033::6815:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-content/themes/asteroid/style.css?ver=1.2.9
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:51c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 26 Aug 2023 13:42:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 159735
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5MOjBdvBlzCbqTI4hubaEZOmxl638kR3j2T%2FNl%2FAhuQoDttnHNZczoXFWat76OHxM3TA8ojL0g4AM3ktPhYuWjOtrBLgt2p0br39PzQrPKs6hTWFA755w1bJED6tKpTdOI8eytu%2F5ah8M0%2FsIhhNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c0f0821da73-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 26 Jan 2024 03:41:41 GMT

GET
H2 200 jquery.min.js Show response
king.laskar2d.xyz/wp-includes/js/jquery/ Frame CDDB 86 KB
31 KB 64ms
45ms Script
application/javascript 2606:4700:3033::6815:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:51c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:21:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 73060
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fx0BzAJLbRAMLhcNwnfL2REo6piSqRb1KEbQpL6kQLom2ynBEk5lI509%2BZHm0ZMcDcr2CP412p8SI8rrxA3YNL%2BX3xemjP6LnOVUETN0ec2HxbbOhhX7GV9IBMFZD8viO%2BzfhvUuJ5feMMqqhJ8Qcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c0f0822da73-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jan 2024 03:46:16 GMT

GET
H2 200 jquery-migrate.min.js Show response
king.laskar2d.xyz/wp-includes/js/jquery/ Frame CDDB 13 KB
5 KB 58ms
42ms Script
application/javascript 2606:4700:3033::6815:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:51c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Aug 2023 21:06:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 159735
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lqWvzhzHM0YEHFNVv%2FTEJBw0SUNBCJUSFjx87074ZaNzfsceglVfn%2FqstVCGTwWKSFTRKM2Kb4OC7EbFmAVi1HMM6STDOSTb5Itm0rMvn6wtUnvrAREXQpNVs4%2F48oKwdvlqSpmT6AzSkFDsKec6Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c0f0824da73-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 26 Jan 2024 03:41:41 GMT

GET
H3 200 840x120-jabrix.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 5 MB
5 MB 63ms
58ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/840x120-jabrix.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2ef8819c623f045339c8a2ffe8b442801765e1245b634c5bc8246b4fbd67a395

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:57 GMT
x-content-type-options: nosniff
last-modified: Fri, 24 Nov 2023 17:22:29 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4858923
expires: Sun, 11 Feb 2024 09:12:08 GMT

GET
H3

200

/
bolo.treksantuy.xyz/ Frame CDDB
Redirect Chain

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg
https://bolo.treksantuy.xyz/

0
0

1051ms
1049ms

Image
text/html

2606:4700:3035::6815:5055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bolo.treksantuy.xyz/
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H3
Server: 2606:4700:3035::6815:5055 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date: Sun, 21 Jan 2024 00:03:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5qUSiFIj2OanChbS5yIVomOqnIgvm%2F39yaO0O6q2O22PiLiPLhHBdr3qUOO%2BNZrIbPJJh6aq7jun2FfydGlMKk8N9LxPA0nPdiv1PoASZ3bFCsl3s%2Bo8faD4i5y74bme1GaQ%2FBmOSfTaLnHJjRCEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://bolo.treksantuy.xyz
cache-control: max-age=3600
cf-ray: 848b4c0f0eb91283-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 21 Jan 2024 01:03:57 GMT

GET
H3 200 unnamed-1.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 205 KB
205 KB 88ms
71ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-1.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bfcef82755bac56e01032d196dc587e851fcfb9a2a1882c7e283b9ea451a17a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:46:35 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 210028
expires: Sun, 04 Feb 2024 18:20:03 GMT

GET
H3 200 unnamed-3.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 224 KB
225 KB 100ms
83ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-3.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7e78ac302ebdef9842d5c628cef762ed1ad4b9650dd4915810cbf3cdaa86010c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:48:07 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 229818
expires: Sun, 28 Jan 2024 13:01:09 GMT

GET
H3 200 unnamed-22.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 292 KB
292 KB 103ms
86ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-22.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d30f436b9752f07747f2b72cc77985554918de4f9b5e74c65271c89e3b1501b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:19:02 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 298675
expires: Thu, 22 Feb 2024 11:37:59 GMT

GET
H3 200 unnamed-5.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 362 KB
362 KB 118ms
102ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-5.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

87d3abed87820941c3f8f4d8cc01563a8ef74d7886c948b9b0da3e3929bfce92

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:51:53 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 370255
expires: Mon, 29 Jan 2024 17:58:49 GMT

GET
H3 200 unnamed-6.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 507 KB
507 KB 105ms
89ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-6.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ac6002b55a7bc33de07da0fc1391dbd8b61598823a7768591aed4b0e4a5e421a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:53:48 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 519311
expires: Thu, 01 Feb 2024 13:36:16 GMT

GET
H3 200 unnamed-7.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 528 KB
529 KB 107ms
90ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-7.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

06710711e7517c22412aa923d472e9cce857b02605e4c0049cdc7edb666a132c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:55:47 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 541175
expires: Thu, 01 Feb 2024 12:45:20 GMT

GET
H3 200 unnamed-8.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 355 KB
356 KB 118ms
101ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-8.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6ee5599420176d6c73cb80505f7d287e527d903336f0cfb2348ace130fb7d6f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:57:28 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 363774
expires: Fri, 02 Feb 2024 21:18:28 GMT

GET
H3 200 unnamed-28.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 328 KB
328 KB 136ms
118ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-28.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8ac1e08581c5691d74fb1a69b925f400e14db93ddc9451db0b72456e4af3a2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:21:13 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 335785
expires: Mon, 12 Feb 2024 15:00:38 GMT

GET
H3 200 unnamed-27.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 289 KB
289 KB 138ms
121ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-27.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5cdf948f65cf951821da557dc5b8cc9067c64589070285feab8aa6f7c64657e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:18:06 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 295549
expires: Tue, 30 Jan 2024 10:59:57 GMT

GET
H3 200 unnamed-26.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 262 KB
263 KB 148ms
131ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-26.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dbd4ea5e26cff619ebe31130ce16126cdcaff265a697139b20c80a960954832f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:17:49 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 268554
expires: Sat, 27 Jan 2024 19:14:15 GMT

GET
H3 200 unnamed-24.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 228 KB
228 KB 151ms
134ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-24.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7e22819d3433cfdb5d3f848fee01b7cccc863970901de5efa3e80a7eadbd48c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:12:30 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 232980
expires: Wed, 21 Feb 2024 11:31:06 GMT

GET
H3 200 unnamed-25.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 693 KB
693 KB 157ms
140ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-25.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e31a5516051e3dcd6be48ada99dbf2d270db37dd3a304fded21e105f6c733bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:12:47 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 709526
expires: Sat, 27 Jan 2024 08:23:41 GMT

GET
H3 200 unnamed-29.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 193 KB
193 KB 170ms
153ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-29.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2388f1b8ef95668322254f1ae8523c148beceddccd6e239bd683281835e1180b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:21:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 197657
expires: Sun, 11 Feb 2024 20:03:03 GMT

GET
H3 200 unnamed.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 250 KB
250 KB 173ms
156ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5ce581a1bb3ae65bd553d034f9d5973dd8af7f856d2bd5efa095ed41cee7f949

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:44:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 256150
expires: Wed, 07 Feb 2024 10:36:03 GMT

GET
H3 200 unnamed-10.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 270 KB
270 KB 171ms
155ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-10.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9c5106cfc1835d6213c497eb31fd0b3f034a3630a33fd51ed1f020f370034b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:31:01 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 276544
expires: Sat, 03 Feb 2024 11:11:36 GMT

GET
H3 200 unnamed-11.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 247 KB
247 KB 174ms
158ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-11.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f564100347e9b3cc6448108ae2837d97eb49d3009154452879c4a146dd482183

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:32:41 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 252743
expires: Sun, 11 Feb 2024 14:05:02 GMT

GET
H3 200 unnamed-12.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 282 KB
283 KB 170ms
160ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-12.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

79980af9382b2ed28478d04a6b7e7119b4a3b4cf055978bf0bcf7fbe74a3136f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:33:50 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 289127
expires: Fri, 16 Feb 2024 22:13:10 GMT

GET
H3 200 unnamed-13.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 514 KB
514 KB 181ms
171ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-13.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dc887f124f649e95762713f34c6e7d8ef383571f6a354d916964732b1950664a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:34:55 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 526000
expires: Sun, 11 Feb 2024 01:50:47 GMT

GET
H3 200 unnamed-14.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 291 KB
291 KB 183ms
174ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-14.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

efb8d3fc8b90b38cbc75cb3f22e313a370f0eada11e7eba19e8047c6f60943dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:35:54 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 297540
expires: Tue, 06 Feb 2024 19:30:34 GMT

GET
H3 200 unnamed-9.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 194 KB
194 KB 198ms
189ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-9.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

42e792c4264f30663f715f0019025df6c67066e834c8c36298e9a96fdc8cd038

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:27:00 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 198395
expires: Mon, 12 Feb 2024 22:33:45 GMT

GET
H3 200 unnamed-15.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 388 KB
388 KB 206ms
196ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-15.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4111d0de448c0dbbb0dc170a0e580da1029ac1fe68de77d330b41ba1cbc4d0c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:37:53 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 396918
expires: Tue, 06 Feb 2024 18:52:34 GMT

GET
H3 200 unnamed-16.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 326 KB
326 KB 206ms
199ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-16.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a6a3283156db24254aec7fe7b93f88ef8193a0b61d31056cb5bb210617dcd626

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:39:46 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 333383
expires: Sat, 03 Feb 2024 01:45:14 GMT

GET
H3 200 unnamed-17.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 312 KB
312 KB 214ms
207ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-17.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2689ac2a7453661922762dcd23b84bda4ef74a05c9c3740f817f411af2f6084c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:41:12 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 319266
expires: Wed, 07 Feb 2024 01:41:58 GMT

GET
H3 200 unnamed-18.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 188 KB
188 KB 215ms
208ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-18.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7380c39ec1fbcf6ff16ff145bd0ed5033c2b84b41270dae4b05a327a19ba9e66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:42:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 192555
expires: Wed, 24 Jan 2024 21:46:19 GMT

GET
H3 200 unnamed-19.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 280 KB
281 KB 216ms
210ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-19.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

da6d3195e96bfbfe1cecd660de92fe05a71437900b1dff539a9d6f5e45c28277

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:43:23 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 286968
expires: Sat, 03 Feb 2024 06:43:58 GMT

GET
H3 200 unnamed-20.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 351 KB
352 KB 632ms
625ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-20.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0f1e4f7008ccffa6948dbcc9eb98f7356a0f3e7bbf0d87a77289820eaa8027e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:44:24 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 359746
expires: Wed, 14 Feb 2024 04:16:09 GMT

GET
H3 200 unnamed-21.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame CDDB 265 KB
265 KB 218ms
211ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-21.gif

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f7bc1b794480ca073b0a3ff2bdfdd6d5171458d2828ea18e4b80edb151f2289d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:45:42 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 271048
expires: Wed, 21 Feb 2024 00:38:41 GMT

GET
H/1.1 200
OK 4794504.gif
s4is.histats.com/stats/i/ Frame CDDB 835 B
974 B 209ms
68ms Image
image/png 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4794504.gif?4794504&103
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: ed9521a670946301c25c7a90c7aa632344d496a696f1b788f4e465354ac1c86f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:58 GMT
Connection: close
ETag: 1719873258
Content-Length: 835
Content-Type: image/png

GET
BLOB 200
OK 7d7d8723-80e4-4a3c-a910-e6e2c6e4d85b
https://bolo.treksantuy.xyz/ Frame DEC6 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bolo.treksantuy.xyz/7d7d8723-80e4-4a3c-a910-e6e2c6e4d85b
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
BLOB 200
OK 096d3c28-f9f2-43c2-b66f-0081f64cf429
https://king.laskar2d.xyz/ Frame CDDB 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://king.laskar2d.xyz/096d3c28-f9f2-43c2-b66f-0081f64cf429
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 v2 Show response
de.tynt.com/deb/ 1 KB
2 KB 86ms
72ms Script
application/javascript 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: 47a9cd3b880a1d83a59a9df77f8676c1ff4999f2cf4aa76914a7eaabd26ef83f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date: Sun, 21 Jan 2024 00:03:57 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type: application/javascript
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length: 1357
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 58 KB
18 KB 229ms
71ms Script
text/javascript 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:06:03 GMT
content-encoding: gzip
via: 1.1 dd80355363eac92e0372107558e579a8.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 68276
x-amz-server-side-encryption: AES256
etag: W/"eb52f900499b46d1088df97dad487c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 9U0MUukTfaYPKflbNEjuwzzEFtwZCTMXbECJAjLi1-M6esYQvWV3Vw==

GET
H2 200 / Show response
t.dtscdn.com/widget/ 0
600 B 181ms
78ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&r=
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:58 GMT
x-t: 1.95
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARSBxCh2%2FZNJvgYwxqar8x0h1EsEH8TZl82%2BAIqsTcFl9lYO725K88jdedSyWsPECvKEXZ9f3ir%2BsFQqJgRU913GKLZVox2CY7iIVGceL4YGAFFoVTK7VW3Dc09yDLox5KQSe07LEzYA%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 848b4c107ea4287a-MIA
expires: Sat, 20 Jan 2024 23:40:15 GMT

GET
H2

200

mw
mwzeom.zeotap.com/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=51A01705795437671B15BDFA0C3AC9B3
https://spl.zeotap.com/?zdid=1332&zcluid=b426b577e76f6dfa
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1ea13d09-573d-4e12-579b-a77ce727c548&reqId=e25dc35b-cdd8-4d30-5704-9686a41cd39d&zclui...
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1ea13d09-573d-4e12-579b-a77ce727c548&reqId=e25dc35b-cdd8-4d30-5704-9686a41cd39d&zclu...
https://mwzeom.zeotap.com/mw?google_gid=CAESEELo2uUXDZ_GCbJtsTHMjI8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1ea13d09-573d-4e12-579b-a77ce727c548&reqId=e25dc35b-cdd8-4d30-5704-968...

95 B
165 B

156ms
152ms

Image
image/png

2606:4700:10::6816:3362
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?google_gid=CAESEELo2uUXDZ_GCbJtsTHMjI8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1ea13d09-573d-4e12-579b-a77ce727c548&reqId=e25dc35b-cdd8-4d30-5704-9686a41cd39d&zcluid=b426b577e76f6dfa&zdid=1332

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

Server

2606:4700:10::6816:3362 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:59 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://sky.pasukanantidepo.shop
access-control-allow-credentials: true
cf-ray: 848b4c18afbf09ba-MIA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:03:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEELo2uUXDZ_GCbJtsTHMjI8&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=1ea13d09-573d-4e12-579b-a77ce727c548&reqId=e25dc35b-cdd8-4d30-5704-9686a41cd39d&zcluid=b426b577e76f6dfa&zdid=1332
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

result.php Show response
wget.angkapaito.net/ Frame 6CD7
Redirect Chain

https://widget.angkapaito.net/result.php
https://wget.angkapaito.net/result.php

5 KB
965 B

130ms
129ms

Document
text/html

2606:4700:3037::ac43:b044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wget.angkapaito.net/result.php
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4ba7b41090aabbe09b55d93951cc7f37e685bf5d27fd3283e73d3e8fcf5bab3

Request headers

Referer: https://king.laskar2d.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 848b4c10aaa5b3c8-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:03:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLTAcfGH2uVl5tftg44RD87Zt6OM16Cnywe2w5FX8Q%2BxCmQtO%2FbNmQ0%2BRR%2Fu2wTdSHQUvid%2FX2ahN0U4Ro8fbMfYOcQY2kNXSl4TIfLEzkRXocS9JZE1awBINezSyLM4vCnEhqAzYoa2xr4PUrnoaSiZ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 848b4c1019de09b2-MIA
content-type: text/html
date: Sun, 21 Jan 2024 00:03:58 GMT
location: https://wget.angkapaito.net/result.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dTFYiOQ1Hppgk%2Bo717aljhsas1ti0usVoScLgGA92hSfxmM%2BMTlrsNP7tlRr%2F%2FXsnlMw%2BLyMd7yp1pf7hX7YEGVMGzgWDQbyxgCqI2twNzudKFdpEH%2FocYnfeHcWY6GtZGQvUflXP%2ByQw2J5QH4ypPmdwVM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame CDDB 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame CDDB 11 KB
5 KB 49ms
49ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39473
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c104ce7d9d5-MIA
content-length: 4547

GET
H3 200 7meter_gif-banner_prediksi_728x90.gif
antoboomerblog.files.wordpress.com/2023/12/ Frame DEC6 120 KB
120 KB 205ms
204ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/12/7meter_gif-banner_prediksi_728x90.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d80f6523545dad74a52c6afbc2db2210fa1418e86cdf000233c482e199ed8b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Dec 2023 05:00:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 122788
expires: Wed, 31 Jan 2024 23:20:36 GMT

GET
H3 200 840x120-jabrix.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame DEC6 5 MB
5 MB 222ms
221ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/840x120-jabrix.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2ef8819c623f045339c8a2ffe8b442801765e1245b634c5bc8246b4fbd67a395

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Fri, 24 Nov 2023 17:22:29 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4858923
expires: Sun, 11 Feb 2024 09:12:08 GMT

GET
H3

200

/
bolo.treksantuy.xyz/ Frame DEC6
Redirect Chain

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg
https://bolo.treksantuy.xyz/

44 KB
44 KB

1113ms
1112ms

Image
text/html

2606:4700:3035::6815:5055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bolo.treksantuy.xyz/
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Server: 2606:4700:3035::6815:5055 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hasa3ebjYJSgFkvNlt1K0N2jIXdRCv2e49FgHODI9vcgJqhwn5VAR9AAHUj8KEFuTwcGCEz9F78MZ%2Frgicti5iaNVwgY7vdyXkacGZJCDVpKYG29ZO7Gt7JUPB9b1%2BRk88fJjm9970vwqSTlLpEo3NIV"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c1138ee0a06-MIA
link: <https://bolo.treksantuy.xyz/wp-json/>; rel="https://api.w.org/"
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 21 Jan 2024 00:03:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eo9QtrRPDhgiqPTalJTEHnTFVrKOhF6lgook5j48CaW55bwDpiftM05kOB3lmApYWhpAy1n0Os3TFnaJOvaK7YeTNo4e2GXm26TB%2FHmErXV2u2p62rfb%2BW%2FyrtgP5TNGIzBxu58Q2mDxXi0TbnFnDw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://bolo.treksantuy.xyz
cache-control: max-age=3600
cf-ray: 848b4c10edd521c7-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 21 Jan 2024 01:03:58 GMT

GET
H3 200 microtogel88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame DEC6 2 MB
2 MB 224ms
218ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/microtogel88-728x90-1.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3e6701810a770c2cdb7710c43056f6c2422cf8c30653dd1ab209bcff5a4548e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:38:06 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2505021
expires: Mon, 12 Feb 2024 04:46:55 GMT

GET
H3 200 indoboss6d728x90.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame DEC6 2 MB
2 MB 241ms
236ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/indoboss6d728x90.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

776bf55e5c196430c0d9bb394fdc8a37ea7a55b6e3044ae8c0815d4a3bcc542f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:38:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2431527
expires: Fri, 09 Feb 2024 02:21:29 GMT

GET
H3 200 wlatogel88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame DEC6 2 MB
2 MB 250ms
246ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/wlatogel88-728x90-1.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

574c654adc51059882c66279ee0d42eb585735d5a2bc8cb010f1e91eb04e483f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:30 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1592720
expires: Tue, 27 Feb 2024 02:39:36 GMT

GET
H3 200 kaisartoto88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame DEC6 1 MB
1 MB 259ms
254ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/kaisartoto88-728x90-1.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

217bcf44778fff8fe41a593c79e0c86edd524460f7618f12e132566d17fd5b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:51 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1415984
expires: Thu, 15 Feb 2024 03:37:55 GMT

GET
H3 200 indolottery88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame DEC6 1 MB
1 MB 261ms
256ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/indolottery88-728x90-1.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a67688ddcf966aaf218b1f154d3830ad065e23ef063d71b4f96436ab9a717a9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:41 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1417070
expires: Tue, 27 Feb 2024 00:44:14 GMT

GET
H3 200 dunialottery88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame DEC6 997 KB
998 KB 263ms
258ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/dunialottery88-728x90-1.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fa7337e4bc30dd3db3861c272a32f98911b0bbf1a60557e0f124ba2713f35fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:57 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1021153
expires: Fri, 23 Feb 2024 22:10:23 GMT

GET
H3 200 hknalo-729x90-1.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame DEC6 105 KB
106 KB 776ms
771ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/hknalo-729x90-1.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

daf9a29faaa9b5a3a465f3f5048a5c4a2737ca8a1af1c4e746fddbc8f9910968

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Oct 2023 12:50:00 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 107905
expires: Sat, 17 Feb 2024 16:16:44 GMT

GET
H3 200 new-bandarnalo.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame DEC6 100 KB
101 KB 794ms
789ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/new-bandarnalo.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fffe2bbb1e6c64b3540176029b620af1fcbbc30861c94299b895760b80cd7357

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Oct 2023 12:37:19 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 102622
expires: Mon, 05 Feb 2024 20:52:18 GMT

GET
H3 200 paitowarna.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame DEC6 156 KB
156 KB 271ms
267ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/paitowarna.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8a68e4e1e0faf5cec1082b25b95f4d820985fda95177b826e7c16a70f5afae19

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Oct 2023 12:35:44 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 159643
expires: Sun, 21 Jan 2024 06:39:22 GMT

GET
H3 200 729x90-animated-1.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame DEC6 327 KB
327 KB 279ms
275ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/729x90-animated-1.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2e3778a72114f13a5b18b9d25df758bfbf0d55bf442ba5c9007b96593d959b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 22 Oct 2023 12:16:32 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 335048
expires: Sat, 17 Feb 2024 06:28:12 GMT

GET
H3 200 729x90_agennalo.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame DEC6 327 KB
327 KB 285ms
281ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/729x90_agennalo.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f017d1630a163790465f348b29d4721facb1d4353e695dd730b869e28e4bcd3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Oct 2023 19:28:06 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 334612
expires: Sun, 18 Feb 2024 07:31:59 GMT

GET
H/1.1 200
OK 4789234.gif
s4is.histats.com/stats/i/ Frame DEC6 854 B
994 B 217ms
69ms Image
image/png 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4789234.gif?4789234&103
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: 2dc8491b13b441cd320da82308ef30093ff25f10727460114c7e841d067504a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:58 GMT
Connection: close
ETag: -1541429212
Content-Length: 854
Content-Type: image/png

GET
H3 200 ibetwin_gif_400x400.gif
antoboomerblog.files.wordpress.com/2023/12/ Frame DEC6 1 MB
1 MB 292ms
289ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/12/ibetwin_gif_400x400.gif

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

730412109bc24c266a27e4c2248182c8952c1ec999199851413a1779cd7d0ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Dec 2023 05:13:14 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1280443
expires: Mon, 22 Jan 2024 19:33:42 GMT

GET
H3 200 jquery.modal.css
bolo.treksantuy.xyz/wp-content/plugins/uji-popup/modal/css/ Frame DEC6 823 B
818 B 619ms
614ms Stylesheet
text/css 2606:4700:3035::6815:5055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5055 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1aa580790c9570b8d2487f59595d9fff842ebd0983e34964185c4173375c67b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 13 Jul 2023 07:26:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kw%2F2VNkyvzMaduuBmiWk%2BoEfGoWg%2BgxPyvfEfowsja%2BgPzMXVAyp8em%2F3bZD99IiFpaCmkKEO1GDfsB9ZaUtalYKVGDPjZNpbIfhqp1i28XYfOh%2B0qkL5aGazx%2FVkeWsu1E24uqgygsv9FwCpD1kEHXn"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c10f8b10a06-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 00:03:58 GMT

GET
H3 200 popups.css
bolo.treksantuy.xyz/wp-content/plugins/uji-popup/css/ Frame DEC6 2 KB
1 KB 627ms
622ms Stylesheet
text/css 2606:4700:3035::6815:5055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-content/plugins/uji-popup/css/popups.css?ver=1.0
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5055 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6433b6ec31a00814e966e0371e83878f2d1ef41eaad768ef49bc2b2e978904cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 13 Jul 2023 07:26:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFArwRBJirvmEZwto6ZP9E6PDe3lyfaL5ml6qPxc35DPA675xTBfwYthIKgCEL6CVUmH2SaCGL2CyKXPLW8mfdEnLQxZhb0%2FA%2BSfrT3B8g1jdU8rl95owdx1xMBuge7IVWwsig2VTt6ShCM1EmXjnD2A"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c10f8b30a06-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 00:03:58 GMT

GET
H3 200 email-decode.min.js Show response
bolo.treksantuy.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame DEC6 1 KB
1 KB 48ms
43ms Script
application/javascript 2606:4700:3035::6815:5055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bolo.treksantuy.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:5055 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Jan 2024 17:29:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65983c8b-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=raN1cJrp90Qep6b4nhRvP0E6nyDw0BgueCMrxPIcrYuBg9B4Ruswecg4Hwf%2B6rJv1rkZHoNSub14HcUbwEr2wQFTXWoRX5h8vqQFKubDfvu8zWGdnNP%2BV684cVEpGFdU5bzK%2BVItUkJDjmDoz1A9mRv%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 848b4c10f8b40a06-MIA
expires: Tue, 23 Jan 2024 00:03:58 GMT

GET
H3 200 jquery.modal.min.js Show response
bolo.treksantuy.xyz/wp-content/plugins/uji-popup/modal/ Frame DEC6 4 KB
2 KB 628ms
623ms Script
application/javascript 2606:4700:3035::6815:5055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-content/plugins/uji-popup/modal/jquery.modal.min.js?ver=0.5.5
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5055 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fe7fde764319b56dc9237348bbcec480c9bc3c29a737d42de0e8062cf2e2013

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:58 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 13 Jul 2023 07:26:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eM8JTVtr%2BHMdLxhlbgDMYovDmQGUp2yejq5dsBHxsNWlfDVFyOKX6f0rfcoPLLxaVoEScZ6F3yNsEvBNV6zMrki5X5sNNUY3sDlpdBPrtw%2F21HWuJKP%2Fo44%2FFw4oKJsJfNUueFCFod4fPwCbh4bP9WAy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c10f8b60a06-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 00:03:58 GMT

GET
H3 200 popups.js Show response
bolo.treksantuy.xyz/wp-content/plugins/uji-popup/js/ Frame DEC6 2 KB
1 KB 627ms
622ms Script
application/javascript 2606:4700:3035::6815:5055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-content/plugins/uji-popup/js/popups.js?ver=1.1
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5055 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efdb19618ca9d33f08f499bb677f7a56e0b55b6e67582e86586ada7435c4495f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 13 Jul 2023 07:26:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fr1WwqDAfftvYX%2BxZqvVBUR7qIGe0ecD7%2BHajMwhnlp%2FZW7iKd5ZR8YtiNUKCB8%2BrkCUtAFIU6FU05iapm5ZVu1qO2jRVKvKdrCl%2FUMcanD%2F9A7D%2Fz%2BVdgFsquBXdmO%2Fg%2FNZ%2BKLzuHCg%2F8J%2FqnlM8kHw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c10f8b80a06-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 00:03:58 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ 5 KB
2 KB 245ms
65ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2433
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: F-VUVTxNNQBjBMAoK8DGTfscJTDe9ig0WB_hSIlZKt0XRwFGI-dgBA==

GET
H3 200 email-decode.min.js Show response
king.laskar2d.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame CDDB 1 KB
1 KB 37ms
36ms Script
application/javascript 2606:4700:3033::6815:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://king.laskar2d.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:51c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Jan 2024 17:29:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65983c8b-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NrsfK2EKw362Y80oy7LwBwtRcLOH0MV%2F4tFaek5rsBnzYNAQ1hjj0zjqzpZnUPMHbhtX5i87txgZVAB4nglpuItrV2QWonyx4EtG1fS4sdZUOpPfhUtjWCG%2FZEIfwtQ%2BIfzeQ%2FuxQug4FbDNZXOUrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 848b4c107be9747e-MIA
expires: Tue, 23 Jan 2024 00:03:58 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
king.laskar2d.xyz/wp-includes/js/dist/vendor/ Frame CDDB 8 KB
3 KB 52ms
46ms Script
application/javascript 2606:4700:3033::6815:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:51c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 23:16:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 30666
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aa2bqDQhdU%2FelYSjqyMwgL0fIifL%2F%2B8JY43ysg2aHcok3DRdT6M%2ByB7f1aN6%2FQDFoRbVPcodIRUv4AkoLskdTr4jdOUEZkHNd3iYmjTmXXnjS481BzH7a5VGQKlZ%2FGCIk8u5jmRYL9O4Po90PnqvUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c108bff747e-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jan 2024 15:32:51 GMT

GET
H3 200 regenerator-runtime.min.js Show response
king.laskar2d.xyz/wp-includes/js/dist/vendor/ Frame CDDB 6 KB
3 KB 54ms
48ms Script
application/javascript 2606:4700:3033::6815:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:51c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:21:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 30666
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRJztaWEOcjCSX0f6CLhtmmwb4ydZ4xIj7j5UZ2PIl%2Ba5LHsbhfVGjIUBd23Y53GEpHLqN42dtSV10%2Ft%2Fi9VHUKq%2BHWFxwOBInRzpnreUGj%2FOZQ88EqMrBvJPod33jf2A6WGLVl%2FdchtByaXrJ2JxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c108c00747e-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jan 2024 15:32:51 GMT

GET
H3 200 wp-polyfill.min.js Show response
king.laskar2d.xyz/wp-includes/js/dist/vendor/ Frame CDDB 112 KB
36 KB 59ms
54ms Script
application/javascript 2606:4700:3033::6815:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:51c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:21:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 134060
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqXifpvfzhi69emueMcDojEhFh9NLH0Tw6Bp0Suq0aR1N8VzztE4SZHE7Pk6SA%2BRpA5UblZV6AvoL4b1nQF%2FB%2FKeJedXSKZ5SvMIzDT1qxOEWXujJPfUbxdCCwy63v6NmLbiaBq%2BVCkuK%2F7bVtaowg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c108c04747e-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 26 Jan 2024 10:49:37 GMT

GET
H3 200 frontend.js Show response
king.laskar2d.xyz/wp-content/plugins/sidebar-login/build/ Frame CDDB 4 KB
2 KB 50ms
49ms Script
application/javascript 2606:4700:3033::6815:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:51c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 01 Jul 2023 14:00:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 30666
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OW2OmINkrPP3BadZrcGkOHQE9oAIzXvIYFuX3DbX264FkeGD2ZEdjcT6h36EQ7tCl9pjhRxcy%2Fl2Z%2F2X88WsoPsLpHP9sFDCJYWNP5M95QHqdSWnrcrm1S7y0oMs9GYiO6buNzDe9zYQ7kVPrgSZLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c108c05747e-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jan 2024 15:32:51 GMT

GET
H2

200

27519 Show response
tags.bluekai.com/site/ Frame A151
Redirect Chain

https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1705795438046.6
https://tags.bluekai.com/site/27519?id=212429212096049&ret=html&random=1705795438

71 B
546 B

623ms
447ms

Document
text/html

104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/27519?id=212429212096049&ret=html&random=1705795438
Requested by: Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer: https://sky.pasukanantidepo.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

bk-server: 50f
content-length: 71
content-type: text/html
date: Sun, 21 Jan 2024 00:03:59 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
date: Sun, 21 Jan 2024 00:03:57 GMT
expires: Thu, 01-Jan-70 00:00:01 GMT
location: https://tags.bluekai.com/site/27519?id=212429212096049&ret=html&random=1705795438
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma: no-cache
referrer-policy: unsafe-url
server: 33XP002
x-33x-status: 400000000040080C

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=&us_privacy=&random=1705795438046.1
https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=&us_privacy=&random=1705795438046.1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?uid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79&bid=1e2n4ou

70 B
440 B

71ms
68ms

Image
image/gif

50.16.174.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79&bid=1e2n4ou
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Server: 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-174-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 21 Jan 2024 00:03:58 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?uid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79&bid=1e2n4ou
date: Sun, 21 Jan 2024 00:03:58 GMT
server: Kestrel
content-length: 191

GET
H2

200

db_sync
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKR2WsX20CDhmSI60PAg%3D%3D&us_privacy=&_rand=1705795438046.2
https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKR2WsX20CDhmSI60PAg%3D%3D&us_privacy=&_rand=1705795438046.2&expected_cookie=aa96b5c7-04c0-42e0-a9e5-b6a11f0edf61

0
142 B

111ms
105ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKR2WsX20CDhmSI60PAg%3D%3D&us_privacy=&_rand=1705795438046.2&expected_cookie=aa96b5c7-04c0-42e0-a9e5-b6a11f0edf61
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:57 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 6EEC43D325B246D8957E7586FFB677A4 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:03:58Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXMrzOOHL2kIc6mbvg==

Redirect headers

date: Sun, 21 Jan 2024 00:03:57 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: D0CDA4A1D0854497A87C8CDC5F733390 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:03:58Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: /db_sync?pid=15927&puuid=CoIKR2WsX20CDhmSI60PAg%3D%3D&us_privacy=&_rand=1705795438046.2&expected_cookie=aa96b5c7-04c0-42e0-a9e5-b6a11f0edf61
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXMpaP4IbiYREAw/Jw==

GET
H2

204

fa46c0a5-b18e-4497-af0b-ad4dc5823d79
map.go.affec.tv/map/ttd/
Redirect Chain

https://map.go.affec.tv/map/3a/?pid=CoIKR2WsX20CDhmSI60PAg%3D%3D&us_privacy=&ts=1705795438046.3
https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D65ac5f6e866d6f0001848481%26chc%3Dtt%26redirect_url%3D%26gdpr%3D%26gdpr_consent%3D&gdpr=&gdpr_consent=
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmap.go.affec.tv%252Fmap%252Fan%252F%2524UID%253Fch%253D65ac5f6e866d6f0001848481%2526chc%253Dtt%2526redirect_url%253D%2526gdpr%253D%25...
https://map.go.affec.tv/map/an/2907085194688289057?ch=65ac5f6e866d6f0001848481&chc=tt&redirect_url=&gdpr=&gdpr_consent=&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=mssm115&ttd_tpi=1&gdpr=&gdpr_consent=
https://map.go.affec.tv/map/ttd/fa46c0a5-b18e-4497-af0b-ad4dc5823d79?ttd_puid=&gdpr=0&gdpr_consent=

0
563 B

64ms
63ms

Image
text/plain

54.92.184.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://map.go.affec.tv/map/ttd/fa46c0a5-b18e-4497-af0b-ad4dc5823d79?ttd_puid=&gdpr=0&gdpr_consent=
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 54.92.184.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-184-169.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:59 GMT
content-encoding: gzip
vary: Accept-Encoding

Redirect headers

location: https://map.go.affec.tv/map/ttd/fa46c0a5-b18e-4497-af0b-ad4dc5823d79?ttd_puid=&gdpr=0&gdpr_consent=
date: Sun, 21 Jan 2024 00:03:58 GMT
server: Kestrel
content-length: 229

GET
H2

204

usermatch.gif
beacon.krxd.net/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKR2WsX20CDhmSI60PAg%3D%3D&us_privacy=&random=1705795438046.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKR2WsX20CDhmSI60PAg%3D%3D&us_privacy=&random=1705795438046.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3f0e3619-356c-4f14-80e4-391e99eb1d58%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3f0e3619-356c-4f14-80e4-391e99eb1d58%252Chttps%25253A%25252F%25252Fusermatch.krxd.net%25252Fum%25252Fv2%25253Fpartner%252...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=fa46c0a5-b18e-4497-af0b-ad4dc5823d79&ttd_puid=3f0e3619-356c-4f14-80e4-391e99eb1d58%2Chttps%253A%252F%252Fusermatch.krxd.n...
https://usermatch.krxd.net/um/v2?partner=tapad
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad

0
338 B

193ms
59ms

Image
text/plain

3.222.158.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 3.222.158.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-158-117.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-served-by: beacon-n018-ash-prod.krxd.net
date: Sun, 21 Jan 2024 00:03:59 GMT
cache-control: private, no-cache, no-store
x-request-time: D=51 t=1705795439
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
date: Sun, 21 Jan 2024 00:03:59 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a004-ash-prod.krxd.net

GET
H2

200

405716.gif
idsync.rlcdn.com/
Redirect Chain

https://dp2.33across.com/ps/?pid=1205&rand=1705795438046.5
https://idsync.rlcdn.com/405716.gif?partner_uid=212429230910412

42 B
440 B

291ms
75ms

Image
image/gif

35.244.154.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/405716.gif?partner_uid=212429230910412
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:58 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:03:57 GMT
referrer-policy: unsafe-url
server: 33XP004
x-33x-status: 4000000000004000C
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location: https://idsync.rlcdn.com/405716.gif?partner_uid=212429230910412
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 01-Jan-70 00:00:01 GMT

GET
H2 204 /
dp1.33across.com/ps/ 0
69 B 234ms
68ms Image
text/plain 67.202.105.24
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dp1.33across.com/ps/?pid=669&uid=CoIKR2WsX20CDhmSI60PAg%3D%3D&us_privacy=&random=1705795438046.7&pu=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.24 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip24.67-202-105.static.steadfastdns.net
Software: 33XP020 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-33x-status: 208
date: Sun, 21 Jan 2024 00:03:57 GMT
server: 33XP020

GET
H2 200 / Show response
markas-prediktor.info/ Frame 12FE 114 KB
26 KB 1566ms
610ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/8.1.27

Resource Hash

a056bcd83401b939f90b0b0511849c062c36d5e9b36ae20438b397d5fb33ec0b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://king.laskar2d.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:03:59 GMT
link: <https://markas-prediktor.info/wp-json/>; rel="https://api.w.org/" <https://markas-prediktor.info/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://markas-prediktor.info/>; rel=shortlink
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.27

GET
H2

403

ZdO9uN
momen.tm/ Frame DEC6
Redirect Chain

https://treksantuy.asia/wp-content/themes/frontier/images/honeycomb.png
https://momen.tm/ZdO9uN

0
0

707ms
61ms

Image
text/html

52.21.33.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://momen.tm/ZdO9uN
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Server: 52.21.33.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: us-ip-1.short.io
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date: Sun, 21 Jan 2024 00:03:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QeWGBNm6%2F8LueifCd2KPCic6I0nMCdBgqiGdqwwQs%2FvGvd3jmaO3jQK%2FiT3aGPE7LqZRElVrQKiapgVBhBHZ8yqOkE3Dqhy3%2BeH6fHC8YLmvhqoDWkC6Gsu4oPoZj7NqmUkgOpsEXaep8Ps%2F0ko%3D"}],"group":"cf-nel","max_age":604800}
location: https://momen.tm/ZdO9uN
cache-control: max-age=3600
cf-ray: 848b4c11d9b7747b-MIA
expires: Sun, 21 Jan 2024 01:03:58 GMT

GET
H3

200

result.php Show response
wget.angkapaito.net/ Frame 00EF
Redirect Chain

https://widget.angkapaito.net/result.php
https://wget.angkapaito.net/result.php

5 KB
930 B

85ms
84ms

Document
text/html

2606:4700:3037::ac43:b044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wget.angkapaito.net/result.php
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4ba7b41090aabbe09b55d93951cc7f37e685bf5d27fd3283e73d3e8fcf5bab3

Request headers

Referer: https://bolo.treksantuy.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 848b4c121d02b3c8-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:03:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j4dljTOJn8QyUsIKHCLoSFHUCwRCawxOJUphQLFSscafxumcJmiA9iZ%2BePGjcWlcOBesbH%2FV0FWDyg81hNpuHLGj6zfMMs1txoR8%2ByVCH6VosPmA0i4pgyyQdTJtnW97%2BjXRJYV0FF6fOcJy%2FXF9FtZc"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 848b4c114bb3b3c8-MIA
content-type: text/html
date: Sun, 21 Jan 2024 00:03:58 GMT
location: https://wget.angkapaito.net/result.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euFdxgc5h4tXNh2oTbU1ekiubm%2FNulu6M9s6Ishk%2BDo3dXpHnqXjYV70SX3aPVzgMNNcjx9nu1aWVUP1xr6FNnZWOF41CWYYbLjgpD41MCDg77BULY4S5aOjP5zDFRPWmMvKKuTUJv1Vmv0TER75UxwLCI4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame DEC6 11 KB
4 KB 62ms
50ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39473
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c114f0fd9d5-MIA
content-length: 4547

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame BBDB 2 KB
1 KB 67ms
65ms Document
text/html 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.8959670569364908&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://sky.pasukanantidepo.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sun, 21 Jan 2024 00:03:58 GMT
Expires: Sun, 28 Jan 2024 00:03:58 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame DEC6 50 KB
51 KB 231ms
57ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%2C700%7CArimo%3A400%2C700&ver=6.4.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bolo.treksantuy.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:14:00 GMT
x-content-type-options: nosniff
age: 125398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:14:00 GMT

GET
H/1.1 200
OK 4794504.php Show response
s4.histats.com/stats/ Frame CDDB 434 B
569 B 239ms
70ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4794504.php?4794504&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLASKAR2D%20%E2%80%93%20PREDIKSI%20ANGKA%20TOP%20LASKAR2D%20HARI%20INI&@n0&@ohttps%3A%2F%2Fsky.pasukanantidepo.shop%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:182488353&@b3:1705795438&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fking.laskar2d.xyz%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 70fb5e467e6e9b11cdb5b9963383e8baed587e0d142f8fffe27e2276b2028a13

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:58 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H2 200 / Show response
rtx.dudasoleh.lol/ Frame A954 54 KB
13 KB 1287ms
1171ms Document
text/html 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44e191b3623a90ff15061113e532626f71d71b2833293015d777393da86a630c

Request headers

Referer: https://bolo.treksantuy.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 848b4c145e31da77-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:03:59 GMT
link: <https://rtx.dudasoleh.lol/wp-json/>; rel="https://api.w.org/" <https://rtx.dudasoleh.lol/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json" <https://rtx.dudasoleh.lol/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yipFoMzKKW7B2YvaNiHoYSyzMEtW1TdTwJyjgFIfXKVvKSpjxUb3SfgubNmYY%2FPFmnbSKhpxVxraC9x95wbZEDUGoG9g%2F4YtXVBSzoiVcF6HWglB%2FeoV%2F9lcvPoD6xWnx9DaSqKbA%2FCKWK1elgglCA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H3 200 wp-emoji-release.min.js Show response
king.laskar2d.xyz/wp-includes/js/ Frame CDDB 18 KB
5 KB 604ms
602ms Script
application/javascript 2606:4700:3033::6815:51c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://king.laskar2d.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:51c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Feb 2023 12:53:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3p2EI2XPN%2BZp8R8zMPuMlVSY3BaUr9e6DojfuG3EY40ZXTq5mzPc1bk3ADestttnryZeyols1E50lMqjiTWMGaW1Ov%2BbsIIUjsg%2FfU9n34gtDPl%2BLFAxQP8DVysU%2B4kmbJ%2F5ohhbfYtUUOLof8L2gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c128f42747e-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 00:03:58 GMT

GET
H/1.1 200
OK 4789234.php Show response
s4.histats.com/stats/ Frame DEC6 436 B
571 B 235ms
72ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4789234.php?4789234&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mTREK%20SANTUY%20%E2%80%93%20ANTO%20BOOMER&@n0&@ohttps%3A%2F%2Fsky.pasukanantidepo.shop%2F&@q0&@r0&@s432&@ten-US&@u1600&@b1:-98579741&@b3:1705795439&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fbolo.treksantuy.xyz%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 7483ffa917a42f3480fe85cfc28ed788040634e5621a93354600ff233228fdfa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:58 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1268.23380/a/US/ Frame 9628 19 KB
9 KB 82ms
81ms Script
text/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:58 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8535
Expires: Sun, 28 Jan 2024 00:03:58 GMT

GET
H/1.1

200
OK

v2 Show response
ap.lijit.com/readerinfo/
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
472 B

86ms
84ms

Fetch
application/json

63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 75bee475e0eb4e9aa841f244bca9cabcf4652cc75ffed66e332173e2d636d379

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:58 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://sky.pasukanantidepo.shop
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

Redirect headers

Date: Sun, 21 Jan 2024 00:03:58 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin: https://sky.pasukanantidepo.shop
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 200
OK test_oracle Show response
pd.sharethis.com/pd/ Frame 8D12 438 B
675 B 70ms
70ms Script
application/javascript 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/test_oracle

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

c51a8d2c1b69e2c7a62b12ad85ba1b4a6e8dcae7df14e4a917937f47762752d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:58 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 438
Content-Type: application/javascript

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame 9628
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79&gdpr=0&gdpr_consent=

42 B
297 B

299ms
66ms

Image
image/gif

18.116.4.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79&gdpr=0&gdpr_consent=

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

HTTP/1.1

Server

18.116.4.103 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-116-4-103.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGgABWWsX20AAAAIA2FBAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/ttd?uid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79&gdpr=0&gdpr_consent=
date: Sun, 21 Jan 2024 00:03:58 GMT
server: Kestrel
content-length: 215

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame 9628
Redirect Chain

https://idsync.rlcdn.com/386076.gif?partner_uid=ZGgABWWsX20AAAAIA2FBAw%3D%3D&gdpr=0&gdpr_consent=
https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkdnQUJXV3NYMjBBQUFBSUEyRkJBdz09EAAaDQjuvrGtBhIFCOgHEABCAEoA
https://pippio.com/api/sync?pid=5324&it=1&iv=3784b4914c6554c3bae6837166da419c7ae738d0c7182ea68646479d7781c39d791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3784b4914c6554c3bae6837166da419c7ae738d0c7182ea68646479d7781c39d791426b5417dce21&rand=09278724

0
140 B

81ms
80ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3784b4914c6554c3bae6837166da419c7ae738d0c7182ea68646479d7781c39d791426b5417dce21&rand=09278724
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:58 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 07D00E92986E41DA877F58F59F9E3726 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:03:59Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXM10i//lVp8ara10w==

Redirect headers

date: Sun, 21 Jan 2024 00:03:59 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=3784b4914c6554c3bae6837166da419c7ae738d0c7182ea68646479d7781c39d791426b5417dce21&rand=09278724
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

eyeota
sync.sharethis.com/ Frame 9628
Redirect Chain

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://sync.sharethis.com/eyeota?uid=2GjaMPnxfELS4ncOzSDTYPOAAyYu5W3S5YOWmphsmkao&gdpr=0&gdpr_consent=

42 B
297 B

316ms
79ms

Image
image/gif

18.116.4.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/eyeota?uid=2GjaMPnxfELS4ncOzSDTYPOAAyYu5W3S5YOWmphsmkao&gdpr=0&gdpr_consent=

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

HTTP/1.1

Server

18.116.4.103 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-116-4-103.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGgABWWsX20AAAAIA2FBAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/eyeota?uid=2GjaMPnxfELS4ncOzSDTYPOAAyYu5W3S5YOWmphsmkao&gdpr=0&gdpr_consent=
Date: Sun, 21 Jan 2024 00:03:58 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

csync.ashx
ml314.com/ Frame 9628
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGgABWWsX20AAAAIA2FBAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3641495816933212221
https://ml314.com/csync.ashx?fp=78092f6aa0fb0e1d3129807cd66a43da5cbc2b759b5dd3e7b9acc285d2083408f4cb09cee1a4f8eb&person_id=3641495816933212221&eid=50082

43 B
115 B

82ms
81ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=78092f6aa0fb0e1d3129807cd66a43da5cbc2b759b5dd3e7b9acc285d2083408f4cb09cee1a4f8eb&person_id=3641495816933212221&eid=50082
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 00:03:59 GMT
date: Sun, 21 Jan 2024 00:03:59 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

Redirect headers

date: Sun, 21 Jan 2024 00:03:58 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=78092f6aa0fb0e1d3129807cd66a43da5cbc2b759b5dd3e7b9acc285d2083408f4cb09cee1a4f8eb&person_id=3641495816933212221&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

oracle
sync.sharethis.com/ Frame 9628
Redirect Chain

https://tags.bluekai.com/site/59574?id=ZGgABWWsX20AAAAIA2FBAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

42 B
297 B

208ms
68ms

Image
image/gif

18.116.4.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

HTTP/1.1

Server

18.116.4.103 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-116-4-103.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGgABWWsX20AAAAIA2FBAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
date: Sun, 21 Jan 2024 00:03:58 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 cc_408.js Show response
s10.histats.com/counters/ Frame CDDB 16 KB
6 KB 45ms
44ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_408.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 39371
etag: "1826777941"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c143b84d9d5-MIA
content-length: 6216

GET
H2 200 / Show response
e.dtscout.com/e/ Frame CDDB 7 KB
4 KB 272ms
271ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fking.laskar2d.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4794504.php?4794504&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLASKAR2D%20%E2%80%93%20PREDIKSI%20ANGKA%20TOP%20LASKAR2D%20HARI%20INI&@n0&@ohttps%3A%2F%2Fsky.pasukanantidepo.shop%2F&@q0&@r0&@s408&@ten-US&@u1600&@b1:182488353&@b3:1705795438&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fking.laskar2d.xyz%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8d5b8b3aba83295ca889eb14afa7e71c933440698302f648fb902048559606b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:58 GMT
x-t: 0.231
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtzdVUpnm4Bilp%2F0hmwJZWRrXLBmEgF%2B8Xu6%2FEvmkG1uRe4Qq5g6ik5ZpD1hwwVmNNBT6fwd96hMVIXyHn0LVis5R6Q88MSkd1QiaZgjWdSxr3Kj6XZ21H1lnXwC6SlycepaEMg84IxSno0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c1438736dc2-MIA
expires: Sun, 21 Jan 2024 00:03:57 GMT

GET
H2 200 bk-coretag.js Show response
tags.bkrtx.com/js/ Frame 8D12 51 KB
16 KB 322ms
106ms Script
application/javascript 2.19.130.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.19.130.8 Seattle, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-130-8.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sun, 21 Jan 2024 00:03:59 GMT
last-modified: Fri, 21 May 2021 19:14:21 GMT
server: nginx/1.15.8
etag: W/"60a8068d-cbc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
content-length: 16078
expires: Sun, 28 Jan 2024 00:03:59 GMT

GET
H2 200 cc_432.js Show response
s10.histats.com/counters/ Frame DEC6 18 KB
7 KB 90ms
84ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_432.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60753d7fdcfbff1bc5de6cfa1b1d7c4041e32257bebaa6459843f9e6e5dbe302

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 9550
etag: "1507603602"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c151d08d9d5-MIA
content-length: 7502

GET
H2 200 / Show response
e.dtscout.com/e/ Frame DEC6 7 KB
4 KB 267ms
261ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbolo.treksantuy.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4789234.php?4789234&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mTREK%20SANTUY%20%E2%80%93%20ANTO%20BOOMER&@n0&@ohttps%3A%2F%2Fsky.pasukanantidepo.shop%2F&@q0&@r0&@s432&@ten-US&@u1600&@b1:-98579741&@b3:1705795439&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fbolo.treksantuy.xyz%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8e6b872b065edf8f89bf2e2aefc20554dd74fab1409b2f65a8c1d7401b724d6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:59 GMT
x-t: 0.396
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K69OxxU36IxhIwfUBu4jRWSvU0bM%2FfmjULqVSehVN5tPjd%2BCax3IiR299F9BVGstcOC%2FnG9SGr1fuVjWJQvKeq2X%2BO76f7Xi6RY3DmnNT52U1cHTe6MFtli2nksWsuZxSGkfeRiYRSCyi4w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c1519576dc2-MIA
expires: Sun, 21 Jan 2024 00:03:58 GMT

GET
DATA 200
OK truncated
/ Frame CDDB 976 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 wp-emoji-release.min.js Show response
bolo.treksantuy.xyz/wp-includes/js/ Frame DEC6 18 KB
5 KB 613ms
605ms Script
application/javascript 2606:4700:3035::6815:5055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bolo.treksantuy.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5055 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 13 Jul 2023 07:26:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6W16fQx9IU8aQCAyTxQCjGV6IOMRhiTUXF4dCjtvZ40Xl%2FnLiYaeNYmIp1mBBvgSdDPjKnr4bWC2EXN3EGLbr3xB0LnUUilQCtBUUx1%2BYSylV0o8o10O68WW5dX47ycRNbuL8sRIdga8xVOFC4qgtz0t"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c154d170a06-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 00:03:59 GMT

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame CDDB 58 KB
18 KB 85ms
81ms Script
text/javascript 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fking.laskar2d.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:06:03 GMT
content-encoding: gzip
via: 1.1 dd80355363eac92e0372107558e579a8.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 68277
x-amz-server-side-encryption: AES256
etag: W/"eb52f900499b46d1088df97dad487c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: EvR-uL6EM6W2Rv4gcaKF0WfkPJG2sh2P0rOoLKX9cwlYXYoOd_7wXQ==

GET
H2

200

2981
tags.bluekai.com/site/ Frame CDDB
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=51A01705795437671B15BDFA0C3AC9B3
https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=75a782b49ce23786
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=SkVqUG0yb1E5OWV2UHZoaw%3D%3D
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEPTQLZ_NTvLRk-1f2Z2V5Eo&google_cver=1

62 B
305 B

135ms
134ms

Image
image/gif

104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEPTQLZ_NTvLRk-1f2Z2V5Eo&google_cver=1
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Server: 104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 21 Jan 2024 00:03:59 GMT
content-length: 62
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:03:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEPTQLZ_NTvLRk-1f2Z2V5Eo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame CDDB 0
455 B 95ms
92ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fking.laskar2d.xyz%2F&r=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fking.laskar2d.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:59 GMT
x-t: 0.96
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvgAJv4at1DQqU5bf5vZX%2F4UwtkqRRC6ikqSzUml1tgjcey%2FucaU0VJoNm%2Fi5WnV15ebIDj5naJvgutAFAxUgOkVWpPs9mD3tKcTngDeocMPYbXk7EgEBL9cPPf54%2F0HVSGRS1hNr051kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web2.ny1.dtscdn.com
cf-ray: 848b4c163884287a-MIA
expires: Sun, 21 Jan 2024 00:07:29 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame CDDB 33 KB
11 KB 81ms
79ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fking.laskar2d.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38440
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: vOnSPHyy2qcjVoBgzQJzU3yVSk5r-qOhNQfezfuT1gLClNrBB4EG1w==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame CDDB 2 KB
3 KB 82ms
81ms Script
application/javascript 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fking.laskar2d.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

c4425bf79d38f326138bacaa3c55d3b01eb90cd641e3e0f56f88ac721b3902b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame CDDB 51 B
357 B 272ms
271ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=king.laskar2d.xyz&_ss=74i7xevtjf&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=1qxv&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fking.laskar2d.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fd6a46322d2786146e942182d44a1a1f2764912442c4f56b32d7a01e22d6f96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:59 GMT
x-t: 0.148
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6y0DPUMqAIkZ7ZKpJF3Ek%2BdfJxfwsJc10XikGcPPw0FCIRJaOj%2BasfhmIcvLQhgWo3TOgpYTV%2FuHM5xTiJwJQiCvF19cWLCEOA4%2FQopa6Q2qc0YnlYDluvjaEJlEc%2FkagBK5yZf5rtLq8Q%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c163b146dc2-MIA
expires: Sun, 21 Jan 2024 00:03:58 GMT

GET
DATA 200
OK truncated
/ Frame DEC6 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: add3315d7a7bb82510756eb8828798744b2613a242d9388a73acc0b67b9101a9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame CDDB 2 KB
2 KB 67ms
65ms Script
application/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.33264584707018696&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

58627f33bcb7b5ed28675fa89d0a45aa0107bfcbec0b17bd3ffb5ac99b763943

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Sun, 21 Jan 2024 01:03:59 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame CDDB 42 B
265 B 72ms
70ms Image
image/gif 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&event_source=dtscout&rnd=0.33264584707018696&exptid=ZGgABWWsX20AAAAIA2FBAw%3D%3D&fcmp=false

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame CDDB 50 B
455 B 106ms
98ms Fetch
application/json 18.173.132.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-31.jfk52.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:59 GMT
via: 1.1 25d430acaef0ba8e2a9fff8bf278ceda.cloudfront.net (CloudFront), 1.1 e70925a92da0404e239c3620389c3dd0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C1, JFK52-P2
x-amzn-requestid: b02f055e-3d1c-44c3-aea7-e09789272542
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: R3PZbGAeCYcEVgQ=
content-length: 50
x-amz-cf-id: zoZdpxPb9xzFK0BCsaoLEvb5jJOCWWVOSRn-Tlz2bN6SCNdFzSe5Vg==

GET
H3 200 close.png
bolo.treksantuy.xyz/wp-content/plugins/uji-popup/modal/css/ Frame DEC6 4 KB
5 KB 602ms
599ms Image
image/png 2606:4700:3035::6815:5055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bolo.treksantuy.xyz/wp-content/plugins/uji-popup/modal/css/close.png
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:5055 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 708c5f09bb1e3e8c8c5ee2cb96b536a1ef77c82a592367a6346f08d718377c47

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:59 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Jul 2023 07:26:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNBG7B9sQu8%2BWRsDuc6XSOvfbIphyGQWuUC5wgjhtKHvA2tov%2FNtqkwL8iiyLC9%2Bmp60M%2F4OlUHxbmJXSWlFB4t4iYFbu%2FTmiKLbZacaThHGsdNiKIDPegBHmU0WKmy2AF%2FQ80wf1vjzulnWJLOnzMAF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 848b4c173f470a06-MIA
alt-svc: h3=":443"; ma=86400
content-length: 4393
expires: Sun, 28 Jan 2024 00:03:59 GMT

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame DEC6 58 KB
18 KB 71ms
70ms Script
text/javascript 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbolo.treksantuy.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:06:03 GMT
content-encoding: gzip
via: 1.1 dd80355363eac92e0372107558e579a8.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 68277
x-amz-server-side-encryption: AES256
etag: W/"eb52f900499b46d1088df97dad487c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: DOx0oXUc7VPITl8Z2sXCkMDyMgvflvi4aMTZtXuvqf5qdelEXLjgvA==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame DEC6 0
438 B 98ms
93ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fbolo.treksantuy.xyz%2F&r=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbolo.treksantuy.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:59 GMT
x-t: 0.88
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ReAI115xspbJwJilEnbU%2BpH5EZ%2FR0OD%2FsExC7TSI%2Fo4qIRto8F2zngV6B7Lg8WcnP5tO%2B99rvoAdBBH0x0VSOEC9fVITjFNe4Ydi%2FCXgl2FPRaeLX6xpjVmM60J3wPAhjF6zqIssQExCJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 848b4c174a88287a-MIA
expires: Sat, 20 Jan 2024 23:10:11 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame DEC6 33 KB
11 KB 71ms
67ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbolo.treksantuy.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38440
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: FK8OaJdmV1-npIQIdpjQUBo9u-46ahd65sQD68nDZYok5PfsMgfXVA==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame DEC6 2 KB
3 KB 87ms
69ms Script
application/javascript 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbolo.treksantuy.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

c4425bf79d38f326138bacaa3c55d3b01eb90cd641e3e0f56f88ac721b3902b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame DEC6 51 B
427 B 264ms
261ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=bolo.treksantuy.xyz&_ss=2bi2x180l8&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=62d6&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbolo.treksantuy.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed19f70a06a3cee8f331195df96299b189d40dc2045862f4a5c1383815b725fd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:59 GMT
x-t: 0.138
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o39ipjP1z%2B%2BEZinE19%2BC8guN9bklyw6WaHmDdpQS5kXHHZBj44C8NXDuXojO27MaELyBnHfsm4UQvo1PYivrLzm4GJQzVvzJWyBJrfD%2FmMzWulaC3Gmw3oo35cP0oU2gGj96EIyx46FOWVw%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c174c8c6dc2-MIA
expires: Sun, 21 Jan 2024 00:03:58 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame DEC6
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=51A01705795437671B15BDFA0C3AC9B3
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
https://pixel.onaudience.com/?partner=147&mapped=fa46c0a5-b18e-4497-af0b-ad4dc5823d79&icm&gdpr=0&gdpr_consent=&cver
https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=8f3fb1e796987083
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlVfR1djOTE2ZnBpQkE5S2ZEZGJfNzlaWjloYzVibkdROFR5dXFZQl9oT2c&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESED6t9u2CqtH85xpBidPdkfQ&google_cver=1

70 B
440 B

72ms
72ms

Image
image/gif

50.16.174.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESED6t9u2CqtH85xpBidPdkfQ&google_cver=1
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: HTTP/1.1
Server: 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-174-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 21 Jan 2024 00:04:00 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:03:59 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESED6t9u2CqtH85xpBidPdkfQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame DA69 2 KB
1 KB 66ms
65ms Document
text/html 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.33264584707018696&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://king.laskar2d.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sun, 21 Jan 2024 00:03:59 GMT
Expires: Sun, 28 Jan 2024 00:03:59 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame DEC6 2 KB
2 KB 93ms
79ms Script
application/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.1321130549196572&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

58627f33bcb7b5ed28675fa89d0a45aa0107bfcbec0b17bd3ffb5ac99b763943

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Sun, 21 Jan 2024 01:03:59 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame DEC6 42 B
265 B 68ms
68ms Image
image/gif 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fsky.pasukanantidepo.shop%2F&event_source=dtscout&rnd=0.1321130549196572&exptid=ZGgABWWsX20AAAAIA2FBAw%3D%3D&fcmp=false

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:59 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame DEC6 50 B
462 B 71ms
70ms Fetch
application/json 18.173.132.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-31.jfk52.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 18:48:30 GMT
via: 1.1 e811c1e9e6ed756b98bfcf15c74f6bea.cloudfront.net (CloudFront), 1.1 e70925a92da0404e239c3620389c3dd0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C1, JFK52-P2
age: 18929
x-amzn-requestid: 423a8d85-a4f4-4ff4-9445-d5a4b6d1be7c
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: R2hLwEnWCYcEsfQ=
content-length: 50
x-amz-cf-id: OeivsyljivFTCO6HVgeDuLn39k1_Cblsi0bGGyRTOYhKs-t0DYlPZA==

GET
H2

200

5386 Show response
tags.bluekai.com/site/ Frame 4C03
Redirect Chain

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGgABWWsX20AAAAIA2FBAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23380%26cid%3Dc010%26...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
https://tags.bluekai.com/site/5386?id=fa46c0a5-b18e-4497-af0b-ad4dc5823d79&gdpr=0&gdpr_consent=

62 B
305 B

138ms
137ms

Document
image/gif

104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/5386?id=fa46c0a5-b18e-4497-af0b-ad4dc5823d79&gdpr=0&gdpr_consent=
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://t.sharethis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 62
content-type: image/gif
date: Sun, 21 Jan 2024 00:03:59 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

content-length: 221
date: Sun, 21 Jan 2024 00:03:59 GMT
location: https://tags.bluekai.com/site/5386?id=fa46c0a5-b18e-4497-af0b-ad4dc5823d79&gdpr=0&gdpr_consent=
server: Kestrel

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame CDDB 5 KB
2 KB 69ms
68ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2434
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: xv7SVmsQRf8V0fZ_WyyVAZqUEyZcpHGL-ZS44ZwMts_jv6F-cbSu5g==

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1268.23380/a/US/ Frame C43B 19 KB
9 KB 203ms
202ms Script
text/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:59 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8535
Expires: Sun, 28 Jan 2024 00:03:59 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 1771 2 KB
1 KB 68ms
67ms Document
text/html 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.1321130549196572&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://bolo.treksantuy.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sun, 21 Jan 2024 00:03:59 GMT
Expires: Sun, 28 Jan 2024 00:03:59 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ 43 B
178 B 239ms
68ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:03:59 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 1f534.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame DEC6 113 B
424 B 112ms
32ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f534.svg

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

93f28a18a1df638b539f6bde99c048a50ad7b8a5643c6966a0546a0c50f7cace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 2
date: Sun, 21 Jan 2024 00:03:59 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 113
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2b50.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame DEC6 554 B
651 B 111ms
32ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2b50.svg

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

2bf5907894a70b877089c24817fcc65db655cfed28840aa16c8f3810cd412620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 2
date: Sun, 21 Jan 2024 00:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame CDDB 41 B
465 B 67ms
67ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 75bee475e0eb4e9aa841f244bca9cabcf4652cc75ffed66e332173e2d636d379

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://king.laskar2d.xyz
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame DEC6 5 KB
2 KB 63ms
61ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2434
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: oYlun0SUY-rbcjsTMfBnxIBYvGFsWGx69ADVypSFOieUcFsc6CEFgg==

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1268.23380/a/US/ Frame 326D 19 KB
9 KB 68ms
67ms Script
text/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:59 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8535
Expires: Sun, 28 Jan 2024 00:03:59 GMT

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame DEC6 41 B
467 B 70ms
69ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 75bee475e0eb4e9aa841f244bca9cabcf4652cc75ffed66e332173e2d636d379

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:03:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://bolo.treksantuy.xyz
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame C43B 0
289 B 65ms
65ms Image
text/plain 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGgABWWsX20AAAAIA2FBAw%253D%253D&tt=t.dhj&dhjLcy=1705795439283&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23380&ell=d&cck=__stid&dmn=sky.pasukanantidepo.shop&pn=%2F&qs=na&cc=US&cont=NA&evid=bxMVp0YAfOjMhx6L9CIM&urls=&rnd=1705795439709&cid=c010&version=1.1268.23380&cc=US&cont=NA&cls=C&repeat=0&htmLcy=212

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:03:59 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Sun, 21 Jan 2024 00:03:59 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 326D 0
289 B 67ms
64ms Image
text/plain 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGgABWWsX20AAAAIA2FBAw%253D%253D&tt=t.dhj&dhjLcy=1705795439522&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23380&ell=d&cck=__stid&dmn=sky.pasukanantidepo.shop&pn=%2F&qs=na&cc=US&cont=NA&evid=ayMVp0YAACkTCANaTre5&urls=&rnd=1705795439772&cid=c010&version=1.1268.23380&cc=US&cont=NA&cls=C&repeat=0&htmLcy=72

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:03:59 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Sun, 21 Jan 2024 00:03:59 GMT

GET
H2 200 style.min.css
markas-prediktor.info/wp-includes/css/dist/block-library/ Frame 12FE 107 KB
13 KB 528ms
518ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 13607
expires: Sun, 28 Jan 2024 00:03:59 GMT

GET
H2 200 cwp.css
markas-prediktor.info/wp-content/plugins/comments-widget-plus/assets/css/ Frame 12FE 227 B
285 B 529ms
520ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 227
expires: Sun, 28 Jan 2024 00:03:59 GMT

GET
H2 200 sidebar-login.css
markas-prediktor.info/wp-content/plugins/sidebar-login/build/ Frame 12FE 2 KB
388 B 1104ms
1095ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 328
expires: Sun, 28 Jan 2024 00:03:59 GMT

GET
H2 200 style.css
markas-prediktor.info/wp-content/themes/asteroid/ Frame 12FE 28 KB
8 KB 1105ms
1097ms Stylesheet
text/css 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 7810
expires: Sun, 28 Jan 2024 00:03:59 GMT

GET
H2 200 jquery.min.js Show response
markas-prediktor.info/wp-includes/js/jquery/ Frame 12FE 86 KB
29 KB 798ms
790ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 29744
expires: Sun, 28 Jan 2024 00:03:59 GMT

GET
H2 200 jquery-migrate.min.js Show response
markas-prediktor.info/wp-includes/js/jquery/ Frame 12FE 13 KB
5 KB 1073ms
1065ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4678
expires: Sun, 28 Jan 2024 00:03:59 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 12FE 157 KB
26 KB 111ms
35ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://markas-prediktor.info/
Origin: https://markas-prediktor.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:03:59 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3283414
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760044-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 12FE 30 KB
7 KB 120ms
43ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 4465836
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4c1b8f7967cf-MIA
cdn-requestpullsuccess: True

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 12FE 21 KB
8 KB 109ms
34ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://markas-prediktor.info/
Origin: https://markas-prediktor.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:03:59 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4041565
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760044-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 12FE 62 KB
16 KB 109ms
34ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://markas-prediktor.info/
Origin: https://markas-prediktor.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:03:59 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4489630
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760044-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Banner-Pdtoto-New.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZ... Frame 12FE 258 KB
258 KB 790ms
641ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7RT7CUs3Cxz6MCwS0LAlAvQUwiKk8pAjJPuqQ4SIzOyC3Bo3lI2_wDWzHFhpiTPmtbN-k4nNd3AP2ZnCoFKp_giFjWka1dGvWwpytjKzNmKDGDB0e7wZD6k8KN1cg1vFydQW1agN6qFvrE6PZvmwTjL5YvrvtHikeCfV6za6uDVQSe9uERqpVzNT8q8s/s790/Banner-Pdtoto-New.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
server: fife
etag: "v19ff"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Banner-Pdtoto-New.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263986
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:00 GMT

GET
H2 200 HD-PALING-BARU.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQ... Frame 12FE 4 MB
4 MB 1020ms
872ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjm0L3uDC8G6JyI1jHdOIJOCtBWVq-SBA_LZHQP9inKqDC7O1rVWd5nDcpUDJ60uCAKnmcwFFxejvdXQfjlco96pwX5WkVG5dZk93FKDSLBnJAQNVjTdPLTKStz9CNKJsOCKF5bbAuGaTPQveMQDL2NHzbtUZS7OXdZTUTUk4WZzT0f17hC1uJqZlgbLho/s1920/HD-PALING-BARU.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
server: fife
etag: "v19fe"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HD-PALING-BARU.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4156688
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:00 GMT

GET
H2 200 FANTASITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdA... Frame 12FE 53 KB
53 KB 519ms
518ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39TlbTLA_vPuFqImAd5n3ObqWrAqFmInyTcCZkuLFyaW2_Z29vqc2C_hJjQCKDalY3UzSmztwSr3nMYU74EtLpRV0OLJBeiXVOunWvOgW3VvTrSi1VawGHG8WrUQR7LJ9xMh-WuWoMkC26HdALfb4aT8Sayi_pQhSTnDlDVoGQsKNkzkDEPKoPc_fxLk/s480/FANTASITOTO.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v1dd9"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FANTASITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53806
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:01 GMT

GET
H2 200 FERRARITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q... Frame 12FE 652 KB
653 KB 657ms
647ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjps7PNclYSPC9bIaYsNA50JZsZGQAU6i-7Po8bqOKMhpqPWYJsHDPOI7qxx_CYNwIWUyxG9VnsOXaEd73XO6ob1n-6xzhmtcdPj1GUl9h7TnfHpqf_8YALmXSZWVKLPosOTVBLmZGDKhh1kJ-q-RaNPOFUWMExObcxOpPmAizYrvfpjZRWL2O701WuU5k/s480/FERRARITOTO.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddb"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FERRARITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 667906
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:01 GMT

GET
H2 200 UNGGULTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3o... Frame 12FE 397 KB
397 KB 898ms
888ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhiDUnzOnDdSWCW159k-_LX0Cl2QDUqCPAiUaoKgBFZi3K6pHY_H7SWvkbk3vf4LnYvehr1ahO9sOYu8IKropXsRBOMMKz6UNJtqTlwzb-n6d3Y9Lh25_T_trwZCecuhc8TgoS8Y96zBdwcJv3oKdIuQoKWSrHwhQ2BAG45_8n_2ouOzwT0Vd8x8PmtQas/s480/UNGGULTOTO.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v1ddd"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="UNGGULTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 406681
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:01 GMT

GET
H2 200 SAKTITOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8... Frame 12FE 443 KB
443 KB 626ms
617ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgrgMcEEoV5TvSthQ2ysbTDma1X8G4_Y5-WYbqx8wliI0i4iPglhffnuyAEx2wgTyyAXVUWh_hPJuPKQj_92lHlLRW12B1T5txcSPzUtznqTkL1Y3E5rU7sNDzw5n_JnGNnh1ueQLi4oVKD8Qq8r6MqKOaD3dTqKer6NRTD_dw0Z9Yw3YrOZNa7Q43tJ3Y/s480/SAKTITOTO.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de1"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SAKTITOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453342
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:01 GMT

GET
H2 200 PILARTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJq... Frame 12FE 829 KB
830 KB 492ms
482ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA9ESxBRLCKjwxVn5y2Mka3EHPseidrDg8U0yRqXjScNAijCGs5d1peAPFIrQ8nKXSVrq44gm8AqBBXkLP6y74k5IF4wTAC5KZx4QxdsDPfGZitidsAw7psuVbFjL9Os8UCDSi37AH4MsZdRJql1WttVPPOpvKeggq4XSYmRVQuFuArq8rZMyJ6D2BlB8/s480/PILARTOTO.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PILARTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 849066
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:01 GMT

GET
H2 200 WAHIDTOTO.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKR... Frame 12FE 736 KB
737 KB 626ms
617ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj6HHjdl6Tpz-eSTjdj37xENBMjrgdj-Wd1dFq3IlK2foZg39rqEbtV1bZi4uJNSiucg0Tgf5psfUkycaXow_xsI5p3mxFZeeKfN1ov_XKBXUroutgFtnivn46CnsggenRXC2BkM6FEX6xZBPKRqKW1-4AVsE9VDgppxcjrWGPUTvhXs5O8caFiTw7XITU/s480/WAHIDTOTO.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de2"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WAHIDTOTO.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 753707
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:01 GMT

GET
H2 200 energi%20toto%203.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcd_6SbNQ99XT55xk6HragvTgvW3NLi-I_7bHLaun0Ag0vc_7f1bgivGIuKkd6pUcJ0WsvtZ_yJPnZKqHNO2sI20DsMdXzIwHnIZqYKNp_O6Z2ZkJh5JRTkAg_6udkPzJ-nYkiCtHYRXeedER6... Frame 12FE 459 KB
459 KB 722ms
713ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcd_6SbNQ99XT55xk6HragvTgvW3NLi-I_7bHLaun0Ag0vc_7f1bgivGIuKkd6pUcJ0WsvtZ_yJPnZKqHNO2sI20DsMdXzIwHnIZqYKNp_O6Z2ZkJh5JRTkAg_6udkPzJ-nYkiCtHYRXeedER6chXzrDKr06HgvsVO7K0-ZhM7DrwlizaBFP5Rlyb9oYU/s480/energi%20toto%203.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

859fc224dfddea3a5015809ea2d6f46bd8510f039046c3c158f7c018d8f5fbab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d72"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="energi toto 3.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 469976
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:01 GMT

GET
H2 200 gas%20toto%203.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8o2khkyJmyjeKKryUtVWCD8NYEFirgx7mWmm39piLZL0Vcbqm3XpPhtT6YhFT0sLJsuOgzSUtn86hOSSDru6sdPskLiucWb220oM-vIBTmE6jCFOsHo3xl0UwIql1KLV8IEg7sa3ULv11gzHc... Frame 12FE 854 KB
854 KB 658ms
649ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8o2khkyJmyjeKKryUtVWCD8NYEFirgx7mWmm39piLZL0Vcbqm3XpPhtT6YhFT0sLJsuOgzSUtn86hOSSDru6sdPskLiucWb220oM-vIBTmE6jCFOsHo3xl0UwIql1KLV8IEg7sa3ULv11gzHc52Pp5LZTGU0FTdQgT0Yk5lkxNoPIaALhdgi8uR6Vtko/s480/gas%20toto%203.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ab28525af13ce6f2aa74c54d16f533ee08d6df5555277b29093bb98a3df58a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d71"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="gas toto 3.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 874244
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:01 GMT

GET
H2 200 apik%20toto%203.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiV0OPcAYjgavrOnRETpMZHfxtk1pwNeJeg38Hkrm6cE5Mh1BiBCBFIYlQcrH9msRNgS2PpeteBebAQAQ-9lYSsBMXrQXcAQThbOAPYy3bTC2IDE0ztTRXRc_PiRPQX56BpnDoYs96xjknK3mXS... Frame 12FE 254 KB
255 KB 899ms
890ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiV0OPcAYjgavrOnRETpMZHfxtk1pwNeJeg38Hkrm6cE5Mh1BiBCBFIYlQcrH9msRNgS2PpeteBebAQAQ-9lYSsBMXrQXcAQThbOAPYy3bTC2IDE0ztTRXRc_PiRPQX56BpnDoYs96xjknK3mXS3_GDU_ZJB-i4K_VOwXgpxsRA3_SZ9QVrPodghsW_5Cg/s480/apik%20toto%203.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e1069c844742374ce5d55bf288826350c3c5c26c1bcdbde43f76c51c8e2df535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d6c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="apik toto 3.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260556
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:01 GMT

GET
H2 200 agung%20toto%203.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3oHrazPbRV_KiLS3VFJgcE1dNIDdcdOGrPaSOv45k9JSYoRpxvpmYTVw9NLfn95B3obtJ02bARci_4NRp8PqauNjFLIttAluvp4iob0jse_ERv0WWOWmdkHOhEzu8VKdVThprW5vC333101oD... Frame 12FE 384 KB
384 KB 668ms
660ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3oHrazPbRV_KiLS3VFJgcE1dNIDdcdOGrPaSOv45k9JSYoRpxvpmYTVw9NLfn95B3obtJ02bARci_4NRp8PqauNjFLIttAluvp4iob0jse_ERv0WWOWmdkHOhEzu8VKdVThprW5vC333101oD7d9brne0dmhSzxtsuGTZs4BDYSLyrFYrQPyyLpt3Q0s/s480/agung%20toto%203.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

51657894d582014e07c19a90007b911b5778078a5838eb727f3656fa438be887

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d6f"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="agung toto 3.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 393106
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:01 GMT

GET
H2 200 velbett%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD... Frame 12FE 1 MB
1 MB 1816ms
1808ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJuVwzBAHk_hzKg92ldLFilxyzprVOiXhlypS8fvX7CDYMw-Cn7plb7DOrhh1IYLEd6QqMR4dVi9943eFu3V7h0CwXsAdMvBPZPDMuO6crEUPDmgKZmqpvlheR4PsjNOy5xdZ9O6xa9LV5jALD4oTMb4lofHlAVfFdnr0SeT3xAw1lgyy4zvjykWuJf-Y/s464/velbett%20464x100.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v245a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="velbett 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1160950
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:02 GMT

GET
H2 200 BB.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnu... Frame 12FE 2 MB
2 MB 532ms
524ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCPDNZbcoPPaQZqnPhbQ1oNpSrk9WuBoq3ogtRfUpSogVyVFhvIH7YLSFJp-B8CvjGfItm2KSqXcIxg1lXGzJs36pi2rxiKeSNrTrZNHxz-O4BpwiSUa_kiXd-Ry-q3Z7Wi8aAUtncONC8yBnuHQuokD567h3b2PxZsK-ghUD_XJR_zr2BY1tZ2JGZaeY/s900/BB.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v23b6"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="BB.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2182693
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:01 GMT

GET
H2 200 SJR%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24n... Frame 12FE 2 MB
2 MB 1803ms
1795ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV1KGD7jwutaEylpW6V0G19eedvLKygNKh677vdYOdHJLb4pE6Jrdv3eVvfPof4NCAMDOtOHw7RbdAwlTlmZ6IPX1CQH_CvaMhpIJPTy0Fmvuw5umbh3KTsrQooiB2Q-AIB6X1yic14EuFF24niEH2joCXIiJ1RNib5prWJCKCGlRNMObw7ynBxnBZSGo/s464/SJR%20464X100.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v2460"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SJR 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2054449
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:02 GMT

GET
H2 200 fb.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3C... Frame 12FE 733 KB
733 KB 729ms
721ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzBuX_7mV7-tU86r24tOzm_wV8s0WhXy1TdJMPbakqoyZ-b3RbokXpUHhItXnv4badA3jIWVocZk96BegEtPUNmIvksnNGn-_OnKUkcshFpU3EE8JR_YdzsZkTN8UUN5jG-sLGPQu7dC3EyH3CWIE2BJDeH5fAfWH-9gEQRQcg169RGu9PqQe0lSj5F6A/s464/fb.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v2463"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="fb.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 750125
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:01 GMT

GET
H2 200 FF%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpq... Frame 12FE 2 MB
2 MB 1996ms
1989ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiIzWQxQSAIRi0jgzaeznZZ3-ibaDkTfbBvK4QyR_Y2_5MjsjN3yLplm3xU00O06OsFSp6T7POskvfoWNQgNf_4nCVN_SIUygUBxuz2_wLppx3UtGjIhek9mAOfDDzmewMHJITTeyP8DoYuGpqc_wovaBih_pCQHFrJJL1SyO6CvZ5ufsCNG0W5KtKr3I/s464/FF%20464X100.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="FF 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854572
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:02 GMT

GET
H2 200 IDEAL%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3... Frame 12FE 812 KB
812 KB 1177ms
1170ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr_-RFYHnn0o2cX7sGLgHLJYRGtc69z_P535PulCYriy3H_iqNsCWhZWa9LjG7CuJS2Y56flst4HG8hRuSl5fFUS4xDoWpG6aIZgvnfKG3OYxa0b0h8EkSMwmcfVsbgO8ELvpa-Uf9U-n_0nl3YnWtzbLyfTeNHalIGtjetx2EWChpJlYi0-yGJBE9VGE/s464/IDEAL%20464X100.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v2465"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IDEAL 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 831342
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:02 GMT

GET
H2 200 LM%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby5... Frame 12FE 659 KB
659 KB 1566ms
1559ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvhjeujDjO0MgepqC4AokorWs7aLU8PgVym0Bn-f1MWCuGOsqq3x6lrQz6J6hPD9IX9_cLoG0VTRS_uAGqyEgxcxPTzcj9DQigp3ZRi6CB85w87VL0AkNZ1E6Zkys8Ijyw_EBYG8XXvYvTqby55bGUXFeSjX9eio6yDzlgZxlugHCplEOWTRFsr8p8qQc/s464/LM%20464X100.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v2468"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LM 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 674423
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:02 GMT

GET
H2 200 hermes.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNT... Frame 12FE 1 MB
1 MB 2157ms
2151ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHmg5qyKjlMNm3L5mYhOI5iLXg_UgVoktp08gS78J7xC3FWzu4cO2Mba69U7Sgho-97ns_lWR_6c8hLOV9huLU7nZQKeZNTewhdxqnnO9fisOhtCSgZJdFg5nn5ktIcbPqBDCICk9G3yqOjTNTzNBD6E5dLot3hLcW5vs4dHSTeeqFxCgDayhmjP9iWmg/s464/hermes.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v246a"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="hermes.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1145741
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:02 GMT

GET
H2 200 marvel1.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH... Frame 12FE 718 KB
719 KB 1264ms
1258ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6fMzOoGECmCzeWrab8oLk6TzoJX2fnon6qBxpz-kmTMj9jRg7AcVAF-G0v_b5mwPN1VxGMMQZN8JZfwTc62ZmJtMANpwM1VatiboN3NhkzjWvJTGHvumla46e3PWZMJhzGxnjcJAp5M5BtLfH8zPIHR2ShdizYM9xHWO7w7vAdio1RjufRcR6eixGnbs/s464/marvel1.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v246c"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="marvel1.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 735376
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:02 GMT

GET
H2 200 mtr%20464x100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9P... Frame 12FE 309 KB
309 KB 1148ms
1141ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhIPV4eikD90GNxGUcSHkIRNGmWbQElAkGDtNcW_rraYSTuWLKYW3tA4qxzMXUQGtjViDRBQHtIXvsyoJWta8R-GoPqVRtkdcm0gT9cunZRVGe4-dIJMycN7rOVA8_6tAFeyfm11WTuD9iG-Z9PK_XM7as8TGAbit7Tnwozg7FiK739RYULqAnzNwBK320/s464/mtr%20464x100.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v246d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="mtr 480x100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316421
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:02 GMT

GET
H2 200 PENUHBETT%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihHjNCCGyFzkDfwmtOldZw-nhbAurEH_jWBw0DqUiZYRloN5czcnp8yHQOgpj7QJY5IPRfT4EwZWp9lXe5hgp4-_Dkq7uhW_awvKmPqSQ6SsWabbE4Zy3Wom20uf2JC9WHoywcqdTq4PfZZF03... Frame 12FE 2 MB
2 MB 2148ms
2142ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihHjNCCGyFzkDfwmtOldZw-nhbAurEH_jWBw0DqUiZYRloN5czcnp8yHQOgpj7QJY5IPRfT4EwZWp9lXe5hgp4-_Dkq7uhW_awvKmPqSQ6SsWabbE4Zy3Wom20uf2JC9WHoywcqdTq4PfZZF03rN34plazLw_1FhY_Mvzbs-uyf044Z078ezKrhalnR9A/s464/PENUHBETT%20464X100.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f7a268fe54141807077d99c931e63dc4ed814892add35accf4f92fb98b0030d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v245f"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PENUHBETT 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1802346
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:02 GMT

GET
H2 200 DOMAIN%20464X100.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGp... Frame 12FE 1 MB
1 MB 2189ms
2183ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhP4cl3x9xoSpU_sqNLz9sgFqJCLYLAbsTbLe4NfmjjStA73ceVoD_4BLJDPRJnoEkIDoNJURRh7WSQ6n374oWuTn6E0UhuhrnEPgLDmsGM4pJw8gXg9U2HxoaHNyDgwlvC1b_08xdu3xduSPGpLr_uWaX72mqDaaHh_Xh7qjM6j8LLPDY1SpTfUPIXexE/s464/DOMAIN%20464X100.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
x-content-type-options: nosniff
server: fife
etag: "v245d"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="DOMAIN 480X100.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1492639
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:03 GMT

GET
H2 200 romobett.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBZmw8QjJdYHlO1X3PZbVty-fd1oQT2kaybeHrQSNy8fNPjdATnqB_jTgkEXqk9ksRYdyftZR9jvICiE_O5e9Hk4Zub4rfypu_2E-y681ZP04ArVY3gOQb4fB9oZptwkTclG6whLQI7S49OJI8... Frame 12FE 2 MB
2 MB 732ms
727ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhBZmw8QjJdYHlO1X3PZbVty-fd1oQT2kaybeHrQSNy8fNPjdATnqB_jTgkEXqk9ksRYdyftZR9jvICiE_O5e9Hk4Zub4rfypu_2E-y681ZP04ArVY3gOQb4fB9oZptwkTclG6whLQI7S49OJI8YQW3GabW-bhhXGskmK2eKTsk36bAG9eWOHYz9NNnKN0/s900/romobett.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cabd6c6e2ce478bc6a9344f5f75f501bbf6b7ba8fd54d7487e7a09279f3a34d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v20a7"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="romobett.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1595918
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:01 GMT

GET
H2 200 NAGAMASBETT.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5G... Frame 12FE 173 KB
173 KB 728ms
724ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4THQRYMONsRn9oaWVSFDGvDQccUo2P64crzNv4AImwHrno7xTFDqtEnsx20P0J1TZ_JIKz5hVeOZJF8-qIZlmR6TAedMpMUMqkENyKw8CDssR9fGd06Q4Vq3vaEpXitON2vcaK7DJtZHjdV5GE9r-uSjor7Mh7DfmxtWmAoBlO-BZ4l2RtWdQIgOD2pI/s480/NAGAMASBETT.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v1de3"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="NAGAMASBETT.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177233
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:01 GMT

GET
H2 200 banner%20gif%20pasarbett.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEifQGtsxCp3OeLvd1Lrhg9PmZ0YLr6TS2Q8cUFn3o9F6ZaUFaMVY39HddT-Yxn8nKqVYlt3SSVFkACEJF_mENwzUU78va4bupjbIhlCnLRY6LYIiYJEXOz2isxRZbKW5vY8OdK523YZgLRS4h15... Frame 12FE 16 MB
16 MB 1064ms
1060ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEifQGtsxCp3OeLvd1Lrhg9PmZ0YLr6TS2Q8cUFn3o9F6ZaUFaMVY39HddT-Yxn8nKqVYlt3SSVFkACEJF_mENwzUU78va4bupjbIhlCnLRY6LYIiYJEXOz2isxRZbKW5vY8OdK523YZgLRS4h15-2UAhAryQKVW9TipjqURv_gTlHY9hhTVPobsb6KdbbY/s980/banner%20gif%20pasarbett.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3485295530761106ba56255187cc1f9a7f7cddb3b54eb1030dbd0c415b76afbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d0e"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="banner gif pasarbett.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16315436
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:01 GMT

GET
H2 200 banner%20gif%20idealsport88.gif
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVJJ1AmWumNs9-LLxJVOnV6hsT7JgwrRId33gNFQQoyqiYG44FQSz1ByFtJwEVsfDI5GFVdUbLnUZAuUWAgOnUhT1euUdOv4tEOSV-qzbTd7t_0dFTHpwYLgtq3JLK7X4c2l04Mewm_DUGzqcn... Frame 12FE 1 MB
1 MB 2154ms
2150ms Image
image/gif 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVJJ1AmWumNs9-LLxJVOnV6hsT7JgwrRId33gNFQQoyqiYG44FQSz1ByFtJwEVsfDI5GFVdUbLnUZAuUWAgOnUhT1euUdOv4tEOSV-qzbTd7t_0dFTHpwYLgtq3JLK7X4c2l04Mewm_DUGzqcnMcsYZu90EyuhjO8lCv0iP_bu_Fkgq3COfeEdiVwtlOA/s464/banner%20gif%20idealsport88.gif

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

31fbef2d8aa8eb899334230f74c59be161cb7a3fef953d60d698855548e7c825

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v1d09"
vary: Origin
content-type: image/gif
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="banner gif idealsport88.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1559165
x-xss-protection: 0
expires: Mon, 22 Jan 2024 00:04:02 GMT

GET
BLOB 200
OK bb3ffb23-e1b3-48db-a69b-283e8b80e882
https://markas-prediktor.info/ Frame 12FE 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://markas-prediktor.info/bb3ffb23-e1b3-48db-a69b-283e8b80e882
Requested by: Host: markas-prediktor.info
URL: https://markas-prediktor.info/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 style.min.css
rtx.dudasoleh.lol/wp-includes/css/dist/block-library/ Frame A954 107 KB
15 KB 56ms
44ms Stylesheet
text/css 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:09:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 27146
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1DlOrnjJ%2BWz%2BpuHGGJUTlRPL1X4m5d8yb3xZ%2BFfQct%2F9HOEeBw%2FLfCQ9ltg7eUN%2FV%2BrITVh5JoZilxFU%2BM3UpalfdvrghuHyXj6Uv3VXW6PUqB282EuP%2FugvZeNna%2FFchLjMYXFVyeldn5wbnvsBlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c1bfa51da77-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jan 2024 16:31:32 GMT

GET
H2 200 sidebar-login.css
rtx.dudasoleh.lol/wp-content/plugins/sidebar-login/build/ Frame A954 2 KB
755 B 52ms
41ms Stylesheet
text/css 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1688220023
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 01 Jul 2023 14:00:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 27147
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5rjNx43msRTwZimeahcBCHej4eXNFZmRr2vSlRmO%2B99m2a1jkynuQkG2VzD7v2OaqRT%2FiV6EqWIQkxVQhQrV3WJtHaCwsfIO7aWworG2EK1f6wrB9aAS527bccr3INwDSakHBFno10YsI2uEfSgYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c1bfa52da77-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jan 2024 16:31:32 GMT

GET
H2 200 style.css
rtx.dudasoleh.lol/wp-content/themes/asteroid/ Frame A954 28 KB
8 KB 55ms
45ms Stylesheet
text/css 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-content/themes/asteroid/style.css?ver=1.2.9
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 27 Aug 2023 05:59:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 27147
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGU1%2BdbikM4QUbU1GLtzCb%2BGBdOEL%2Fkh8rzb108POBQpLrQ8q2NbhjygfyYmobmgZ2mCl8iJ%2Fj1NMoxvbblCIssT3URAd8yU81eGY0WIsJiYDB0ehvt3hyPCXPmX8L973WuDBdxxP5n%2Fz63dRANKJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c1bfa53da77-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jan 2024 16:31:32 GMT

GET
H2 200 jquery.min.js Show response
rtx.dudasoleh.lol/wp-includes/js/jquery/ Frame A954 86 KB
31 KB 56ms
47ms Script
application/javascript 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:09:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 27147
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFLLhrR1fKETVkTk2Gs%2BYbBSqn9oW2%2FVHOczqR6fMiSm%2FlyeiXddCho9HyRTtnJG%2Ft7Ranbz0BykqjUD1CXGvhaWBNfIcDcKa2f8t3lPbsiOOnS0ckCKeQ9QXG7u8gA0hk7zSNPOEegzfLCG5UjbZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c1bfa54da77-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jan 2024 16:31:32 GMT

GET
H2 200 jquery-migrate.min.js Show response
rtx.dudasoleh.lol/wp-includes/js/jquery/ Frame A954 13 KB
5 KB 51ms
42ms Script
application/javascript 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Aug 2023 21:06:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 27147
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9x8gCcBdJy1VGFFtjNXr1Lixzr5Bjt0VAcdc%2Foyt5Z4xOwhz2g8s661k0uAojplrZb0YT2bpagWC%2Bi8V%2Flm3aAl8CO43X87qeHTBZ6%2ByspWV5OTsbK6CXvAwV31tKaXNarDX9X5h7uNCf2PNcIq5Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c1bfa55da77-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jan 2024 16:31:32 GMT

GET
H3

200

/
bolo.treksantuy.xyz/ Frame A954
Redirect Chain

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg
https://bolo.treksantuy.xyz/

0
0

757ms
756ms

Image
text/html

2606:4700:3035::6815:5055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bolo.treksantuy.xyz/
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H3
Server: 2606:4700:3035::6815:5055 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date: Sun, 21 Jan 2024 00:03:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beM1xQOMqTA%2FBVdnmq0FlUNwDzgV3jV23MckyxtNvzy%2F2weZxCMXfOiaBpJoTWKNoypWE5hmy4YWlH4%2Fj5%2BaiLOZO8lHs8MfUQdHgaGWFhGAAockCkz%2FQf79bUWPHeaZwwpCIlN7U%2BYFZoD2Eq2Iyg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://bolo.treksantuy.xyz
cache-control: max-age=3600
cf-ray: 848b4c1bfd1521c7-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 21 Jan 2024 01:03:59 GMT

GET
H3 200 hknalo-729x90-1.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame A954 105 KB
106 KB 80ms
74ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/hknalo-729x90-1.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

daf9a29faaa9b5a3a465f3f5048a5c4a2737ca8a1af1c4e746fddbc8f9910968

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:03:59 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Oct 2023 12:50:00 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 107905
expires: Sat, 17 Feb 2024 16:16:44 GMT

GET
H3 200 new-bandarnalo.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame A954 100 KB
101 KB 96ms
94ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/new-bandarnalo.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fffe2bbb1e6c64b3540176029b620af1fcbbc30861c94299b895760b80cd7357

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Oct 2023 12:37:19 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 102622
expires: Mon, 05 Feb 2024 20:52:18 GMT

GET
H3 200 paitowarna.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame A954 156 KB
156 KB 98ms
83ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/paitowarna.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8a68e4e1e0faf5cec1082b25b95f4d820985fda95177b826e7c16a70f5afae19

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Oct 2023 12:35:44 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 159643
expires: Sun, 21 Jan 2024 06:39:22 GMT

GET
H3 200 729x90-animated-1.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame A954 327 KB
327 KB 108ms
93ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/729x90-animated-1.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2e3778a72114f13a5b18b9d25df758bfbf0d55bf442ba5c9007b96593d959b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 22 Oct 2023 12:16:32 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 335048
expires: Sat, 17 Feb 2024 06:28:12 GMT

GET
H3 200 729x90_agennalo.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame A954 327 KB
327 KB 115ms
100ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/729x90_agennalo.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f017d1630a163790465f348b29d4721facb1d4353e695dd730b869e28e4bcd3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 25 Oct 2023 19:28:06 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 334612
expires: Sun, 18 Feb 2024 07:31:59 GMT

GET
H3 200 unnamed-1.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 205 KB
205 KB 123ms
107ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-1.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bfcef82755bac56e01032d196dc587e851fcfb9a2a1882c7e283b9ea451a17a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:46:35 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 210028
expires: Sun, 04 Feb 2024 18:20:03 GMT

GET
H3 200 unnamed-3.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 224 KB
225 KB 126ms
110ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-3.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7e78ac302ebdef9842d5c628cef762ed1ad4b9650dd4915810cbf3cdaa86010c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:48:07 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 229818
expires: Sun, 28 Jan 2024 13:01:09 GMT

GET
H3 200 unnamed-22.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 292 KB
292 KB 126ms
111ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-22.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d30f436b9752f07747f2b72cc77985554918de4f9b5e74c65271c89e3b1501b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:19:02 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 298675
expires: Thu, 22 Feb 2024 11:37:59 GMT

GET
H3 200 unnamed-5.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 362 KB
362 KB 128ms
113ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-5.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

87d3abed87820941c3f8f4d8cc01563a8ef74d7886c948b9b0da3e3929bfce92

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:51:53 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 370255
expires: Mon, 29 Jan 2024 17:58:49 GMT

GET
H3 200 unnamed-6.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 507 KB
507 KB 130ms
115ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-6.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ac6002b55a7bc33de07da0fc1391dbd8b61598823a7768591aed4b0e4a5e421a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:53:48 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 519311
expires: Thu, 01 Feb 2024 13:36:16 GMT

GET
H3 200 unnamed-7.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 528 KB
529 KB 136ms
120ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-7.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

06710711e7517c22412aa923d472e9cce857b02605e4c0049cdc7edb666a132c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:55:47 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 541175
expires: Thu, 01 Feb 2024 12:45:20 GMT

GET
H3 200 unnamed-8.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 355 KB
356 KB 140ms
125ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-8.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6ee5599420176d6c73cb80505f7d287e527d903336f0cfb2348ace130fb7d6f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:57:28 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 363774
expires: Fri, 02 Feb 2024 21:18:28 GMT

GET
H3 200 unnamed-28.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 328 KB
328 KB 160ms
144ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-28.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8ac1e08581c5691d74fb1a69b925f400e14db93ddc9451db0b72456e4af3a2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:21:13 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 335785
expires: Mon, 12 Feb 2024 15:00:38 GMT

GET
H3 200 unnamed-27.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 289 KB
289 KB 165ms
150ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-27.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5cdf948f65cf951821da557dc5b8cc9067c64589070285feab8aa6f7c64657e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:18:06 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 295549
expires: Tue, 30 Jan 2024 10:59:57 GMT

GET
H3 200 unnamed-26.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 262 KB
263 KB 167ms
152ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-26.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dbd4ea5e26cff619ebe31130ce16126cdcaff265a697139b20c80a960954832f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:17:49 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 268554
expires: Sat, 27 Jan 2024 19:14:15 GMT

GET
H3 200 unnamed-24.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 228 KB
228 KB 169ms
154ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-24.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7e22819d3433cfdb5d3f848fee01b7cccc863970901de5efa3e80a7eadbd48c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:12:30 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 232980
expires: Wed, 21 Feb 2024 11:31:06 GMT

GET
H3 200 unnamed-25.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 693 KB
693 KB 429ms
415ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-25.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e31a5516051e3dcd6be48ada99dbf2d270db37dd3a304fded21e105f6c733bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:12:47 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 709526
expires: Sat, 27 Jan 2024 08:23:41 GMT

GET
H3 200 unnamed-29.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 193 KB
193 KB 429ms
416ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-29.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2388f1b8ef95668322254f1ae8523c148beceddccd6e239bd683281835e1180b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:21:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 197657
expires: Sun, 11 Feb 2024 20:03:03 GMT

GET
H3 200 unnamed.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 250 KB
250 KB 435ms
423ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5ce581a1bb3ae65bd553d034f9d5973dd8af7f856d2bd5efa095ed41cee7f949

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:44:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 256150
expires: Wed, 07 Feb 2024 10:36:03 GMT

GET
H3 200 unnamed-10.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 270 KB
270 KB 169ms
156ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-10.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9c5106cfc1835d6213c497eb31fd0b3f034a3630a33fd51ed1f020f370034b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:31:01 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 276544
expires: Sat, 03 Feb 2024 11:11:36 GMT

GET
H3 200 unnamed-11.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 247 KB
247 KB 171ms
158ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-11.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f564100347e9b3cc6448108ae2837d97eb49d3009154452879c4a146dd482183

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:32:41 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 252743
expires: Sun, 11 Feb 2024 14:05:02 GMT

GET
H3 200 unnamed-12.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 282 KB
283 KB 187ms
175ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-12.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

79980af9382b2ed28478d04a6b7e7119b4a3b4cf055978bf0bcf7fbe74a3136f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:33:50 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 289127
expires: Fri, 16 Feb 2024 22:13:10 GMT

GET
H3 200 unnamed-13.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 514 KB
514 KB 192ms
180ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-13.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dc887f124f649e95762713f34c6e7d8ef383571f6a354d916964732b1950664a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:34:55 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 526000
expires: Sun, 11 Feb 2024 01:50:47 GMT

GET
H3 200 unnamed-14.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 291 KB
291 KB 195ms
183ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-14.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

efb8d3fc8b90b38cbc75cb3f22e313a370f0eada11e7eba19e8047c6f60943dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:35:54 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 297540
expires: Tue, 06 Feb 2024 19:30:34 GMT

GET
H3 200 unnamed-9.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 194 KB
194 KB 197ms
185ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-9.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

42e792c4264f30663f715f0019025df6c67066e834c8c36298e9a96fdc8cd038

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:27:00 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 198395
expires: Mon, 12 Feb 2024 22:33:45 GMT

GET
H3 200 unnamed-15.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 388 KB
388 KB 200ms
189ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-15.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4111d0de448c0dbbb0dc170a0e580da1029ac1fe68de77d330b41ba1cbc4d0c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:37:53 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 396918
expires: Tue, 06 Feb 2024 18:52:34 GMT

GET
H3 200 unnamed-16.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 326 KB
326 KB 223ms
212ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-16.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a6a3283156db24254aec7fe7b93f88ef8193a0b61d31056cb5bb210617dcd626

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:39:46 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 333383
expires: Sat, 03 Feb 2024 01:45:14 GMT

GET
H3 200 unnamed-17.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 312 KB
312 KB 230ms
219ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-17.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2689ac2a7453661922762dcd23b84bda4ef74a05c9c3740f817f411af2f6084c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:41:12 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 319266
expires: Wed, 07 Feb 2024 01:41:58 GMT

GET
H3 200 unnamed-18.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 188 KB
188 KB 231ms
221ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-18.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7380c39ec1fbcf6ff16ff145bd0ed5033c2b84b41270dae4b05a327a19ba9e66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:42:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 192555
expires: Wed, 24 Jan 2024 21:46:19 GMT

GET
H3 200 unnamed-19.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 280 KB
281 KB 232ms
222ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-19.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

da6d3195e96bfbfe1cecd660de92fe05a71437900b1dff539a9d6f5e45c28277

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:43:23 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 286968
expires: Sat, 03 Feb 2024 06:43:58 GMT

GET
H3 200 unnamed-20.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 351 KB
352 KB 250ms
241ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-20.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0f1e4f7008ccffa6948dbcc9eb98f7356a0f3e7bbf0d87a77289820eaa8027e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:44:24 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 359746
expires: Wed, 14 Feb 2024 04:16:09 GMT

GET
H3 200 unnamed-21.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 265 KB
265 KB 253ms
244ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-21.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f7bc1b794480ca073b0a3ff2bdfdd6d5171458d2828ea18e4b80edb151f2289d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:45:42 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 271048
expires: Wed, 21 Feb 2024 00:38:41 GMT

GET
H3 200 dewagg_gif-banner_prediksi_728x90.gif
antoboomerblog.files.wordpress.com/2023/12/ Frame A954 118 KB
118 KB 258ms
250ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/12/dewagg_gif-banner_prediksi_728x90.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b39b662997f28827a3d141e224cd93db44e6251335d0f0a19c5971c5f800aef0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Dec 2023 05:12:44 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 120678
expires: Tue, 20 Feb 2024 17:42:36 GMT

GET
H/1.1 200
OK 4789623.gif
s4is.histats.com/stats/i/ Frame A954 832 B
970 B 222ms
69ms Image
image/png 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4789623.gif?4789623&103
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: 8c81e09b55cfbf8adbf186cc23186123bfe3616b7166dc76ca0191a256db993e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:00 GMT
Connection: close
ETag: 823876386
Content-Length: 832
Content-Type: image/png

GET
BLOB 200
OK c0abccec-65e2-49e3-9f9a-e1ae3e0da86f
https://rtx.dudasoleh.lol/ Frame A954 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://rtx.dudasoleh.lol/c0abccec-65e2-49e3-9f9a-e1ae3e0da86f
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 1ED5 0
0 263ms
66ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=81593
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://sky.pasukanantidepo.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 4e3df844337032b56b8434990b0f76ca.cloudfront.net (CloudFront)
x-amz-cf-id: P4TwSBjHpOYHICfIk01GY-7iB3ngecbzsKCJ6vnuhxJ5NQ4CtwmjFQ==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H3

200

result.php Show response
wget.angkapaito.net/ Frame 2782
Redirect Chain

https://widget.angkapaito.net/result.php
https://wget.angkapaito.net/result.php

5 KB
930 B

81ms
80ms

Document
text/html

2606:4700:3037::ac43:b044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wget.angkapaito.net/result.php
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4ba7b41090aabbe09b55d93951cc7f37e685bf5d27fd3283e73d3e8fcf5bab3

Request headers

Referer: https://rtx.dudasoleh.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 848b4c1d58c6b3c8-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfKdV%2BPwBA%2B2%2FYPxxyU3MuPfpDFgbGhjjZxgcOadrqFYd4NDnvkUrBqqonfwWMWtj7250HH7WKjxCw4T8Ga1b5sxtXjN%2B0fRq9j4x8%2B08ZE1TtHioFmV7rMBy9QmsftNPL3fMSFRHxISa7oQz244QHuA"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 848b4c1ccff6b3c8-MIA
content-type: text/html
date: Sun, 21 Jan 2024 00:04:00 GMT
location: https://wget.angkapaito.net/result.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUVuNLcL3GX1T%2FyD%2B0v4J2HmZIxmn3zwQMg7cL5UA%2BRIwbq8bK6YxecIm3F49eccq0ZWKh5Xgzw1rDQreMYm8pnsnKF%2B3ztPfP8zCRZeox2%2BZbwnHvb8md9P8ILcrv2ICH0AbIkBHDxkTxMFUe5Cjz8YOiY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 hknalo-729x90-1.gif
antoboomerblog.files.wordpress.com/2023/10/ Frame A954 105 KB
106 KB 255ms
246ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/10/hknalo-729x90-1.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

daf9a29faaa9b5a3a465f3f5048a5c4a2737ca8a1af1c4e746fddbc8f9910968

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 09 Oct 2023 12:50:00 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 107905
expires: Sat, 17 Feb 2024 16:16:44 GMT

GET
H3

200

/
bolo.treksantuy.xyz/ Frame A954
Redirect Chain

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg
https://bolo.treksantuy.xyz/

0
0

679ms
678ms

Image
text/html

2606:4700:3035::6815:5055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bolo.treksantuy.xyz/
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H3
Server: 2606:4700:3035::6815:5055 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date: Sun, 21 Jan 2024 00:04:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5atUoNm4R6E96x5nGzo9Jy7aYeZqmHg55PhKxJq%2B%2BpRDtQ5JQE%2F5cC1ucr%2B%2FK3LDBjfOkCjSGVthgm0wt6mDn5dy29UjtEkQxAysh7QSpit8RmvVEKP3q7PzSzQNpkHtNkLHFgSEDPPXxQYb73orQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://bolo.treksantuy.xyz
cache-control: max-age=3600
cf-ray: 848b4c1cee4f21c7-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 21 Jan 2024 01:04:00 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame A954 11 KB
5 KB 58ms
47ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39475
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c1cdfe9d9d5-MIA
content-length: 4547

GET
H/1.1 200
OK 4710982&101.gif
s4is.histats.com/stats/i/ Frame 12FE 788 B
926 B 200ms
66ms Image
image/png 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4710982&101.gif?4710982&101
Requested by: Host: markas-prediktor.info
URL: https://markas-prediktor.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: 303e9dd043074c40fcb0cfff2f45edc1e217faf0ce1c352b9d31c80c8f19215d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:01 GMT
Connection: close
ETag: 499809714
Content-Length: 788
Content-Type: image/png

GET
H3 200 wp-polyfill-inert.min.js Show response
markas-prediktor.info/wp-includes/js/dist/vendor/ Frame 12FE 8 KB
2 KB 336ms
328ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2320
expires: Sun, 28 Jan 2024 00:04:01 GMT

GET
H3 200 regenerator-runtime.min.js Show response
markas-prediktor.info/wp-includes/js/dist/vendor/ Frame 12FE 6 KB
2 KB 285ms
277ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 2402
expires: Sun, 28 Jan 2024 00:04:01 GMT

GET
H3 200 wp-polyfill.min.js Show response
markas-prediktor.info/wp-includes/js/dist/vendor/ Frame 12FE 112 KB
34 KB 285ms
277ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 34605
expires: Sun, 28 Jan 2024 00:04:01 GMT

GET
H3 200 frontend.js Show response
markas-prediktor.info/wp-content/plugins/sidebar-login/build/ Frame 12FE 4 KB
2 KB 284ms
276ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1524
expires: Sun, 28 Jan 2024 00:04:01 GMT

GET
DATA 200
OK truncated
/ Frame A954 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame CDDB 43 B
177 B 84ms
82ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:00 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H3 200 jquery.modal.css
rtx.dudasoleh.lol/wp-content/plugins/uji-popup/modal/css/ Frame A954 823 B
818 B 630ms
617ms Stylesheet
text/css 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1aa580790c9570b8d2487f59595d9fff842ebd0983e34964185c4173375c67b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2023 09:09:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQLz%2B1VDpy97LWB2HWaJWpbpa%2FfXv1bNC78pkUfBkOxbGq%2B3w3vQrI8J9CXFUHIFcENKaieU6CQeMpd2TlXCDUiC3LDKvzlgkoCvxDFi74iVAjDu2qJUA9dcDvclaqSbb%2Fu5S3EBPn1xsTE4HnVXxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c1dbf5f5c76-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 00:04:00 GMT

GET
H3 200 wlatogel88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame A954 2 MB
2 MB 239ms
231ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/wlatogel88-728x90-1.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

574c654adc51059882c66279ee0d42eb585735d5a2bc8cb010f1e91eb04e483f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:30 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1592720
expires: Tue, 27 Feb 2024 02:39:36 GMT

GET
H3 200 kaisartoto88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame A954 1 MB
1 MB 240ms
232ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/kaisartoto88-728x90-1.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

217bcf44778fff8fe41a593c79e0c86edd524460f7618f12e132566d17fd5b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:51 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1415984
expires: Thu, 15 Feb 2024 03:37:55 GMT

GET
H3 200 indolottery88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame A954 1 MB
1 MB 244ms
236ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/indolottery88-728x90-1.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a67688ddcf966aaf218b1f154d3830ad065e23ef063d71b4f96436ab9a717a9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:41 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1417070
expires: Tue, 27 Feb 2024 00:44:14 GMT

GET
H3 200 dunialottery88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame A954 997 KB
998 KB 245ms
237ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/dunialottery88-728x90-1.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fa7337e4bc30dd3db3861c272a32f98911b0bbf1a60557e0f124ba2713f35fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:37:57 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1021153
expires: Fri, 23 Feb 2024 22:10:23 GMT

GET
H3 200 840x120-jabrix.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame A954 5 MB
5 MB 247ms
240ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/840x120-jabrix.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2ef8819c623f045339c8a2ffe8b442801765e1245b634c5bc8246b4fbd67a395

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 24 Nov 2023 17:22:29 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4858923
expires: Sun, 11 Feb 2024 09:12:08 GMT

GET
H2 200 close.gif
4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/ Frame A954 2 KB
3 KB 76ms
60ms Image
image/gif 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/close.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

82a61040198394ed6f9e59a3b5131bca0af02f194a690b977ea9b244d9897f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:56 GMT
x-content-type-options: nosniff
age: 4
content-disposition: inline;filename="close.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
server: fife
etag: "v744"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 00:03:56 GMT

GET
H3 200 indoboss6d728x90.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame A954 2 MB
2 MB 256ms
247ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/indoboss6d728x90.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

776bf55e5c196430c0d9bb394fdc8a37ea7a55b6e3044ae8c0815d4a3bcc542f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:38:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2431527
expires: Fri, 09 Feb 2024 02:21:29 GMT

GET
H3 200 microtogel88-728x90-1.gif
antoboomerblog.files.wordpress.com/2024/01/ Frame A954 2 MB
2 MB 257ms
248ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2024/01/microtogel88-728x90-1.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3e6701810a770c2cdb7710c43056f6c2422cf8c30653dd1ab209bcff5a4548e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Jan 2024 07:38:06 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2505021
expires: Mon, 12 Feb 2024 04:46:55 GMT

GET
H3 200 dewagg_gif-banner_prediksi_728x90.gif
antoboomerblog.files.wordpress.com/2023/12/ Frame A954 118 KB
118 KB 261ms
252ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/12/dewagg_gif-banner_prediksi_728x90.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b39b662997f28827a3d141e224cd93db44e6251335d0f0a19c5971c5f800aef0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Dec 2023 05:12:44 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 120678
expires: Tue, 20 Feb 2024 17:42:36 GMT

GET
H3 200 ibetwin_gif_400x400.gif
antoboomerblog.files.wordpress.com/2023/12/ Frame A954 1 MB
1 MB 261ms
253ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/12/ibetwin_gif_400x400.gif

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

730412109bc24c266a27e4c2248182c8952c1ec999199851413a1779cd7d0ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Dec 2023 05:13:14 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1280443
expires: Mon, 22 Jan 2024 19:33:42 GMT

GET
H3 200 popups.css
rtx.dudasoleh.lol/wp-content/plugins/uji-popup/css/ Frame A954 2 KB
1 KB 622ms
614ms Stylesheet
text/css 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-content/plugins/uji-popup/css/popups.css?ver=1.0
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6433b6ec31a00814e966e0371e83878f2d1ef41eaad768ef49bc2b2e978904cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2023 09:09:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qD8QDAiEeGiL4Qty4rMdK6hTxDekMsFyWTX7RS7Gf3XX%2FXAd1rWWKwA9ITszDuaoezB6zzQ3kf69Nt3KO8UF9eun9fW4AH2WgVKj19xelHtYJZ7I5TJR3d1a855Va6qq8Dvn%2B%2B6A0V%2BShZrfi6sFDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c1dbf6b5c76-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 00:04:00 GMT

GET
H3 200 email-decode.min.js Show response
rtx.dudasoleh.lol/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame A954 1 KB
1 KB 48ms
40ms Script
application/javascript 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rtx.dudasoleh.lol/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Jan 2024 17:29:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65983c8b-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9ZtIUN6sb%2Bo%2BNQBizZZvaijsT2o41%2Fe7b9oNOgvBKKJFM2h0lrUIK8E7ByyE9nbzCHcr%2F1mokNP8PTlGZGIc64p1rVAiu9y%2BrlkyQ5drty%2FpUGBBVHLxfiw4Wdgf%2BtC%2BAdGjA8LLem13BJ9WfQElg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 848b4c1dbf6d5c76-MIA
expires: Tue, 23 Jan 2024 00:04:00 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
rtx.dudasoleh.lol/wp-includes/js/dist/vendor/ Frame A954 8 KB
3 KB 617ms
608ms Script
application/javascript 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 17 Jan 2023 23:16:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VmPXnLdtTainbVt1NMhi8b3hsFav%2F0UDPpqKZH23ArkMBQVKfsaxvCaosrJN%2BKmaNTB29P%2Bm1RVIve7CUF%2FJnyTYElctuDfuNAoQIdNcH1qQAZlcW%2Bq4UJ64wMn857%2BEd7uUdYF3rNk7xvgI8lDmhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c1dbf705c76-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 00:04:00 GMT

GET
H3 200 regenerator-runtime.min.js Show response
rtx.dudasoleh.lol/wp-includes/js/dist/vendor/ Frame A954 6 KB
3 KB 622ms
614ms Script
application/javascript 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 21:09:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQyznlDXoBNwMNheECLeHj8%2BLZKkqepAf0rNv34O4GXcKY8H%2BHqlvWsvQDAaB4QFFWXqzxd6L6exdSE%2BA9iq8ASh72cbkNGyLfRa6%2B%2Byofos9CIpfvV%2BkqD%2BK5c0%2BVyw%2B8qBcGmUxqNyMb%2F0ibNicw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c1dbf735c76-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 00:04:00 GMT

GET
H3 200 wp-polyfill.min.js Show response
rtx.dudasoleh.lol/wp-includes/js/dist/vendor/ Frame A954 112 KB
36 KB 942ms
934ms Script
application/javascript 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 21:09:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M03%2FQLyrMQl4mBw7tK5un%2FOR6Q86xDFUzug80aJcqkLae1aTY6MDONpXsEUqqUKQFe93f21U4mhEPYB6mq4a%2BmJ7UoU24BeqO1WuOaLvspH1JMzcMcI1SUbEIYtL3HDr5OUCMKxxgKswrqHv2n5dIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c1dbf745c76-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 00:04:00 GMT

GET
H3 200 frontend.js Show response
rtx.dudasoleh.lol/wp-content/plugins/sidebar-login/build/ Frame A954 4 KB
2 KB 649ms
641ms Script
application/javascript 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 01 Jul 2023 14:00:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXAQ5qo3ZYsYdQad0gh6kn5vbn0masKiV6iUrirZImVT0DmWmdHWD8lHWWWpcIlNu9Q2MxEbuQRFukQKJ3KdZZeuON2Jao70w82JO0i4eQC2iqOjv5g%2BB%2F%2B2it59b1in%2BmCEt1VdUDCfVImrvpMsKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c1dbf785c76-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 00:04:00 GMT

GET
H3 200 jquery.modal.min.js Show response
rtx.dudasoleh.lol/wp-content/plugins/uji-popup/modal/ Frame A954 4 KB
2 KB 622ms
615ms Script
application/javascript 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-content/plugins/uji-popup/modal/jquery.modal.min.js?ver=0.5.5
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fe7fde764319b56dc9237348bbcec480c9bc3c29a737d42de0e8062cf2e2013

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2023 09:09:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2T%2FP%2BRnBAJ%2BnKULd4nifgWmwUcbu44FB4KDcp4T%2FwVQ6IbJnxNnG6WGDuyZBqgs5MtAfVf8%2FFb8j5yytohKU9cJ%2BDVlkMEyt98pRf7ZLNnb9z7JJx9qKWQzoBe0T9xk9AiCX0hnew1Ot7tTtUoNNww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c1dbf7d5c76-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 00:04:00 GMT

GET
H3 200 popups.js Show response
rtx.dudasoleh.lol/wp-content/plugins/uji-popup/js/ Frame A954 2 KB
1 KB 617ms
609ms Script
application/javascript 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-content/plugins/uji-popup/js/popups.js?ver=1.1
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efdb19618ca9d33f08f499bb677f7a56e0b55b6e67582e86586ada7435c4495f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2023 09:09:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hWiTdbtL7%2FH1OW5qPs6CAmd%2BTu8RtFuLG711Ypj0%2ByOfVIsnxz4amkTS%2FbXWGIn1xCXsg6pq4Gf3HD%2Fn%2B%2FcbRPjhJGSmLgfZsHO%2BoHpkRUsWAC6evoudalZOJ%2FQlNC6GgjCPg7WGxIwZ7%2BCfoxoxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c1dbf7f5c76-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 00:04:00 GMT

GET
H/1.1 200
OK 4789623.php Show response
s4.histats.com/stats/ Frame A954 436 B
571 B 206ms
69ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4789623.php?4789623&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mDUDA%20SOLEH%20%E2%80%93%20PREDIKSI%20ANGKA%20JITU%20WLA%20HARI%20INI&@n0&@ohttps%3A%2F%2Fbolo.treksantuy.xyz%2F&@q0&@r0&@s433&@ten-US&@u1600&@b1:-188150924&@b3:1705795440&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Frtx.dudasoleh.lol%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 1b69e22ea0895d5e852bf5422adfec15e595ef64b3d468c0740b86ab65b1e7be

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:00 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H2 200 / Show response
raja.hoki2d.xyz/ Frame 2D22 47 KB
11 KB 925ms
818ms Document
text/html 2606:4700:3033::ac43:c223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raja.hoki2d.xyz/
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 7ba47a6e08804b6b721e882e4aa7915db46b7c631f703686ace758dbc6f06ebd

Request headers

Referer: https://rtx.dudasoleh.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 848b4c1e7b065c7d-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:01 GMT
link: <https://raja.hoki2d.xyz/wp-json/>; rel="https://api.w.org/" <https://raja.hoki2d.xyz/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json" <https://raja.hoki2d.xyz/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLEeFEdDkimf7PWQZHPH7LUKm9xQ7ZMq%2BEKUFztgp9tL764z0cW9c9V61eApWEehbTggBMqouqAiD%2FMHpcRHtP6HXu7Uqc2CKD8VGDlV1dlFqxXRouSqgn0T2GmEKNeC7i8rKWcA925O202Dh3E%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame DEC6 43 B
177 B 68ms
67ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:00 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 cc_433.js Show response
s10.histats.com/counters/ Frame A954 20 KB
9 KB 55ms
50ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_433.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6faef2a9122a84c8ef399b819a303ed612e3aefded8e5dfca6419bc9a2677de3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 1741
etag: "1576520610"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c1f0b6ed9d5-MIA
content-length: 9094

GET
H2 200 / Show response
e.dtscout.com/e/ Frame A954 7 KB
4 KB 259ms
255ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frtx.dudasoleh.lol%2F&j=https%3A%2F%2Fbolo.treksantuy.xyz%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4789623.php?4789623&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mDUDA%20SOLEH%20%E2%80%93%20PREDIKSI%20ANGKA%20JITU%20WLA%20HARI%20INI&@n0&@ohttps%3A%2F%2Fbolo.treksantuy.xyz%2F&@q0&@r0&@s433&@ten-US&@u1600&@b1:-188150924&@b3:1705795440&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Frtx.dudasoleh.lol%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78aa9262f738da06bc20697c43e98ec5be182771a96ef7c1b733b4ad53f42b4c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:00 GMT
x-t: 0.264
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=buas1ItxXiWPAQb2pGo44VuesUD3Ah%2FGkzt6ggL8vqaHeCLoVU9j%2BBENHFeb4bkhqDVaMaKVuAbp4hEQ3pylhWKguc%2BfV55UPSbkM2rQmh9fckaZVBx2Y6%2BRopa6nOmAnkG26TvM6MU%2Fqw8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c1f0df06dc2-MIA
expires: Sun, 21 Jan 2024 00:03:59 GMT

GET
DATA 200
OK truncated
/ Frame A954 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f89f1fe1c86dc63bdd3668f2922215318bc10dc9ade1d22300121b41d541f726

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sync
pippio.com/api/
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=62118
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=62118&_li_chk=true&previous_uuid=dee090ffcec649a5b0e86484cc65dae8
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=dee090ff-cec6-49a5-b0e8-6484cc65dae8
https://p.rfihub.com/cm?pub=39342&in=1&userid=66d103cf-1b5e-4d08-9252-8c854edde133%3A1705795441.6341908&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D66d103cf-1b5e-4d08...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=969470222354544275&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D66d103c...
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=66d103cf-1b5e-4d08-9252-8c854edde133%3A1705795441.6341908&pid=500040&it=1&iv=66d103cf-1b5e-4d08-9252-8c854edde133%3A1705795441.6341908&_=170...
https://pippio.com/api/sync?it=1&pid=500040&_=1705795441.6354823&iv=66d103cf-1b5e-4d08-9252-8c854edde133:1705795441.6341908

42 B
183 B

85ms
81ms

Image
image/gif

107.178.254.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?it=1&pid=500040&_=1705795441.6354823&iv=66d103cf-1b5e-4d08-9252-8c854edde133:1705795441.6341908
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: https://pippio.com/api/sync?it=1&pid=500040&_=1705795441.6354823&iv=66d103cf-1b5e-4d08-9252-8c854edde133:1705795441.6341908
Date: Sun, 21 Jan 2024 00:04:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H2 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 9224 0
0 76ms
69ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=45884
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://king.laskar2d.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:01 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 4e3df844337032b56b8434990b0f76ca.cloudfront.net (CloudFront)
x-amz-cf-id: 1zCGhbZdTxCHIDWaFjolVFUKe4r_klZGmjsxi9RHxc9BFx5qlUnJaw==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame A954 58 KB
18 KB 72ms
71ms Script
text/javascript 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frtx.dudasoleh.lol%2F&j=https%3A%2F%2Fbolo.treksantuy.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:06:03 GMT
content-encoding: gzip
via: 1.1 dd80355363eac92e0372107558e579a8.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 68278
x-amz-server-side-encryption: AES256
etag: W/"eb52f900499b46d1088df97dad487c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: JxrBj1B3eGfBaz-gkIjFa1h3TBxi-ghdGubN-YSRlU4pVSptFggtfA==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame A954 0
457 B 93ms
90ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Frtx.dudasoleh.lol%2F&r=https%3A%2F%2Fbolo.treksantuy.xyz%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frtx.dudasoleh.lol%2F&j=https%3A%2F%2Fbolo.treksantuy.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:00 GMT
x-t: 1.98
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y29SBw8g9BHVbozS4QCewM4jFPELZL9JqsfI3GN6707%2BwraG4M70bJCrS9SaW5gtWv7pPgp1UYySkyE6x8ZhW9CrxJdMRbq58UrcvEvpLI0gdlAZEKNh0%2FLhGGotyAhxq%2FbCN53Ec6FBXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web3.ny1.dtscdn.com
cf-ray: 848b4c20bb39287a-MIA
expires: Sat, 20 Jan 2024 23:58:06 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame A954 33 KB
11 KB 69ms
66ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frtx.dudasoleh.lol%2F&j=https%3A%2F%2Fbolo.treksantuy.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38441
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: BqS8VsE0_yniGR-eZy7NZYiFqkRCf_DnUTGQCgO46hGVTuuhVyuP8Q==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame A954 2 KB
3 KB 71ms
69ms Script
application/javascript 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frtx.dudasoleh.lol%2F&j=https%3A%2F%2Fbolo.treksantuy.xyz%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

c4425bf79d38f326138bacaa3c55d3b01eb90cd641e3e0f56f88ac721b3902b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:00 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame A954 51 B
334 B 261ms
259ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=rtx.dudasoleh.lol&_ss=4tl27dltgp&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=36kl&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frtx.dudasoleh.lol%2F&j=https%3A%2F%2Fbolo.treksantuy.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc1b61ce9cf9b130f5140227f7715833cee4bc7ffe8b79ae535fceb7bca2e75e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:00 GMT
x-t: 0.138
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnaNt9YspP80pgafv0MCp4NdrKAonNj%2FqilxT6U1GwFc6kNsv2yyBm32nkXJ1E0A15d0llB%2BVpMZ9VyCRBEFGg6td%2FiwqVje2TfODKbgYzkkwkef4dnjbMqp70JFTBOWbCk4KkB0fe2YTfM%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c20bfd36dc2-MIA
expires: Sun, 21 Jan 2024 00:03:59 GMT

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame A954 35 B
248 B 139ms
138ms Image
image/gif 141.94.171.216
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=137085098&mapped=51A01705795437671B15BDFA0C3AC9B3
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.171.216 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-eu-10.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H2 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame CE08 0
0 75ms
70ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=25550
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://bolo.treksantuy.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:01 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 4e3df844337032b56b8434990b0f76ca.cloudfront.net (CloudFront)
x-amz-cf-id: PitdlUHWiyGsbq1eblp5pWEeA-sKpO4UTalroUFIhQxsCV5ZTa07KQ==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 12FE 11 KB
5 KB 47ms
44ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: markas-prediktor.info
URL: https://markas-prediktor.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39476
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c224801d9d5-MIA
content-length: 4547

GET
DATA 200
OK truncated
/ Frame 12FE 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 12FE 75 KB
76 KB 257ms
42ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://markas-prediktor.info
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 52926
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: c337f20f07ca1c9d6ffc73bed1f2cec3
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4c23adf1497c-MIA
cdn-requestpullsuccess: True

GET
H2 200 / Show response
zona-bermain.com/ Frame 7CC9 104 KB
20 KB 1547ms
764ms Document
text/html 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

384cc79b43ec01445fe2a68943ad8da7ef81dfc68bf6457c6c8aa08384b2133a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://markas-prediktor.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:02 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://zona-bermain.com/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.2.14

GET
H2 200 db_sync
px.ads.linkedin.com/ 0
142 B 76ms
76ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=60157&pu=
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:00 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: D4AA283CA63A485AB3BD9AB9E71830E3 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXNUf0Rw+09QvGCKQA==

GET
H2 200 style.min.css
raja.hoki2d.xyz/wp-includes/css/dist/block-library/ Frame 2D22 107 KB
15 KB 49ms
44ms Stylesheet
text/css 2606:4700:3033::ac43:c223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raja.hoki2d.xyz/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:10:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 216816
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3C1%2FLnfqyqD60H7cCr%2BmoDTjVTfZw%2Ba8JEXNliLr6%2FrZ2GRRIXFXrdtVq%2BO9Qw76iKCIW1TMtE7gttbp%2FtyL1BYy9d7Zwns%2F6bnGxi3HWcmeihyu5X%2BiCicxD4EVwuHiM4btOQobQ%2B2yHddHNfA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c23ed595c7d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jan 2024 11:50:23 GMT

GET
H2 200 sidebar-login.css
raja.hoki2d.xyz/wp-content/plugins/sidebar-login/build/ Frame 2D22 2 KB
706 B 50ms
45ms Stylesheet
text/css 2606:4700:3033::ac43:c223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raja.hoki2d.xyz/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1688220023
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 01 Jul 2023 14:00:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 216943
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGcnitEh5MbEeWfGmViixyL%2F4qbAqh8jeH4%2FLJSfZkKhp1x6Mj3IslDBcYWfmyn0ppHPPWi%2FU5DX7szu0MZzxUYH2tM992CvpbeBr%2BKsXMI5NZ4lNpq%2BtapomlzeZd2H%2FFEt64CMHDBCKlBVcpE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c23ed5b5c7d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jan 2024 11:48:18 GMT

GET
H2 200 style.css
raja.hoki2d.xyz/wp-content/themes/asteroid/ Frame 2D22 28 KB
9 KB 50ms
46ms Stylesheet
text/css 2606:4700:3033::ac43:c223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raja.hoki2d.xyz/wp-content/themes/asteroid/style.css?ver=1.2.9
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Jun 2023 09:04:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 216817
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZfLSdY59h8bjQkEm3QiDPCTazI30jOjrbImu7FjTIPM0e2svtvQvHAY6sBaMk308KFOGo5Hski%2FshiqVk%2BOQk178gShTLmQoQA0ag%2FBr9u%2FySP80D%2F4GFQEazfJ6If19lwYMe8qcSxKo1Uf3yKI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c23ed605c7d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jan 2024 11:50:24 GMT

GET
H2 200 jquery.min.js Show response
raja.hoki2d.xyz/wp-includes/js/jquery/ Frame 2D22 86 KB
31 KB 55ms
51ms Script
application/javascript 2606:4700:3033::ac43:c223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raja.hoki2d.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:10:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 498759
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUcnD86g789TX%2BsmCTQYW%2BLhiljT18Lj6PoexIQ6EvFCXbLPjbcLP2bt00PM28lSKuI88FbvV2u99KtP9gVAHZdXyDswCo0IkJvwOBbP8Vl9zksJklsWpxdISXe2DBbGxdo9qyqd6Y0slbgzUZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c23ed615c7d-MIA
alt-svc: h3=":443"; ma=86400
expires: Mon, 22 Jan 2024 05:31:21 GMT

GET
H2 200 jquery-migrate.min.js Show response
raja.hoki2d.xyz/wp-includes/js/jquery/ Frame 2D22 13 KB
5 KB 51ms
47ms Script
application/javascript 2606:4700:3033::ac43:c223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raja.hoki2d.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Aug 2023 21:05:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 216817
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q35%2BbbzxpDVX6v5OIu5qcxjHS0mEyOIsoy3Mm8VDjzXSuAZ%2ByxT6Xi7vO3O5umI8Y9xgoRCVhLPvpkrH8n0egp%2B135x1wl5SeGSTMPbpNolBBVDtwq%2FM09tEtXjVB8dk6fKhpusmOCsno2s5kMs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c23ed635c7d-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jan 2024 11:50:24 GMT

GET
H3

200

/
bolo.treksantuy.xyz/ Frame 2D22
Redirect Chain

https://m2.treksantuy.xyz/wp-content/uploads/2023/12/IMG-20231130-WA0011.jpg
https://bolo.treksantuy.xyz/

0
0

812ms
812ms

Image
text/html

2606:4700:3035::6815:5055
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bolo.treksantuy.xyz/
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H3
Server: 2606:4700:3035::6815:5055 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date: Sun, 21 Jan 2024 00:04:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9GCuqV5EpxUeE7tTeldtMfkUx6JN3u3qqU3jNWmzUff20yynfVpxdc8m0ILlRB6LrTfpt8do6TBxbFqdTKSoYz30nvYBjjdGz%2F7uijB54besjugTMTHj0maXxZwvka%2F0ZbPGZQeyhh3zwDrZ6T3wA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://bolo.treksantuy.xyz
cache-control: max-age=3600
cf-ray: 848b4c23df7721c7-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 21 Jan 2024 01:04:01 GMT

GET
H3 200 close.gif
4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/ Frame 2D22 2 KB
2 KB 66ms
64ms Image
image/gif 2607:f8b0:4006:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-UBbgSP1aQPU/Wawy2dDGiwI/AAAAAAAAB0M/5Q5rhYKAGvM4TYKozS_Lx926XVJqywTMQCLcBGAs/s1600/close.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

82a61040198394ed6f9e59a3b5131bca0af02f194a690b977ea9b244d9897f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:03:56 GMT
x-content-type-options: nosniff
age: 5
content-disposition: inline;filename="close.gif"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
server: fife
etag: "v744"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 22 Jan 2024 00:03:56 GMT

GET
H3 200 840x120-jabrix.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 5 MB
5 MB 95ms
95ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/840x120-jabrix.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2ef8819c623f045339c8a2ffe8b442801765e1245b634c5bc8246b4fbd67a395

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Fri, 24 Nov 2023 17:22:29 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4858923
expires: Sun, 11 Feb 2024 09:12:08 GMT

GET
H3 200 unnamed-1.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 205 KB
205 KB 82ms
81ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-1.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bfcef82755bac56e01032d196dc587e851fcfb9a2a1882c7e283b9ea451a17a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:46:35 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 210028
expires: Sun, 04 Feb 2024 18:20:03 GMT

GET
H3 200 unnamed-3.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 224 KB
225 KB 84ms
76ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-3.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7e78ac302ebdef9842d5c628cef762ed1ad4b9650dd4915810cbf3cdaa86010c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:48:07 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 229818
expires: Sun, 28 Jan 2024 13:01:09 GMT

GET
H3 200 unnamed-22.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 292 KB
292 KB 84ms
77ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-22.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d30f436b9752f07747f2b72cc77985554918de4f9b5e74c65271c89e3b1501b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:19:02 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 298675
expires: Thu, 22 Feb 2024 11:37:59 GMT

GET
H3 200 unnamed-5.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 362 KB
362 KB 87ms
79ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-5.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

87d3abed87820941c3f8f4d8cc01563a8ef74d7886c948b9b0da3e3929bfce92

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:51:53 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 370255
expires: Mon, 29 Jan 2024 17:58:49 GMT

GET
H3 200 unnamed-6.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 507 KB
507 KB 87ms
80ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-6.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ac6002b55a7bc33de07da0fc1391dbd8b61598823a7768591aed4b0e4a5e421a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:53:48 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 519311
expires: Thu, 01 Feb 2024 13:36:16 GMT

GET
H3 200 unnamed-7.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 528 KB
529 KB 94ms
87ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-7.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

06710711e7517c22412aa923d472e9cce857b02605e4c0049cdc7edb666a132c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:55:47 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 541175
expires: Thu, 01 Feb 2024 12:45:20 GMT

GET
H3 200 unnamed-8.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 355 KB
356 KB 95ms
88ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-8.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6ee5599420176d6c73cb80505f7d287e527d903336f0cfb2348ace130fb7d6f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:57:28 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 363774
expires: Fri, 02 Feb 2024 21:18:28 GMT

GET
H3 200 unnamed-28.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 328 KB
328 KB 98ms
92ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-28.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8ac1e08581c5691d74fb1a69b925f400e14db93ddc9451db0b72456e4af3a2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:21:13 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 335785
expires: Mon, 12 Feb 2024 15:00:38 GMT

GET
H3 200 unnamed-27.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 289 KB
289 KB 102ms
95ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-27.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5cdf948f65cf951821da557dc5b8cc9067c64589070285feab8aa6f7c64657e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:18:06 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 295549
expires: Tue, 30 Jan 2024 10:59:57 GMT

GET
H3 200 unnamed-26.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 262 KB
263 KB 102ms
95ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-26.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dbd4ea5e26cff619ebe31130ce16126cdcaff265a697139b20c80a960954832f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:17:49 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 268554
expires: Sat, 27 Jan 2024 19:14:15 GMT

GET
H3 200 unnamed-24.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 228 KB
228 KB 106ms
100ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-24.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7e22819d3433cfdb5d3f848fee01b7cccc863970901de5efa3e80a7eadbd48c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:12:30 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 232980
expires: Wed, 21 Feb 2024 11:31:06 GMT

GET
H3 200 unnamed-25.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 693 KB
693 KB 110ms
104ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-25.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e31a5516051e3dcd6be48ada99dbf2d270db37dd3a304fded21e105f6c733bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:12:47 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 709526
expires: Sat, 27 Jan 2024 08:23:41 GMT

GET
H3 200 unnamed-29.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 193 KB
193 KB 112ms
106ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-29.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2388f1b8ef95668322254f1ae8523c148beceddccd6e239bd683281835e1180b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 10:21:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 197657
expires: Sun, 11 Feb 2024 20:03:03 GMT

GET
H3 200 unnamed.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 250 KB
250 KB 116ms
109ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5ce581a1bb3ae65bd553d034f9d5973dd8af7f856d2bd5efa095ed41cee7f949

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 05:44:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 256150
expires: Wed, 07 Feb 2024 10:36:03 GMT

GET
H3 200 unnamed-10.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 270 KB
270 KB 116ms
111ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-10.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9c5106cfc1835d6213c497eb31fd0b3f034a3630a33fd51ed1f020f370034b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:31:01 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 276544
expires: Sat, 03 Feb 2024 11:11:36 GMT

GET
H3 200 unnamed-11.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 247 KB
247 KB 117ms
111ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-11.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f564100347e9b3cc6448108ae2837d97eb49d3009154452879c4a146dd482183

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:32:41 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 252743
expires: Sun, 11 Feb 2024 14:05:02 GMT

GET
H3 200 unnamed-12.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 282 KB
283 KB 124ms
119ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-12.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

79980af9382b2ed28478d04a6b7e7119b4a3b4cf055978bf0bcf7fbe74a3136f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:33:50 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 289127
expires: Fri, 16 Feb 2024 22:13:10 GMT

GET
H3 200 unnamed-13.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 514 KB
514 KB 126ms
120ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-13.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dc887f124f649e95762713f34c6e7d8ef383571f6a354d916964732b1950664a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:34:55 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 526000
expires: Sun, 11 Feb 2024 01:50:47 GMT

GET
H3 200 unnamed-14.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 291 KB
291 KB 126ms
121ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-14.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

efb8d3fc8b90b38cbc75cb3f22e313a370f0eada11e7eba19e8047c6f60943dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:35:54 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 297540
expires: Tue, 06 Feb 2024 19:30:34 GMT

GET
H3 200 unnamed-9.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 194 KB
194 KB 127ms
122ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-9.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

42e792c4264f30663f715f0019025df6c67066e834c8c36298e9a96fdc8cd038

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:27:00 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 198395
expires: Mon, 12 Feb 2024 22:33:45 GMT

GET
H3 200 unnamed-15.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 388 KB
388 KB 131ms
126ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-15.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4111d0de448c0dbbb0dc170a0e580da1029ac1fe68de77d330b41ba1cbc4d0c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:37:53 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 396918
expires: Tue, 06 Feb 2024 18:52:34 GMT

GET
H3 200 unnamed-16.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 326 KB
326 KB 132ms
127ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-16.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a6a3283156db24254aec7fe7b93f88ef8193a0b61d31056cb5bb210617dcd626

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:39:46 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 333383
expires: Sat, 03 Feb 2024 01:45:14 GMT

GET
H3 200 unnamed-17.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 312 KB
312 KB 133ms
129ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-17.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2689ac2a7453661922762dcd23b84bda4ef74a05c9c3740f817f411af2f6084c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:41:12 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 319266
expires: Wed, 07 Feb 2024 01:41:58 GMT

GET
H3 200 unnamed-18.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 188 KB
188 KB 139ms
135ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-18.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7380c39ec1fbcf6ff16ff145bd0ed5033c2b84b41270dae4b05a327a19ba9e66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:42:17 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 192555
expires: Wed, 24 Jan 2024 21:46:19 GMT

GET
H3 200 unnamed-19.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 280 KB
281 KB 141ms
137ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-19.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

da6d3195e96bfbfe1cecd660de92fe05a71437900b1dff539a9d6f5e45c28277

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:43:23 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 286968
expires: Sat, 03 Feb 2024 06:43:58 GMT

GET
H3 200 unnamed-20.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 351 KB
352 KB 142ms
138ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-20.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0f1e4f7008ccffa6948dbcc9eb98f7356a0f3e7bbf0d87a77289820eaa8027e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:44:24 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 359746
expires: Wed, 14 Feb 2024 04:16:09 GMT

GET
H3 200 unnamed-21.gif
antoboomerblog.files.wordpress.com/2023/11/ Frame 2D22 265 KB
265 KB 143ms
139ms Image
image/gif 192.0.72.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://antoboomerblog.files.wordpress.com/2023/11/unnamed-21.gif

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.72.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f7bc1b794480ca073b0a3ff2bdfdd6d5171458d2828ea18e4b80edb151f2289d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 23 np
date: Sun, 21 Jan 2024 00:04:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 06:45:42 GMT
server: nginx
x-orig-src: 01_mogdir
vary: Origin
content-type: image/gif
access-control-allow-origin: https://antoboomerblog.wordpress.com
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 271048
expires: Wed, 21 Feb 2024 00:38:41 GMT

GET
H2

200

sync
pippio.com/api/ Frame CDDB
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=58337
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=58337&_li_chk=true&previous_uuid=8fa0be9921284576ba8e19bd665ac5d9
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=8fa0be99-2128-4576-ba8e-19bd665ac5d9
https://p.rfihub.com/cm?pub=39342&in=1&userid=4f775705-db8e-4490-97cd-6380b73a6a7a%3A1705795441.637368&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D4f775705-db8e-4490-...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1813050728802289503&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D4f7757...
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=4f775705-db8e-4490-97cd-6380b73a6a7a%3A1705795441.637368&pid=500040&it=1&iv=4f775705-db8e-4490-97cd-6380b73a6a7a%3A1705795441.637368&_=17057...
https://pippio.com/api/sync?it=1&pid=500040&_=1705795441.6407647&iv=4f775705-db8e-4490-97cd-6380b73a6a7a:1705795441.637368

42 B
194 B

81ms
79ms

Image
image/gif

107.178.254.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?it=1&pid=500040&_=1705795441.6407647&iv=4f775705-db8e-4490-97cd-6380b73a6a7a:1705795441.637368
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Server: 107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: https://pippio.com/api/sync?it=1&pid=500040&_=1705795441.6407647&iv=4f775705-db8e-4490-97cd-6380b73a6a7a:1705795441.637368
Date: Sun, 21 Jan 2024 00:04:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 0

GET
H/1.1 200
OK 4797259.gif
s4is.histats.com/stats/i/ Frame 2D22 43 B
182 B 201ms
68ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4797259.gif?4797259&103
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:01 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
BLOB 200
OK 553fba5d-1bee-4b2f-bc2b-c9a21c22e295
https://raja.hoki2d.xyz/ Frame 2D22 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://raja.hoki2d.xyz/553fba5d-1bee-4b2f-bc2b-c9a21c22e295
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame A954 50 B
463 B 71ms
71ms Fetch
application/json 18.173.132.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-31.jfk52.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 16:32:55 GMT
via: 1.1 665d1c5fbd9802ee4a4f61e7446fc81e.cloudfront.net (CloudFront), 1.1 e70925a92da0404e239c3620389c3dd0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, JFK52-P2
age: 27066
x-amzn-requestid: 0c74571e-5c56-41ee-a7a8-2a2b59c4124c
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: R2NUvE6qCYcETnw=
content-length: 50
x-amz-cf-id: rRZ8i1Eaz0bRaT2Mg37XakXTRmVqQy38JiZArzChwmrkIznna745pg==

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame A954 2 KB
2 KB 66ms
65ms Script
application/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.7522006010681461&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

58627f33bcb7b5ed28675fa89d0a45aa0107bfcbec0b17bd3ffb5ac99b763943

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Sun, 21 Jan 2024 01:04:01 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame A954 42 B
265 B 69ms
68ms Image
image/gif 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fbolo.treksantuy.xyz%2F&event_source=dtscout&rnd=0.7522006010681461&exptid=ZGgABWWsX20AAAAIA2FBAw%3D%3D&fcmp=false

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:01 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK 4710982.php Show response
s4.histats.com/stats/ Frame 12FE 433 B
568 B 204ms
67ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4710982.php?4710982&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mMARKAS%20PREDIKTOR%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fking.laskar2d.xyz%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-179888875&@b3:1705795441&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmarkas-prediktor.info%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: fd8b49558c88f79a4e600399d893e6ade60b8575936810a5c109aa5c69959b4a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:01 GMT
Connection: close
Content-Length: 433
Content-Type: text/html;charset=UTF-8

GET
H2

200

sync
pippio.com/api/ Frame DEC6
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=24069
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=dee090ff-cec6-49a5-b0e8-6484cc65dae8
https://p.rfihub.com/cm?pub=39342&in=1&userid=21a5ce20-1abd-480c-a270-4f4023c9dc0f%3A1705795441.6355371&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D21a5ce20-1abd-480c...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=2810035095400931258&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D21a5ce...
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=21a5ce20-1abd-480c-a270-4f4023c9dc0f%3A1705795441.6355371&pid=500040&it=1&iv=21a5ce20-1abd-480c-a270-4f4023c9dc0f%3A1705795441.6355371&_=170...
https://pippio.com/api/sync?it=1&pid=500040&_=1705795441.6374905&iv=21a5ce20-1abd-480c-a270-4f4023c9dc0f:1705795441.6355371

42 B
183 B

84ms
81ms

Image
image/gif

107.178.254.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?it=1&pid=500040&_=1705795441.6374905&iv=21a5ce20-1abd-480c-a270-4f4023c9dc0f:1705795441.6355371
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Server: 107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: https://pippio.com/api/sync?it=1&pid=500040&_=1705795441.6374905&iv=21a5ce20-1abd-480c-a270-4f4023c9dc0f:1705795441.6355371
Date: Sun, 21 Jan 2024 00:04:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H3 200 wp-emoji-release.min.js Show response
rtx.dudasoleh.lol/wp-includes/js/ Frame A954 18 KB
5 KB 605ms
604ms Script
application/javascript 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtx.dudasoleh.lol/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 01 Feb 2023 12:53:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2Bl7MVeiV%2B2Aa3J5LawEfTMocmz0Z1E%2BApK7XqVG%2BD5p3F%2Ff44XsGs%2B2Eoz8lEeR7C6k9mMEQdWiWul%2ByxBWRkRS95AYVL0ANWJF5D%2Fi%2FNtuUlzbnIosyFZNkE3YjZ0flNNgXenRzrSP9xZmX8ZsDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c24fd835c76-MIA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 00:04:01 GMT

GET
H3

200

result.php Show response
wget.angkapaito.net/ Frame 997B
Redirect Chain

https://widget.angkapaito.net/result.php
https://wget.angkapaito.net/result.php

5 KB
931 B

91ms
90ms

Document
text/html

2606:4700:3037::ac43:b044
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wget.angkapaito.net/result.php
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:b044 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4ba7b41090aabbe09b55d93951cc7f37e685bf5d27fd3283e73d3e8fcf5bab3

Request headers

Referer: https://raja.hoki2d.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 848b4c25c81eb3c8-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fvmivTNMPy3PQ6NwknhM8b%2FK9HJlBAB%2FnnFUmyzyrHZAt10UGrMd4luKI1fNAHkWT2rXmj28H%2Bi9xAQKxlBWHGEwMWq0HBFOUq2iUuZloM5JddKsUaXeMc2z2QVO%2BkoINT8cmPRaN94YA1%2F9A%2F0TThf"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 848b4c250edeb3c8-MIA
content-type: text/html
date: Sun, 21 Jan 2024 00:04:01 GMT
location: https://wget.angkapaito.net/result.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSEczHlTDqvqI2JGvb54I3NP3YJw6UPuvdmjqb2KZ%2FIYD3gxPwMzc8Ed8t%2FCJ2GXbx1UhWxJNsOIg4JvcCvU%2Be0Dq81MbssUHOtmpB4qAQ6MAgeopoV4G8DZ4GJf7m6hauaD238ndaK1GITj2TBplP0cMGM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 2D22 11 KB
4 KB 56ms
51ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39476
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c250bcbd9d5-MIA
content-length: 4547

GET
DATA 200
OK truncated
/ Frame 2D22 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 13F9 2 KB
1 KB 66ms
66ms Document
text/html 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.7522006010681461&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://rtx.dudasoleh.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sun, 21 Jan 2024 00:04:01 GMT
Expires: Sun, 28 Jan 2024 00:04:01 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H3 200 wp-emoji-release.min.js Show response
markas-prediktor.info/wp-includes/js/ Frame 12FE 18 KB
5 KB 268ms
267ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://markas-prediktor.info/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 4651
expires: Sun, 28 Jan 2024 00:04:01 GMT

GET
H3 200 email-decode.min.js Show response
raja.hoki2d.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 2D22 1 KB
1 KB 38ms
37ms Script
application/javascript 2606:4700:3033::ac43:c223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://raja.hoki2d.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c223 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Jan 2024 17:29:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65983c8b-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Xmy486OD6FvtjicojtRD4dTjYSm4QiYZpiAjnC7touGLGT1fao88MB5E6TpORVIjngZ3GNi3Xv84W7fV7X8aam9myrBTBE4dBE6Bu0QR2tY6RHlQXZjF33gFWzJ1EmcDMvtgNSFPq%2BlYerb5uI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 848b4c256f6c741c-MIA
expires: Tue, 23 Jan 2024 00:04:01 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
raja.hoki2d.xyz/wp-includes/js/dist/vendor/ Frame 2D22 8 KB
3 KB 70ms
69ms Script
application/javascript 2606:4700:3033::ac43:c223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raja.hoki2d.xyz/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 23:16:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 452047
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYetP%2FK0UKCIO4uhbyaNZYmCX1am9Dh0mLO%2FztOBeQgKNaS3yq%2BBwRX5fCEnUm3rRz5hSVUvDhFFWeWfMsrTCj4M%2Fbow%2FR2ijxuJzpNPnrNsbaZwmE1ILwqOun5F0rC7R%2BnE3U2KtuM%2BpqxOeTA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c256f70741c-MIA
alt-svc: h3=":443"; ma=86400
expires: Mon, 22 Jan 2024 18:29:53 GMT

GET
H3 200 regenerator-runtime.min.js Show response
raja.hoki2d.xyz/wp-includes/js/dist/vendor/ Frame 2D22 6 KB
3 KB 44ms
43ms Script
application/javascript 2606:4700:3033::ac43:c223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raja.hoki2d.xyz/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:10:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 78951
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXnUteljjOo2xoaXKiryro8Hk%2FoyB8NrdL6ivHtBiwhOl2cGSIKP4VzZ%2FDWlQldOI4sNhWfZb2v%2BGL67LthmpH%2FPatFW4DCfIv9RgfCL5MVNvBMU%2FdtRnmlHXaC%2BHKOK9YOgw3YffQkzCw9xSBo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c256f72741c-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jan 2024 02:08:09 GMT

GET
H3 200 wp-polyfill.min.js Show response
raja.hoki2d.xyz/wp-includes/js/dist/vendor/ Frame 2D22 112 KB
36 KB 48ms
48ms Script
application/javascript 2606:4700:3033::ac43:c223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raja.hoki2d.xyz/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 21:10:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 78951
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTHPGK9GWVgqaFHV5p2DG3ZDlPr6GhqUXw8SkU4Mk8BVo6eQ9u1hsfH3HUWYlRQfXvoIE1JpBQUujg1wJ9Yy1S8Q798L1CW5VEsTxY%2BA4lbtYO2JVkSfTi%2BQo499M9NM8Zq6u7Wn%2B03JocvCyn8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c256f73741c-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jan 2024 02:08:09 GMT

GET
H3 200 frontend.js Show response
raja.hoki2d.xyz/wp-content/plugins/sidebar-login/build/ Frame 2D22 4 KB
2 KB 45ms
45ms Script
application/javascript 2606:4700:3033::ac43:c223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raja.hoki2d.xyz/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 01 Jul 2023 14:00:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 216814
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frzs8y7JdAT8Su9Htu1R21ThgjcnppS%2FKY3RBR3jofORfVnERZ4NKlgVg0MqGiJouEY%2FINTrNwPd2I%2Bjsi9o9prNqZoeQkxUUNwux1vgyglHkG0PMS1HnDsfD3B63KoFJU6SCjlNqQqKJ7wClVU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c256f75741c-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 25 Jan 2024 11:50:26 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame A954 5 KB
2 KB 61ms
61ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2436
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: kburfz1lZMizaTk4GbMRBYckFQCYNiOyb-hIRWaPBTHcc6U5RwgMIg==

GET
H/1.1 200
OK 4797259.php Show response
s4.histats.com/stats/ Frame 2D22 433 B
568 B 207ms
68ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4797259.php?4797259&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mHOKI2D%20%E2%80%93%20PREDIKSI%20ANGKA%20JITU%20WLA%20HARI%20INI&@n0&@ohttps%3A%2F%2Frtx.dudasoleh.lol%2F&@q0&@r0&@s3021&@ten-US&@u1600&@b1:-161445004&@b3:1705795441&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fraja.hoki2d.xyz%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: ba52bcf8fa2e1fbb1fd3dc05b3c0946fd129ec68d2d5d6c6974801edbd90a1a0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:01 GMT
Connection: close
Content-Length: 433
Content-Type: text/html;charset=UTF-8

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 12FE 22 KB
12 KB 53ms
51ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 33284
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c26fef7d9d5-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 12FE 7 KB
4 KB 269ms
267ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmarkas-prediktor.info%2F&j=https%3A%2F%2Fking.laskar2d.xyz%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4710982.php?4710982&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mMARKAS%20PREDIKTOR%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fking.laskar2d.xyz%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-179888875&@b3:1705795441&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fmarkas-prediktor.info%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8be8983ab007df1ba98857245f674b1ea7cebbf9bbb5c24db4962de653093fa4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
x-t: 0.25
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2BCqRUPPt1uaPgkEsqVkyoVteVTQTI2%2BXslIIDYeDKOJlGqu0PXdwRRu7c1LNybgxrFVajXzSgO5zoDqls%2FCTXX4KVMsljlQlWxhP3o1ztcClMeuS%2FFFWtxUqKvFEXUQL8OxbP2A5gRuu7k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c26ff6c6dc2-MIA
expires: Sun, 21 Jan 2024 00:04:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match?r=56282
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
679 B

211ms
67ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:02 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:01 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:01 GMT

GET
H3 200 close.png
rtx.dudasoleh.lol/wp-content/plugins/uji-popup/modal/css/ Frame A954 4 KB
5 KB 620ms
620ms Image
image/png 2606:4700:3030::ac43:a16f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtx.dudasoleh.lol/wp-content/plugins/uji-popup/modal/css/close.png
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:a16f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 708c5f09bb1e3e8c8c5ee2cb96b536a1ef77c82a592367a6346f08d718377c47

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/wp-content/plugins/uji-popup/modal/css/jquery.modal.css?ver=0.5.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Jun 2023 09:09:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQro6i0bWbAwqdItUWi5Ne%2FrP55zh3ZeGizurv5fXbwWh%2FpcQvwP6mFVhoD5mXwUFOC4qtWKIP2%2F46F4tuvKd35ai1H5ogRsIhlPH9Q%2FkrG2Nm%2FfudWrlZJqsX6CRKFimjhPkMmKSRh7im58171LfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 848b4c280b085c76-MIA
alt-svc: h3=":443"; ma=86400
content-length: 4393
expires: Sun, 28 Jan 2024 00:04:02 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 9628 0
289 B 68ms
68ms Image
text/plain 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGgABWWsX20AAAAIA2FBAw%253D%253D&tt=t.dhj&dhjLcy=1705795438269&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23380&ell=d&cck=__stid&dmn=sky.pasukanantidepo.shop&pn=%2F&qs=na&rdn=sky.pasukanantidepo.shop&rpn=%2F&rqs=na&cc=US&cont=NA&evid=qhMVp0YAOuVo88OBoA7L&urls=!1!538!b-13j,!0!537!b-13l,!1!446!b-14s,!1!0!b-14t,!1!389!b-150,!1!506!b-16f&rnd=1705795441905&cid=c010&version=1.1268.23380&cc=US&cont=NA&cls=C&repeat=0&htmLcy=86&bcnLcy=98

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Sun, 21 Jan 2024 00:04:01 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1268.23380/a/US/ Frame F809 19 KB
9 KB 75ms
74ms Script
text/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:02 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8535
Expires: Sun, 28 Jan 2024 00:04:02 GMT

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame A954 41 B
465 B 66ms
66ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 75bee475e0eb4e9aa841f244bca9cabcf4652cc75ffed66e332173e2d636d379

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://rtx.dudasoleh.lol
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame CDDB 0
141 B 75ms
75ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=90342&pu=https://sky.pasukanantidepo.shop/
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 32A37F6AA7344947953B61FB7BA36071 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXNhTpFRuWF5XHRmcA==

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame DEC6 0
143 B 108ms
107ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=57715&pu=https://sky.pasukanantidepo.shop/
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:01 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 6ACCDE583A7847DABCB451C5FBEC19D4 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXNhUWCVn0SKoQE4SA==

GET
H2 200 cc_3021.js Show response
s10.histats.com/counters/ Frame 2D22 18 KB
8 KB 64ms
63ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_3021.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d310891fe2f1cfd19e14cc4e74f47ae90b95a9f981ff5e8d5d9ad15bd825448

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 6445
etag: "-1322903896"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c28d9e5d9d5-MIA
content-length: 7783

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 2D22 7 KB
3 KB 264ms
263ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fraja.hoki2d.xyz%2F&j=https%3A%2F%2Frtx.dudasoleh.lol%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4797259.php?4797259&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mHOKI2D%20%E2%80%93%20PREDIKSI%20ANGKA%20JITU%20WLA%20HARI%20INI&@n0&@ohttps%3A%2F%2Frtx.dudasoleh.lol%2F&@q0&@r0&@s3021&@ten-US&@u1600&@b1:-161445004&@b3:1705795441&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fraja.hoki2d.xyz%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fa3447a88a3b465eacad9919e18982321999b0a9ded0384b64bab78c59003ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
x-t: 0.24
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0J7kNOEynAyKbGhHUJc0RZTHl%2BO16w7iT7eF%2BPAZrFvwXy5lvTKQJchPjPCg3u7jQKzPqb11MISmhEvwOwo%2Fe2L5m8DPElI5yEsPi7ASUX9%2F%2FAMywmGOBisS9FHtCw3JWuAOnjQTSXbpyRo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c28d9ea6dc2-MIA
expires: Sun, 21 Jan 2024 00:04:01 GMT

GET
H3 200 wp-emoji-release.min.js Show response
raja.hoki2d.xyz/wp-includes/js/ Frame 2D22 18 KB
5 KB 45ms
44ms Script
application/javascript 2606:4700:3033::ac43:c223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://raja.hoki2d.xyz/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Feb 2023 12:53:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 78935
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLuyXlsgJJj4VJoabjjqvAFUYgw3zkbfXHizP2JcmE4fRZAh4kM8Scp%2BfeaLbjL%2FodvEyJQDs0RsDKT%2BSj%2FaEwF2%2Fs2SJyPmM039ALzO9%2FxyqafAHggJIfdHy71u0NtZNsvvdgAWuvXKzsWlOO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4c28ee22741c-MIA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jan 2024 02:08:26 GMT

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame 12FE 58 KB
18 KB 72ms
70ms Script
text/javascript 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmarkas-prediktor.info%2F&j=https%3A%2F%2Fking.laskar2d.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:06:03 GMT
content-encoding: gzip
via: 1.1 dd80355363eac92e0372107558e579a8.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 68280
x-amz-server-side-encryption: AES256
etag: W/"eb52f900499b46d1088df97dad487c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 5dED2bicO2Djvu3HXqGwuVH6IehVtY4TtYGXg-r1s4HcagbbVOi_Pg==

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame 12FE 35 B
248 B 139ms
138ms Image
image/gif 141.94.171.216
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=137085098&mapped=51A01705795437671B15BDFA0C3AC9B3
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmarkas-prediktor.info%2F&j=https%3A%2F%2Fking.laskar2d.xyz%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.171.216 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-eu-10.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 12FE 0
439 B 87ms
85ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fmarkas-prediktor.info%2F&r=https%3A%2F%2Fking.laskar2d.xyz%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmarkas-prediktor.info%2F&j=https%3A%2F%2Fking.laskar2d.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
x-t: 1.05
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgR0OSY%2BBqW8Is65zgFrpqgCm65DA3YtrniQeEmdEX1KmcYuFBoPeiFk7EoyYQAuplFMjjyoD1IvanZ2O1WCvJqz3%2BfCFXYI47d8Acm%2FG1rJ49xX7v73IJHZV20vteWuupS8syKKg1atww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 848b4c291a80287a-MIA
expires: Sat, 20 Jan 2024 23:40:19 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 12FE 33 KB
11 KB 68ms
66ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmarkas-prediktor.info%2F&j=https%3A%2F%2Fking.laskar2d.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38443
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: uXD1N8wm2H4EN7vlD6ZlsqhD3lPlKnmMYGXBVZmkiM5pt6quEk42lQ==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 12FE 2 KB
3 KB 69ms
68ms Script
application/javascript 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmarkas-prediktor.info%2F&j=https%3A%2F%2Fking.laskar2d.xyz%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

c4425bf79d38f326138bacaa3c55d3b01eb90cd641e3e0f56f88ac721b3902b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:02 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 12FE 51 B
355 B 260ms
259ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=markas-prediktor.info&_ss=6fh3i3r2x3&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=3rju&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmarkas-prediktor.info%2F&j=https%3A%2F%2Fking.laskar2d.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 514297e1bb55a9f1109a9dd4962e2a4b5e2cbaf6784f19e81d522f76828a569c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
x-t: 0.139
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKankDvjYP1voQBDMs6PE920rLJKzoAoYzPwL%2FPCS0QY0JZUG33GGa1e%2FAlvBBVwd%2Fl2gZHWjvwQfOmqRD8%2B6Edk31qVMlaIJJwI5razgnoFXsbImbdi7k0htqEbG9bHaGXbkMIlcjNWfeE%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c291a286dc2-MIA
expires: Sun, 21 Jan 2024 00:04:01 GMT

GET
DATA 200
OK truncated
/ Frame 12FE 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca2c8c7ec5f2b6f1be203368ecd6e4b00dfe8fb17b916963fe7ba54868d5e6b6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame F809 0
289 B 65ms
65ms Image
text/plain 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGgABWWsX20AAAAIA2FBAw%253D%253D&tt=t.dhj&dhjLcy=1705795441472&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23380&ell=d&cck=__stid&dmn=bolo.treksantuy.xyz&pn=%2F&qs=na&cc=US&cont=NA&evid=kWNVp0YAZ6Fpu5XfLg-l&urls=&rnd=1705795442085&cid=c010&version=1.1268.23380&cc=US&cont=NA&cls=C&repeat=0&htmLcy=114&bcnLcy=133

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Sun, 21 Jan 2024 00:04:02 GMT

GET
DATA 200
OK truncated
/ Frame 2D22 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a781450129f4a3dbafcfe62558de75c582c35f1a3f44a6a3603d30175b7b0bf

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 12FE 2 KB
2 KB 68ms
67ms Script
application/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5611904652195727&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

58627f33bcb7b5ed28675fa89d0a45aa0107bfcbec0b17bd3ffb5ac99b763943

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Sun, 21 Jan 2024 01:04:02 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 12FE 42 B
265 B 69ms
68ms Image
image/gif 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fking.laskar2d.xyz%2F&event_source=dtscout&rnd=0.5611904652195727&exptid=ZGgABWWsX20AAAAIA2FBAw%3D%3D&fcmp=false

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:02 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 12FE 50 B
454 B 97ms
97ms Fetch
application/json 18.173.132.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-31.jfk52.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
via: 1.1 837618b47e5c2bb0a75ec63765498424.cloudfront.net (CloudFront), 1.1 e70925a92da0404e239c3620389c3dd0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C1, JFK52-P2
x-amzn-requestid: de2a3608-20fe-4f23-a5da-b42c2b96a35c
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: R3PZ5F3jiYcEqrw=
content-length: 50
x-amz-cf-id: e0oWGgPl4IhohO11GvemftYeyQiHjtNk008sVZ3FpTBiWhEwXP78DQ==

GET
H/1.1

200
OK

35759
i6.liadm.com/s/
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=22405
https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=7169882469513063975
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79

43 B
548 B

282ms
70ms

Image
image/gif

2600:1f18:ed:550a:ac77:9c63:d66e:ebeb
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79

Requested by

Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/

Protocol

HTTP/1.1

Server

2600:1f18:ed:550a:ac77:9c63:d66e:ebeb Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:03 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79
Date: Sun, 21 Jan 2024 00:04:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 42E4 85 B
482 B 66ms
66ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://sky.pasukanantidepo.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134891
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: KpkvGFW2jrfYpjuvAIRTQGVOgL2eUKV5Ob0tEMZf6xR0P2bd0fr3Zw==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 7D54 2 KB
1 KB 69ms
68ms Document
text/html 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5611904652195727&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://markas-prediktor.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sun, 21 Jan 2024 00:04:02 GMT
Expires: Sun, 28 Jan 2024 00:04:02 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame 2D22 35 B
248 B 138ms
137ms Image
image/gif 141.94.171.216
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?partner=137085098&mapped=51A01705795437671B15BDFA0C3AC9B3
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fraja.hoki2d.xyz%2F&j=https%3A%2F%2Frtx.dudasoleh.lol%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.171.216 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-eu-10.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 2D22 0
436 B 123ms
121ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fraja.hoki2d.xyz%2F&r=https%3A%2F%2Frtx.dudasoleh.lol%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fraja.hoki2d.xyz%2F&j=https%3A%2F%2Frtx.dudasoleh.lol%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
x-t: 2.24
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pm%2FUo2r6G6CWWp%2BzTPQ0EvudECcrgpD7jhw8zFflhnHV%2BChCS%2BCfyqipC%2B4DlkTmqk7S2iMc3OoMv7zFCJoW5eG5hVMtqBIEdB7smBxTeh6qTli3wmCnAZB9yGUBsasOmvRMoH36kf6ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 848b4c2add62287a-MIA
expires: Sat, 20 Jan 2024 21:43:52 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 2D22 33 KB
11 KB 70ms
69ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fraja.hoki2d.xyz%2F&j=https%3A%2F%2Frtx.dudasoleh.lol%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38443
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: 20_T8CmzIKCjcbgfYaUEjEa1ib3jEszODLiXIOnzopghejhKzZuCcA==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 2D22 2 KB
3 KB 71ms
70ms Script
application/javascript 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fraja.hoki2d.xyz%2F&j=https%3A%2F%2Frtx.dudasoleh.lol%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

c4425bf79d38f326138bacaa3c55d3b01eb90cd641e3e0f56f88ac721b3902b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:02 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 2D22 51 B
339 B 271ms
263ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=raja.hoki2d.xyz&_ss=2e2vt9tzn8&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=3noh&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fraja.hoki2d.xyz%2F&j=https%3A%2F%2Frtx.dudasoleh.lol%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c3e9fd449a2e0ce8cd726df2af78ef10e4e0108f92821be8cf2ba47c02de67b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
x-t: 0.164
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oT4bsIw7VlSMuD8rZZIVKwer4WiKIjPPrSHe4X5SbOu3IeR3t0pUuCA4AaLh%2BQmiXoPqqhXNS%2Fzda8n70uKAvWSJEaVu%2B7XtPjmt9tKb4KP%2BRtogAVVIHubE9iAOKm%2BGQpRctIjXqK1kXks%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c2aebff6dc2-MIA
expires: Sun, 21 Jan 2024 00:04:01 GMT

GET
H2 200 / Show response
dtsedge.com/ping/ Frame 2D22 0
447 B 213ms
94ms Script
application/javascript 2606:4700:3033::6815:e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dtsedge.com/ping/?t=300&d=raja.hoki2d.xyz
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fraja.hoki2d.xyz%2F&j=https%3A%2F%2Frtx.dudasoleh.lol%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
x-t: 0.54
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApqczZ4wcetGGDfUD7HUtiaiOgJqasC8CxpjvAupiKQmDuAYBNvz8ZM9L69KF9a%2FMrFQAtOzwxSpuH6ae3Uub%2BVmz4OFY6LS9zNOihauM1Xk9SIgJA%2F2HVrIThm5duEapdL2m%2FLtRpJa2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 848b4c2b9917da87-MIA
alt-svc: h3=":443"; ma=86400

GET
H2

200

tpid=51A01705795437671B15BDFA0C3AC9B3
bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/ Frame 2D22
Redirect Chain

https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=51A01705795437671B15BDFA0C3AC9B3
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=51A01705795437671B15BDFA0C3AC9B3

49 B
542 B

84ms
84ms

Image
image/gif

34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=51A01705795437671B15BDFA0C3AC9B3
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H2
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:02 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.5.24
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:02 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=51A01705795437671B15BDFA0C3AC9B3
cache-control: no-cache
x-server: 10.40.0.173
content-length: 0
expires: 0

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 42E4 766 B
1 KB 65ms
62ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401247
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: 0MPFLjmox7DIwYrJQYYkb8wdm2Z3flrlRTefQylswN4vbSnoEe4dEg==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 12FE 5 KB
2 KB 66ms
63ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2437
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: J1SXXY8zLLA8So1vpjxn4vW3drcr7ujZN3fBBB-f2qsuzjC8bMU7Mw==

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1268.23380/a/US/ Frame C3EA 19 KB
9 KB 74ms
73ms Script
text/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:02 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8535
Expires: Sun, 28 Jan 2024 00:04:02 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame CDDB
Redirect Chain

https://um.simpli.fi/lj_match?r=42347
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
996 B

67ms
66ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:02 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:02 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:02 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame DEC6
Redirect Chain

https://um.simpli.fi/lj_match?r=89772
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
996 B

138ms
66ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:02 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:02 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:02 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 2D22 50 B
463 B 82ms
78ms Fetch
application/json 18.173.132.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-31.jfk52.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 10:12:04 GMT
via: 1.1 95de318e1a7dd6c72c9869d80089c7d2.cloudfront.net (CloudFront), 1.1 e70925a92da0404e239c3620389c3dd0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, JFK52-P2
age: 49918
x-amzn-requestid: a6dd145e-0fec-4d6c-8a85-84a1bae972a5
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: R1ViLEFcCYcEGLw=
content-length: 50
x-amz-cf-id: VX3x9NMM1kMJ2SjJrOjlKUN0wNFcDb8RaC1-37g8CgwcW2WktsOR_w==

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 2D22 2 KB
2 KB 271ms
269ms Script
application/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.653599832206059&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

58627f33bcb7b5ed28675fa89d0a45aa0107bfcbec0b17bd3ffb5ac99b763943

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Sun, 21 Jan 2024 01:04:02 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 2D22 42 B
265 B 354ms
352ms Image
image/gif 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Frtx.dudasoleh.lol%2F&event_source=dtscout&rnd=0.653599832206059&exptid=ZGgABWWsX20AAAAIA2FBAw%3D%3D&fcmp=false

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:02 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 12FE 41 B
469 B 68ms
68ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 75bee475e0eb4e9aa841f244bca9cabcf4652cc75ffed66e332173e2d636d379

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://markas-prediktor.info
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame A954 43 B
177 B 70ms
69ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:02 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame C3EA 0
289 B 340ms
339ms Image
text/plain 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGgABWWsX20AAAAIA2FBAw%253D%253D&tt=t.dhj&dhjLcy=1705795442304&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23380&ell=d&cck=__stid&dmn=king.laskar2d.xyz&pn=%2F&qs=na&cc=US&cont=NA&evid=MhNVp0YAwlXW2Vb-YA6r&urls=&rnd=1705795442766&cid=c010&version=1.1268.23380&cc=US&cont=NA&cls=C&repeat=0&htmLcy=122&bcnLcy=81

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Sun, 21 Jan 2024 00:04:02 GMT

GET
H2 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame 7CC9 107 KB
13 KB 273ms
272ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:02 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Sun, 28 Jan 2024 00:04:02 GMT

GET
BLOB 200
OK cb96b089-bd15-4056-baa9-af685c970949
https://zona-bermain.com/ Frame 7CC9 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://zona-bermain.com/cb96b089-bd15-4056-baa9-af685c970949
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2

200

live_intent_sync
x.dlx.addthis.com/e/ Frame CDDB
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=52662
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=8fa0be99-2128-4576-ba8e-19bd665ac5d9
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=8fa0be99-2128-4576-ba8e-19bd665ac5d9&rd=Y

43 B
594 B

196ms
193ms

Image
image/gif

104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=8fa0be99-2128-4576-ba8e-19bd665ac5d9&rd=Y

Requested by

Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/

Protocol

Server

104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-126-112-185.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 21 Jan 2024 00:04:03 GMT
pragma: no-cache
date: Sun, 21 Jan 2024 00:04:03 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=8fa0be99-2128-4576-ba8e-19bd665ac5d9&rd=Y
pragma: no-cache
date: Sun, 21 Jan 2024 00:04:03 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Sun, 21 Jan 2024 00:04:03 GMT

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 3861 85 B
483 B 259ms
258ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://king.laskar2d.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134892
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: XBUPDT7_idz27A5bUtCRb7EwsZB_AFqT4kI2QOXMV0VjGkja13-WWg==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2

200

usersync.aspx
dis.criteo.com/dis/ Frame DEC6
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=95151
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

43 B
363 B

195ms
59ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:02 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 255248
expires: Sun, 21 Jan 2024 00:00:00 GMT

Redirect headers

Location: https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date: Sun, 21 Jan 2024 00:04:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 9FCC 85 B
481 B 259ms
258ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://bolo.treksantuy.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134892
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: 30620hdfvMRsbUWyyUPtCoc-fpEF6gHh-6UAogpt6_EEEOx0lWXxPg==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

merge
ce.lijit.com/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=IBojjSZHx2VQz486REa1YP5c/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
https://ce.lijit.com/merge?pid=5001&3pid=ab64fa0e90b9b1997c07960e3f815611

43 B
999 B

69ms
68ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=ab64fa0e90b9b1997c07960e3f815611
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:03 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:03 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=ab64fa0e90b9b1997c07960e3f815611
cache-control: no-cache
x-server: 10.40.53.236
content-length: 0
expires: 0

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 319E 0
0 71ms
70ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=59373
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://rtx.dudasoleh.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:03 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: kkS57nQFX1Pxv8dixzJxanwlBmUJYFhAaJqjqRonxHK4b3wb0e6LNA==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 76F8 2 KB
1 KB 71ms
65ms Document
text/html 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.653599832206059&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://raja.hoki2d.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sun, 21 Jan 2024 00:04:03 GMT
Expires: Sun, 28 Jan 2024 00:04:03 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 7CC9 227 B
282 B 328ms
317ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Sun, 28 Jan 2024 00:04:03 GMT

GET
H2 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 7CC9 2 KB
385 B 308ms
297ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Sun, 28 Jan 2024 00:04:03 GMT

GET
H2 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 7CC9 28 KB
8 KB 307ms
297ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Sun, 28 Jan 2024 00:04:03 GMT

GET
H2 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 7CC9 3 KB
838 B 326ms
316ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Sun, 28 Jan 2024 00:04:03 GMT

GET
H2 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 7CC9 86 KB
29 KB 305ms
295ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Sun, 28 Jan 2024 00:04:03 GMT

GET
H2 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 7CC9 13 KB
5 KB 304ms
293ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Sun, 28 Jan 2024 00:04:03 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 7CC9 157 KB
26 KB 45ms
34ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:03 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3283418
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760044-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 7CC9 30 KB
7 KB 54ms
44ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 4465840
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4c305aab67cf-MIA
cdn-requestpullsuccess: True

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 7CC9 21 KB
8 KB 44ms
35ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:03 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4041568
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760044-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 7CC9 62 KB
16 KB 44ms
36ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:03 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4489633
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760044-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 2D22 5 KB
2 KB 68ms
60ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2438
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 4mZK5jfKoAAeLe2zI01CSQ6YTudQQt8LtnGEC6DMTCtcJ-mAJA8z-w==

GET
H2 200 7.png
zona-bermain.com/script/ Frame 7CC9 24 KB
25 KB 498ms
497ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Sun, 28 Jan 2024 00:04:03 GMT

GET
H2 200 6.png
zona-bermain.com/script/ Frame 7CC9 25 KB
25 KB 501ms
500ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Sun, 28 Jan 2024 00:04:03 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame 7CC9 25 KB
25 KB 262ms
260ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 25407
expires: Sun, 28 Jan 2024 00:04:03 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame 7CC9 25 KB
25 KB 807ms
801ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Sun, 28 Jan 2024 00:04:03 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame 7CC9 25 KB
25 KB 298ms
291ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Sun, 28 Jan 2024 00:04:03 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame 7CC9 25 KB
25 KB 889ms
884ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Sun, 28 Jan 2024 00:04:03 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame 7CC9 24 KB
25 KB 905ms
901ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Sun, 28 Jan 2024 00:04:03 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame 7CC9 25 KB
25 KB 898ms
895ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Sun, 28 Jan 2024 00:04:03 GMT

GET
H3 200 5.png
zona-bermain.com/script/ Frame 7CC9 25 KB
25 KB 891ms
887ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/5.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5f535c3b2a3e766186afdfcdcc69c61bdabd63853a8a22b30795fa317b28c453

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25302
expires: Sun, 28 Jan 2024 00:04:03 GMT

GET
H3 200 0.png
zona-bermain.com/script/ Frame 7CC9 25 KB
25 KB 894ms
890ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Sun, 28 Jan 2024 00:04:03 GMT

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame 7CC9 43 B
182 B 218ms
71ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:03 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 7CC9 8 KB
2 KB 297ms
290ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Sun, 28 Jan 2024 00:04:03 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 7CC9 6 KB
2 KB 516ms
510ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Sun, 28 Jan 2024 00:04:03 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 7CC9 112 KB
34 KB 532ms
526ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Sun, 28 Jan 2024 00:04:03 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 7CC9 4 KB
2 KB 800ms
796ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Sun, 28 Jan 2024 00:04:03 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1268.23380/a/US/ Frame B0AB 19 KB
9 KB 74ms
73ms Script
text/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:03 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8535
Expires: Sun, 28 Jan 2024 00:04:03 GMT

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 2D22 117 B
535 B 66ms
66ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: dc5b5945c7eb323b051de03b7b7a296353523d2d4847b9ed8a948344e59c4728

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:03 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://raja.hoki2d.xyz
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 132

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 3861 766 B
1 KB 62ms
61ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401248
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: 3y9wSRq57mYLmRXisxsxYVjUFGd_TBNQ1Sywl-Ztk3aSWduLaBo1Ow==

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 9FCC 766 B
1 KB 62ms
61ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401248
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: 7dhMQ79NSowB3FzBORdZ5Ta8sUnMlDz8LRvys_cpp8csoNyoDIZZMQ==

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame B0AB 0
289 B 69ms
68ms Image
text/plain 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGgABWWsX20AAAAIA2FBAw%253D%253D&tt=t.dhj&dhjLcy=1705795443225&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23380&ell=d&cck=__stid&dmn=rtx.dudasoleh.lol&pn=%2F&qs=na&cc=US&cont=NA&evid=RuNVp0YAohhS9qEkUrXE&urls=&rnd=1705795443603&cid=c010&version=1.1268.23380&cc=US&cont=NA&cls=C&repeat=0&htmLcy=150&bcnLcy=450

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:03 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Sun, 21 Jan 2024 00:04:03 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 7CC9 11 KB
5 KB 49ms
48ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39478
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c332868d9d5-MIA
content-length: 4547

GET
H2 200 poltar.php Show response
kaptenoleng.com/ Frame 613D 10 KB
3 KB 1058ms
322ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:04 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 7CC9 75 KB
76 KB 49ms
44ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 52935
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0169a029d86cd905494d0223eb6c0fce
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4c333bf0497c-MIA
cdn-requestpullsuccess: True

GET
H3

200

/ Show response
zona-bermain.com/prediksi-cambodia/ Frame B9BF
Redirect Chain

https://zona-bermain.com/prediksi-cambodia
https://zona-bermain.com/prediksi-cambodia/

97 KB
20 KB

523ms
523ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/prediksi-cambodia/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

bd63e35a02fd66adc12f758a9634a1d0ad407eddf70c0917cff5bd4483320bad

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:04 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/87>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=87>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:04 GMT
location: https://zona-bermain.com/prediksi-cambodia/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H2

200

live_intent_sync
x.dlx.addthis.com/e/ Frame A954
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=79770
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=8fa0be99-2128-4576-ba8e-19bd665ac5d9

43 B
594 B

143ms
140ms

Image
image/gif

104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=8fa0be99-2128-4576-ba8e-19bd665ac5d9

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Server

104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-126-112-185.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sun, 21 Jan 2024 00:04:03 GMT
pragma: no-cache
date: Sun, 21 Jan 2024 00:04:03 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

Redirect headers

Location: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=8fa0be99-2128-4576-ba8e-19bd665ac5d9
Date: Sun, 21 Jan 2024 00:04:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 12FE 43 B
177 B 69ms
67ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:03 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK pixel Show response
ps.eyeota.net/ 613 B
997 B 60ms
58ms Script
application/javascript 50.16.174.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-174-192.compute-1.amazonaws.com
Software: /
Resource Hash: 676084882f6d4503b99dd45799c96d842c82125889e0486b94d574bb049d616f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: application/javascript
Date: Sun, 21 Jan 2024 00:04:03 GMT
Content-Length: 613
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame 7CC9 437 B
572 B 198ms
66ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20BERMAIN%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fmarkas-prediktor.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:53707037&@b3:1705795444&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 5759df7d0a6416c5942bf98dc8de853d7caafc1883eac27a412a7f3e882741a6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:03 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=Eyeot
https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-h9orpaNE2pXaeEnDlp6BiyDrjnHkkOzRnn0-~A

70 B
440 B

59ms
58ms

Image
image/gif

50.16.174.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-h9orpaNE2pXaeEnDlp6BiyDrjnHkkOzRnn0-~A
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Server: 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-174-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 21 Jan 2024 00:04:04 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-h9orpaNE2pXaeEnDlp6BiyDrjnHkkOzRnn0-~A
date: Sun, 21 Jan 2024 00:04:04 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u&_test=ZaxfdAAQBIdxCQBH
https://ps.eyeota.net/match?uid=ZaxfdAAQBIdxCQBH&bid=0rijhbu&referrer_pid=51md42u&_test=ZaxfdAAQBIdxCQBH

70 B
440 B

61ms
60ms

Image
image/gif

50.16.174.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=ZaxfdAAQBIdxCQBH&bid=0rijhbu&referrer_pid=51md42u&_test=ZaxfdAAQBIdxCQBH
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Server: 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-174-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 21 Jan 2024 00:04:04 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

x-served-by: cache-mia-kmia1760099-MIA
pragma: no-cache
date: Sun, 21 Jan 2024 00:04:04 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1705795444.282257,VS0,VE0
x-cache: HIT
location: https://ps.eyeota.net/match?uid=ZaxfdAAQBIdxCQBH&bid=0rijhbu&referrer_pid=51md42u&_test=ZaxfdAAQBIdxCQBH
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u
https://ps.eyeota.net/match?uid=2907085194688289057&bid=2cr76e1&referrer_pid=51md42u

70 B
440 B

62ms
60ms

Image
image/gif

50.16.174.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=2907085194688289057&bid=2cr76e1&referrer_pid=51md42u
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Server: 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-174-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 21 Jan 2024 00:04:03 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:03 GMT
an-x-request-uuid: c08d704c-bbdf-4cba-b73b-0edc29e3f21d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ps.eyeota.net/match?uid=2907085194688289057&bid=2cr76e1&referrer_pid=51md42u
x-proxy-origin: 38.132.118.71; 38.132.118.71; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

2981
tags.bluekai.com/site/
Redirect Chain

https://tags.bluekai.com/site/29537?limit=1&id=280j_SntqUi5OVGUm125tWWIUATlVfMZdAIUt7R8R3sE
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=SkVqUG0yb1E5OWV2UHZoaw%3D%3D
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEPTQLZ_NTvLRk-1f2Z2V5Eo&google_cver=1

62 B
304 B

131ms
131ms

Image
image/gif

104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEPTQLZ_NTvLRk-1f2Z2V5Eo&google_cver=1
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 21 Jan 2024 00:04:04 GMT
content-length: 62
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEPTQLZ_NTvLRk-1f2Z2V5Eo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 qmap
sync.crwdcntrl.net/ 49 B
264 B 89ms
65ms Image
image/gif 34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=6387&gdpr=0&gdpr_consent=
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:03 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.5.150
content-length: 49
expires: 0

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 2D22 43 B
177 B 72ms
72ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:04 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame A954 0
142 B 82ms
81ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=19549&pu=https://bolo.treksantuy.xyz/
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:03 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A93E11D4594C414386CE7EE89D5A367A Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:04Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXOKxiuKWYxdbILwGA==

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame CC02 0
0 71ms
70ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=83700
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://markas-prediktor.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:04 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: if8zWz_uwO8W9JACR_kCr8A7U6lJbFK_gmIiE1UMzr_tMGat971X0w==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H2

204

CookieSyncThrotle
rtb.adentifi.com/ Frame CDDB
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
https://thrtle.com/sync?_reach=1&vxii_pdid=IBojjSZHx2VQz486REa1YP5c&vxii_pid=12&vxii_pid1=7002&vxii_rcid=7db4e1ff-29b3-4658-93ec-a54ac0e6cd48&vxii_rmax=1
https://rtb.adentifi.com/CookieSyncThrotle?

0
284 B

196ms
58ms

Image
text/plain

3.213.62.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncThrotle?
Requested by: Host: king.laskar2d.xyz
URL: https://king.laskar2d.xyz/
Protocol: H2
Server: 3.213.62.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-62-40.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://king.laskar2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT

Redirect headers

location: https://rtb.adentifi.com/CookieSyncThrotle?
date: Sun, 21 Jan 2024 00:04:04 GMT
content-type: text/html; charset=utf-8
content-length: 66
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2

204

CookieSyncThrotle
rtb.adentifi.com/ Frame DEC6
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
https://thrtle.com/sync?_reach=1&vxii_pdid=IBojjSZHx2VQz486REa1YP5c&vxii_pid=12&vxii_pid1=7002&vxii_rcid=8e9561b3-0dec-477b-8877-09149dad5ed5&vxii_rmax=1
https://rtb.adentifi.com/CookieSyncThrotle?

0
285 B

195ms
57ms

Image
text/plain

3.213.62.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncThrotle?
Requested by: Host: bolo.treksantuy.xyz
URL: https://bolo.treksantuy.xyz/
Protocol: H2
Server: 3.213.62.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-62-40.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT

Redirect headers

location: https://rtb.adentifi.com/CookieSyncThrotle?
date: Sun, 21 Jan 2024 00:04:04 GMT
content-type: text/html; charset=utf-8
content-length: 66
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2

204

CookieSyncThrotle
rtb.adentifi.com/
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
https://thrtle.com/sync?_reach=1&vxii_pdid=IBojjSZHx2VQz486REa1YP5c&vxii_pid=12&vxii_pid1=7002&vxii_rcid=2ac52133-392c-4b27-a2f2-d282db0ba921&vxii_rmax=1
https://rtb.adentifi.com/CookieSyncThrotle?

0
284 B

196ms
58ms

Image
text/plain

3.213.62.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncThrotle?
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 3.213.62.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-213-62-40.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT

Redirect headers

location: https://rtb.adentifi.com/CookieSyncThrotle?
date: Sun, 21 Jan 2024 00:04:04 GMT
content-type: text/html; charset=utf-8
content-length: 66
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 7CC9 13 KB
5 KB 54ms
53ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 40125
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c398998d9d5-MIA
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 7CC9 6 KB
3 KB 117ms
116ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2F&j=https%3A%2F%2Fmarkas-prediktor.info%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mZONA%20BERMAIN%20%E2%80%93%20TEMPAT%20BERKUMPUL%20NYA%20PARA%20PREDIKTOR&@n0&@ohttps%3A%2F%2Fmarkas-prediktor.info%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:53707037&@b3:1705795444&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed583d56011d88ec5fdd34247d6c7690db6712dda088d7907eacabfa1ee60002

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:04 GMT
x-t: 0.236
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R90sTVxfl3UwxJvc6JNw6DbttvWpHEDcryCBNmcJjvWRONRs9ksh%2FxUO50id%2F98pkoqnTHEvdqSXTK23ib9lwAgoGQUUa%2B9YCoCubGKTjdU0%2F4rBhOsLttIcDqfpIdeu7LhB1CEQZMp4H5o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl1
cf-ray: 848b4c397e7f6dc2-MIA
expires: Sun, 21 Jan 2024 00:04:03 GMT

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 7CC9 18 KB
5 KB 261ms
260ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:04 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Sun, 28 Jan 2024 00:04:04 GMT

GET
H2 200 bbjs.js Show response
bungaprediction.top/ Frame 613D 15 KB
3 KB 1373ms
272ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3247
expires: Sun, 28 Jan 2024 00:04:05 GMT

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame B9BF 107 KB
13 KB 261ms
260ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:04 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Sun, 28 Jan 2024 00:04:04 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame B9BF 227 B
271 B 274ms
271ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:04 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Sun, 28 Jan 2024 00:04:04 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame B9BF 2 KB
374 B 273ms
270ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:04 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Sun, 28 Jan 2024 00:04:04 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame B9BF 28 KB
8 KB 265ms
262ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:04 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Sun, 28 Jan 2024 00:04:04 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame B9BF 3 KB
850 B 272ms
270ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:04 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Sun, 28 Jan 2024 00:04:04 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame B9BF 86 KB
29 KB 285ms
282ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:04 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Sun, 28 Jan 2024 00:04:04 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame B9BF 13 KB
5 KB 282ms
279ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:04 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Sun, 28 Jan 2024 00:04:04 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame B9BF 157 KB
26 KB 41ms
38ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:04 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6370186
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame B9BF 30 KB
7 KB 49ms
46ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 4465841
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4c3a2a4f21d9-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame B9BF 21 KB
8 KB 42ms
39ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:04 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4041570
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame B9BF 62 KB
16 KB 43ms
39ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:04 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4489634
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 7CC9 0
579 B 133ms
129ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2F&r=https%3A%2F%2Fmarkas-prediktor.info%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2F&j=https%3A%2F%2Fmarkas-prediktor.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:04 GMT
x-t: 50.58
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wRlpcWZtpqN2GM0ji4AKFjDEV%2FlUeI%2F6AZZNUbXgK%2BM2%2BjjUK4abxACNXY0SrqAGkOQAeSKbaJmZX0AOFIDPktCZabSaUSKKdItA8Ec9QC1lG6sk1DrOdZDHWaOtzoEpgcY5JB8s%2FkkkBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web4.ny1.dtscdn.com
cf-ray: 848b4c3a9a30287a-MIA
expires: Sun, 21 Jan 2024 00:07:30 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 7CC9 33 KB
11 KB 71ms
67ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2F&j=https%3A%2F%2Fmarkas-prediktor.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38445
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: RIt8UXepFVsD8DdhnO2ZgOdxrh-952K6PRZso_xFu_Odw4CNzKmY2A==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 7CC9 2 KB
3 KB 85ms
83ms Script
application/javascript 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2F&j=https%3A%2F%2Fmarkas-prediktor.info%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

c4425bf79d38f326138bacaa3c55d3b01eb90cd641e3e0f56f88ac721b3902b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:04 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 7CC9 51 B
384 B 263ms
260ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=1actuvzbj4&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=ooe6&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2F&j=https%3A%2F%2Fmarkas-prediktor.info%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af4a3949360bc20ee2dfbfb0c1cb8ecf174c1c0a172b7e06b2b7c9ba1d711ade

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
x-t: 0.13
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfTr9COrd1V0ObuOxNQyUppotOJGwZpemEN6WuW1BDoSRs45OpNjF9eKDyLMFd2ANoXZCNgxlYPzPY9LJLFcH9eYNmjEbnhnkzrV6bRvtaRP2psmng7sAKN%2FYNejV1pN3K8YkRmuXfBCK2M%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c3a9fc56dc2-MIA
expires: Sun, 21 Jan 2024 00:04:04 GMT

GET
H3 200 7.png
zona-bermain.com/script/ Frame B9BF 24 KB
25 KB 267ms
267ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Sun, 28 Jan 2024 00:04:05 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame B9BF 25 KB
25 KB 280ms
279ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Sun, 28 Jan 2024 00:04:05 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame B9BF 25 KB
25 KB 259ms
255ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Sun, 28 Jan 2024 00:04:05 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame B9BF 25 KB
25 KB 283ms
276ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Sun, 28 Jan 2024 00:04:05 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame B9BF 25 KB
25 KB 305ms
299ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Sun, 28 Jan 2024 00:04:05 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame B9BF 25 KB
25 KB 359ms
353ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Sun, 28 Jan 2024 00:04:05 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame B9BF 24 KB
24 KB 378ms
372ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Sun, 28 Jan 2024 00:04:05 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame B9BF 25 KB
25 KB 397ms
392ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Sun, 28 Jan 2024 00:04:05 GMT

GET
H3 200 5.png
zona-bermain.com/script/ Frame B9BF 25 KB
25 KB 422ms
416ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/5.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5f535c3b2a3e766186afdfcdcc69c61bdabd63853a8a22b30795fa317b28c453

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25302
expires: Sun, 28 Jan 2024 00:04:05 GMT

GET
H3 200 0.png
zona-bermain.com/script/ Frame B9BF 25 KB
25 KB 437ms
432ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Sun, 28 Jan 2024 00:04:05 GMT

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame B9BF 43 B
182 B 199ms
66ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:05 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame B9BF 3 KB
1 KB 457ms
452ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Sun, 28 Jan 2024 00:04:05 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame B9BF 8 KB
2 KB 325ms
319ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Sun, 28 Jan 2024 00:04:05 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame B9BF 6 KB
2 KB 327ms
321ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Sun, 28 Jan 2024 00:04:05 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame B9BF 112 KB
34 KB 329ms
323ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Sun, 28 Jan 2024 00:04:05 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame B9BF 4 KB
2 KB 357ms
351ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Sun, 28 Jan 2024 00:04:05 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 7CC9 50 B
463 B 72ms
72ms Fetch
application/json 18.173.132.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-31.jfk52.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:03:41 GMT
via: 1.1 39174a6a452e175e6e614ff396a4ca4e.cloudfront.net (CloudFront), 1.1 e70925a92da0404e239c3620389c3dd0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C1, JFK52-P2
age: 68424
x-amzn-requestid: 88cd2131-7557-428e-9045-65d0ae9175ea
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: R0oXJECsCYcENZg=
content-length: 50
x-amz-cf-id: Xm-bFcZU5hrm09CZRQ-SCLAgjhUVIuKmjlU3Vt8u2qxzOIuudVTqhw==

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 7CC9 2 KB
2 KB 67ms
65ms Script
application/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9844066439049286&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

58627f33bcb7b5ed28675fa89d0a45aa0107bfcbec0b17bd3ffb5ac99b763943

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Sun, 21 Jan 2024 01:04:05 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 7CC9 42 B
265 B 69ms
67ms Image
image/gif 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fmarkas-prediktor.info%2F&event_source=dtscout&rnd=0.9844066439049286&exptid=ZGgABWWsX20AAAAIA2FBAw%3D%3D&fcmp=false

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 0D8C 2 KB
1 KB 72ms
70ms Document
text/html 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9844066439049286&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sun, 21 Jan 2024 00:04:05 GMT
Expires: Sun, 28 Jan 2024 00:04:05 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame B9BF 11 KB
5 KB 52ms
47ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39480
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c3c6e06d9d5-MIA
content-length: 4547

GET
H2 200 poltar.php Show response
kaptenoleng.com/ Frame 83CD 10 KB
2 KB 325ms
322ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:05 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame B9BF 75 KB
76 KB 44ms
43ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 52937
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0169a029d86cd905494d0223eb6c0fce
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4c3c69b9497c-MIA
cdn-requestpullsuccess: True

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 7E39 0
0 70ms
70ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=34554
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://raja.hoki2d.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:05 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: FQNeHLH7-EsL_N9gCb06i_g-EYFQRwFyapQdSuz1X6e58BCe03YY3w==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame A954
Redirect Chain

https://um.simpli.fi/lj_match?r=62028
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

68ms
68ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:05 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:05 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:05 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 7CC9 5 KB
2 KB 63ms
62ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2440
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: WjcH5ejdUPt4atic6R3KtZGSRbn92QSZsMS2nhVtqA0UH0aevIkDEw==

GET
H/1.1

200
OK

52164
i.liadm.com/s/ Frame 12FE
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=15418
https://x.bidswitch.net/sync?ssp=liveintent&user_id=8fa0be99-2128-4576-ba8e-19bd665ac5d9
https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=8fa0be99-2128-4576-ba8e-19bd665ac5d9
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=liveintent&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=liveintent&gdpr=0&user_id=1sAAT9WTVhnNlwUc0pZMH4aTUB3NkVgV18S5ytDe
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=6b5464a1-2869-4888-acd3-3d2426159c4f

43 B
633 B

60ms
59ms

Image
image/gif

107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=6b5464a1-2869-4888-acd3-3d2426159c4f

Requested by

Host: markas-prediktor.info
URL: https://markas-prediktor.info/

Protocol

HTTP/1.1

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:05 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: //i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=6b5464a1-2869-4888-acd3-3d2426159c4f
Date: Sun, 21 Jan 2024 00:04:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sovrn_standalone_beacon.js Show response
ap.lijit.com/www/sovrn_beacon_standalone/ 9 KB
4 KB 75ms
74ms Script
text/javascript 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: b4208c430fb204fc4903653c1c36f9832e2c3bfb742a6828e96878e328d8e26e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sky.pasukanantidepo.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:05 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Jul 2023 16:20:24 GMT
Server: nginx
ETag: W/"64c7df48-22bf"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Sun, 21 Jan 2024 01:04:05 GMT

GET
H3

200

/ Show response
zona-bermain.com/paito-warna-china/ Frame 7AC4
Redirect Chain

https://zona-bermain.com/paito-warna-china
https://zona-bermain.com/paito-warna-china/

265 KB
34 KB

530ms
530ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/paito-warna-china/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

d82ebc31b6566cb998481cb1ed1648c2d5d4af40076cb6bc6a8fcca7b738fb25

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/prediksi-cambodia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:06 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/103>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=103>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:05 GMT
location: https://zona-bermain.com/paito-warna-china/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1268.23380/a/US/ Frame 6F49 19 KB
9 KB 74ms
73ms Script
text/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:05 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8535
Expires: Sun, 28 Jan 2024 00:04:05 GMT

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame B9BF 437 B
572 B 201ms
66ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20CAMBODIA%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-10843878&@b3:1705795445&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fprediksi-cambodia%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 5759df7d0a6416c5942bf98dc8de853d7caafc1883eac27a412a7f3e882741a6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:05 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 7CC9 117 B
536 B 67ms
67ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: dc5b5945c7eb323b051de03b7b7a296353523d2d4847b9ed8a948344e59c4728

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 132

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 6F49 0
289 B 65ms
65ms Image
text/plain 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGgABWWsX20AAAAIA2FBAw%253D%253D&tt=t.dhj&dhjLcy=1705795445132&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23380&ell=d&cck=__stid&dmn=markas-prediktor.info&pn=%2F&qs=na&cc=US&cont=NA&evid=6JOVp0YAGBUdSsOOyT__&urls=&rnd=1705795445371&cid=c010&version=1.1268.23380&cc=US&cont=NA&cls=C&repeat=0&htmLcy=114&bcnLcy=112

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:05 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Sun, 21 Jan 2024 00:04:05 GMT

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame B9BF 13 KB
4 KB 53ms
50ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 40126
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c3e78d2d9d5-MIA
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame B9BF 6 KB
3 KB 261ms
259ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-cambodia%2F&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20CAMBODIA%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-10843878&@b3:1705795445&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fprediksi-cambodia%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d5a255dc0684d673df1af5b7336b70a7903d63a10c245f33ca98e7b3d30558e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
x-t: 0.256
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W6%2FA16U5Fu2vIrddFm8p5k9HLd4QfBgeNeULtMapq1%2Bqcl8IhZVd41IevlYLRyNA5lB%2Fb8q1B6Nc0MtG8YpZRvGJpZelkUfNTbD9IF%2B%2Fycs7rmMa9CDNasF2c81AbKh5fzE4Pt%2Bv7SGWhWE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c3e7c486dc2-MIA
expires: Sun, 21 Jan 2024 00:04:04 GMT

GET
H2 200 bbjs.js Show response
bungaprediction.top/ Frame 83CD 15 KB
4 KB 620ms
270ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3247
expires: Sun, 28 Jan 2024 00:04:05 GMT

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame B9BF 18 KB
5 KB 258ms
255ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-cambodia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Sun, 28 Jan 2024 00:04:05 GMT

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 2D22
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=65224
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=8fa0be99-2128-4576-ba8e-19bd665ac5d9
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=8fa0be99-2128-4576-ba8e-19bd665ac5d9

42 B
716 B

64ms
64ms

Image
image/gif

107.23.44.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=8fa0be99-2128-4576-ba8e-19bd665ac5d9

Requested by

Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/

Protocol

Server

107.23.44.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-44-245.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v053-06c4a2891.edge-va6.demdex.com 5 ms
pragma: no-cache
date: Sun, 21 Jan 2024 00:04:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: oL9ZtE5JRds=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-1-v053-0c0cc9ae6.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Sun, 21 Jan 2024 00:04:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: FNCFI088T1Q=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=8fa0be99-2128-4576-ba8e-19bd665ac5d9
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame A954
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=98215
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=8fa0be99-2128-4576-ba8e-19bd665ac5d9
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=8fa0be99-2128-4576-ba8e-19bd665ac5d9

42 B
716 B

63ms
62ms

Image
image/gif

107.23.44.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=8fa0be99-2128-4576-ba8e-19bd665ac5d9

Requested by

Host: rtx.dudasoleh.lol
URL: https://rtx.dudasoleh.lol/

Protocol

Server

107.23.44.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-44-245.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v053-080f9a2ef.edge-va6.demdex.com 5 ms
pragma: no-cache
date: Sun, 21 Jan 2024 00:04:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: G7+1WzF2Tts=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-1-v053-02e88a997.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Sun, 21 Jan 2024 00:04:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: ex9zLGjJSeM=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=8fa0be99-2128-4576-ba8e-19bd665ac5d9
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame A14D 85 B
482 B 64ms
62ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://rtx.dudasoleh.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134894
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: tXxbXQ1QpreusHl_oQ0fsB_sZR-_FMkEA_0VcOqh2EIC1FmKTF4EfQ==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 12FE 0
142 B 79ms
78ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=76240&pu=https://king.laskar2d.xyz/
Requested by: Host: markas-prediktor.info
URL: https://markas-prediktor.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:04 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: CA48B1ECB2C74B40A471DA0E1D617E29 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXOawwfLXydvciW/Eg==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame B9BF 0
446 B 133ms
131ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2Fprediksi-cambodia%2F&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-cambodia%2F&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
x-t: 50.65
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LV6SkkH%2Bv6gZrHcYlnNmsi8D%2FB2irJEqZCEjhYscnqPf5VxCA2ndtN%2BWMkm3XOFTLg3%2FPlF8tfvwCZ%2BZA0Pz1wIgRHdclCaCcGdWcorWTo2j%2BLLOMQoVRhLCw3AJpyrIG4Fl3iBj7flVKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web4.ny1.dtscdn.com
cf-ray: 848b4c407bd2287a-MIA
expires: Sun, 21 Jan 2024 00:07:31 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame B9BF 33 KB
11 KB 68ms
67ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-cambodia%2F&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38446
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: -ElWTGCuGyszmq6CKcrKW0bQrWoMhD9WnG-qmxG2VUom6ZBcqYhUcw==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame B9BF 2 KB
3 KB 70ms
69ms Script
application/javascript 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-cambodia%2F&j=https%3A%2F%2Fzona-bermain.com%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

c4425bf79d38f326138bacaa3c55d3b01eb90cd641e3e0f56f88ac721b3902b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame B9BF 0
332 B 260ms
260ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=1actuvzbj4&_pv=2&_ls=1&_cc=us&_pl=d&_b=chrome%40120&_cbid=46pr&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-cambodia%2F&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
x-t: 0.087
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDoE50cXFecqFV3Ma%2BfWX5bUzHU1TWpex%2FWlnkqgGs55ILQiPB9UZLZTO%2FN0QrAMdwEW7i82%2BohKKSQM%2Fm1%2Brt9vkp7khWe7tgq0nN9P4bb2670ENg3L2hTt0v0DVe4neMLMfusPSNdRtt8%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c407ed16dc2-MIA
expires: Sun, 21 Jan 2024 00:04:05 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame A14D 766 B
1 KB 67ms
67ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401250
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: wn8unvyR8wQSs1UliIvwm-8vd-RefOoa9E6iFHPvdtlxWUDTxeF77g==

GET
H2 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame B9BF 230 B
540 B 37ms
32ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 2
date: Sun, 21 Jan 2024 00:04:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame B9BF 231 B
541 B 36ms
33ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 2
date: Sun, 21 Jan 2024 00:04:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame B9BF 2 KB
2 KB 66ms
65ms Script
application/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.34642252567818255&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

58627f33bcb7b5ed28675fa89d0a45aa0107bfcbec0b17bd3ffb5ac99b763943

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Sun, 21 Jan 2024 01:04:05 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame B9BF 42 B
265 B 69ms
68ms Image
image/gif 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fzona-bermain.com%2F&event_source=dtscout&rnd=0.34642252567818255&exptid=ZGgABWWsX20AAAAIA2FBAw%3D%3D&fcmp=false

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:05 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame B9BF 5 KB
2 KB 61ms
61ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2440
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: khnFcI43afW_vewPURpjfskoJbDE7Whr7a3wEJTzELiBiGW4iFM2OA==

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 7CC9 43 B
177 B 65ms
63ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:05 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame B9BF 167 B
581 B 66ms
66ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 0ABB 2 KB
1 KB 65ms
65ms Document
text/html 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.34642252567818255&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sun, 21 Jan 2024 00:04:06 GMT
Expires: Sun, 28 Jan 2024 00:04:06 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 83CD 11 KB
4 KB 55ms
54ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39481
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c42ae98d9d5-MIA
content-length: 4547

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 613D 11 KB
5 KB 45ms
44ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39481
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c42ae9cd9d5-MIA
content-length: 4547

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame 613D 435 B
570 B 198ms
66ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-177162915&@b3:1705795446&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: bc92016452821960939643e008d184c29fb703819637a5c120994a15dea25451

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:06 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 2D22 0
141 B 79ms
77ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=15869&pu=https://rtx.dudasoleh.lol/
Requested by: Host: raja.hoki2d.xyz
URL: https://raja.hoki2d.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:05 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 25683184CBAB43E5A41BFF434AF03C3E Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:06Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXOi4Mo/gOiargIIWg==

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 12FE
Redirect Chain

https://um.simpli.fi/lj_match?r=60114
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

67ms
67ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: markas-prediktor.info
URL: https://markas-prediktor.info/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:06 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:06 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:06 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1268.23380/a/US/ Frame 939A 19 KB
9 KB 74ms
72ms Script
text/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:06 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8535
Expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame 83CD 435 B
570 B 215ms
75ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:2016258&@b3:1705795446&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: bc92016452821960939643e008d184c29fb703819637a5c120994a15dea25451

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:06 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame 7AC4 107 KB
13 KB 257ms
255ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 7AC4 227 B
271 B 271ms
268ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 7AC4 2 KB
374 B 271ms
269ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 7AC4 28 KB
8 KB 272ms
269ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 7AC4 3 KB
827 B 272ms
270ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 7AC4 86 KB
29 KB 272ms
269ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 7AC4 13 KB
5 KB 286ms
284ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 7AC4 157 KB
26 KB 36ms
33ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:06 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6370187
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 7AC4 30 KB
7 KB 42ms
40ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 4465843
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4c438edb21d9-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 7AC4 21 KB
8 KB 36ms
34ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:06 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4041571
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 7AC4 62 KB
16 KB 37ms
35ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:06 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4489636
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 939A 0
289 B 65ms
65ms Image
text/plain 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGgABWWsX20AAAAIA2FBAw%253D%253D&tt=t.dhj&dhjLcy=1705795446150&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23380&ell=d&cck=__stid&dmn=zona-bermain.com&pn=%2F&qs=na&cc=US&cont=NA&evid=AaOVp0YADCiCJzzddoxr&urls=&rnd=1705795446402&cid=c010&version=1.1268.23380&cc=US&cont=NA&cls=C&repeat=0&htmLcy=121&bcnLcy=94

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:06 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Sun, 21 Jan 2024 00:04:06 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-content/themes/asteroid/assets/js/ Frame 7AC4 95 KB
32 KB 264ms
263ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/assets/js/jquery.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 32851
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H3 200 table.js Show response
zona-bermain.com/wp-content/themes/asteroid/assets/js/ Frame 7AC4 2 KB
801 B 262ms
261ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/assets/js/table.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

b51bfeff329c0195ee3437eb0cad7a24cecc800620b4e4c847fba2dd44cddc59

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 755
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H3 200 warna.js Show response
zona-bermain.com/wp-content/themes/asteroid/assets/js/ Frame 7AC4 13 KB
3 KB 262ms
260ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/assets/js/warna.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

60e20b6d9d14fa44ca8ca91b46f8650c695793e879be3cf1fa6f8e2ba0561045

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3215
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H3 200 7.png
zona-bermain.com/script/ Frame 7AC4 24 KB
24 KB 258ms
257ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame 7AC4 25 KB
25 KB 281ms
281ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame 7AC4 25 KB
25 KB 256ms
255ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame 7AC4 25 KB
25 KB 279ms
277ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame 7AC4 25 KB
25 KB 285ms
283ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame 7AC4 25 KB
25 KB 332ms
330ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame 7AC4 24 KB
24 KB 336ms
334ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame 7AC4 25 KB
25 KB 349ms
348ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H3 200 5.png
zona-bermain.com/script/ Frame 7AC4 25 KB
25 KB 361ms
360ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/5.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5f535c3b2a3e766186afdfcdcc69c61bdabd63853a8a22b30795fa317b28c453

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25302
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H3 200 0.png
zona-bermain.com/script/ Frame 7AC4 25 KB
25 KB 376ms
375ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame 7AC4 43 B
182 B 197ms
66ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:06 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 7AC4 3 KB
1 KB 390ms
389ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 7AC4 8 KB
2 KB 305ms
303ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 7AC4 6 KB
2 KB 306ms
303ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 7AC4 112 KB
34 KB 306ms
303ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 7AC4 4 KB
2 KB 332ms
330ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Sun, 28 Jan 2024 00:04:06 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame F6B3 0
0 71ms
70ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=49093
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:06 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: R0p095IaUHSFPR3oyn-02EvC4cV5Qaht8wq39Ydw0E6HlBISaRFLNA==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ Frame A954 4 KB
1 KB 251ms
123ms XHR
application/json 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer: https://rtx.dudasoleh.lol/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 21 Jan 2024 00:04:07 GMT
content-encoding: gzip
via: 1.1 e23983892b1c8fb4d47f943c0ee29028.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
etag: W/"f16e89fd08a708a6bd2e69be50fd30ab"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: public, max-age=86400
x-amz-cf-id: Okz3p6tGPdnamK90On2zLRmq9HWs8Oh2UotC8xfS9h1dzHUfRrGZ3g==

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ Frame DEC6 4 KB
1 KB 235ms
107ms XHR
application/json 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer: https://bolo.treksantuy.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 21 Jan 2024 00:04:07 GMT
content-encoding: gzip
via: 1.1 e23983892b1c8fb4d47f943c0ee29028.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
etag: W/"f16e89fd08a708a6bd2e69be50fd30ab"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: public, max-age=86400
x-amz-cf-id: EOb853euy7jVocxaAIXkklybQqChUW4oHILEA7o_jAfuWai_HCMjgw==

GET
H2 204 sync
thrtle.com/ Frame A954 0
466 B 60ms
60ms Image
text/plain 54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 613D 22 KB
12 KB 48ms
48ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 33289
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c460cd4d9d5-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 613D 6 KB
3 KB 262ms
262ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-177162915&@b3:1705795446&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 004b235c650234e4792b9c09782e766ddf5e7d7e4fa4c0a0fbc17f6458fa49e6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
x-t: 0.234
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cef47hXaYs9hjJ7Jl4YqCX%2FS1u560TTUsJb2028haZL2BdHH1c8wAqRKmXLV%2FZaeVjw0l6TBJuv5nXYyj2aQD%2Fx3KYund9Hfnx16AbHJYn0mxXV5iGKZLPr1Tv%2BSGJI73Bs4aZgyCTepXFA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c460c826dc2-MIA
expires: Sun, 21 Jan 2024 00:04:05 GMT

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 83CD 22 KB
12 KB 70ms
69ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 33289
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c460cdcd9d5-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 83CD 6 KB
3 KB 260ms
260ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:2016258&@b3:1705795446&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a436a8f1d3c3d64e101ccccaf015da14ed19efaa8a4a2b6a45ed6bed6ac92a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
x-t: 0.216
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cMGt9q5biEWOlHyX5NHgwW8AJeukliMpvOmddBJPabtfTbeURidVsT17ZzPnUA9Vv%2BiyOhxWqxbGHWSNQhLFRn8n%2F2MXpAXBcY3MXTbVUEEbuOuEdu71xpR70HUF%2B504DjzNuuGHn%2FiM3I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c460c8e6dc2-MIA
expires: Sun, 21 Jan 2024 00:04:05 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 7AC4 11 KB
5 KB 45ms
45ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39481
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c465d60d9d5-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
kaptenoleng.com/ Frame 9608 10 KB
3 KB 289ms
289ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:06 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 7AC4 75 KB
76 KB 47ms
47ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 52938
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0169a029d86cd905494d0223eb6c0fce
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4c4669df497c-MIA
cdn-requestpullsuccess: True

GET
H3

200

/ Show response
zona-bermain.com/prediksi-japan/ Frame 029C
Redirect Chain

https://zona-bermain.com/prediksi-japan
https://zona-bermain.com/prediksi-japan/

97 KB
20 KB

508ms
507ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/prediksi-japan/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

ee919d4b7c87e1eb916b03c24e78bc8ec4aa24c90e2d50c4d9b5623127f6bea2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/paito-warna-china/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:07 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/89>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=89>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:07 GMT
location: https://zona-bermain.com/prediksi-japan/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 2D22
Redirect Chain

https://um.simpli.fi/lj_match?r=78756
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

68ms
66ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:07 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:06 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:06 GMT

GET
H/1.1

200
OK

img
sync.mathtag.com/sync/ Frame 12FE
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=71305
https://b1sync.zemanta.com/usersync/liveintent/?cb=//i.liadm.com/s/35004?bidder_id%3D98254%26bidder_uuid%3D__ZUID__
https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__&s=2
https://i.liadm.com/s/35004?bidder_id=98254&bidder_uuid=1Bu4xf2XPXxbxgMBfx1h
https://sync.mathtag.com/sync/img?mt_exid=36&8fa0be99-2128-4576-ba8e-19bd665ac5d9

43 B
589 B

224ms
70ms

Image
image/gif

216.200.232.253
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=36&8fa0be99-2128-4576-ba8e-19bd665ac5d9
Requested by: Host: markas-prediktor.info
URL: https://markas-prediktor.info/
Protocol: HTTP/1.1
Server: 216.200.232.253 Frederick, United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1237 600843f master ord ord-pixel-x22 config_version:"2538" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:07 GMT
Server: MT3 1237 600843f master ord ord-pixel-x22 config_version:"2538"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Sun, 21 Jan 2024 00:04:06 GMT

Redirect headers

Location: https://sync.mathtag.com/sync/img?mt_exid=36&8fa0be99-2128-4576-ba8e-19bd665ac5d9
Date: Sun, 21 Jan 2024 00:04:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame FB83 85 B
482 B 78ms
78ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://markas-prediktor.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134895
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: mDbuwxUoDYa7YLaxwrE29qtS0nfScjsN9BWXpDhnBjq6tlUBaNeGyw==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame B9BF 43 B
177 B 86ms
86ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ Frame DEC6 317 B
1 KB 111ms
111ms XHR
application/json 34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ab607690fecc69130def53f786be46af206751fdccc1f26092439b03572fb276

Request headers

Referer: https://bolo.treksantuy.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://bolo.treksantuy.xyz
cache-control: no-cache
x-server: 10.40.48.111
access-control-allow-credentials: true
content-length: 317
expires: 0

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ Frame A954 325 B
1 KB 117ms
116ms XHR
application/json 34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8a452138116838a9e104da11be6bdd4e677cf95fa2ab2783fd6ff541f4f02bc7

Request headers

Referer: https://rtx.dudasoleh.lol/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://rtx.dudasoleh.lol
cache-control: no-cache
x-server: 10.40.3.114
access-control-allow-credentials: true
content-length: 325
expires: 0

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame 7AC4 437 B
572 B 204ms
66ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20CHINA%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fprediksi-cambodia%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-28961636&@b3:1705795447&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fpaito-warna-china%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 5759df7d0a6416c5942bf98dc8de853d7caafc1883eac27a412a7f3e882741a6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:07 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 613D 0
459 B 86ms
81ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:07 GMT
x-t: 1.21
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2FPW5qDw5Vms35pu2o6x5ETI2jMybzay022AnCRypLLk9qBmQGcuzkBtOz6rNKgxCHgolda%2BspVs1Lw7di7wF5O%2ByJiX9KR7cgqF%2BwW90nOajoSZsc0xC5nRSrimCh6OottHlN5GD%2FLVbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web2.ny1.dtscdn.com
cf-ray: 848b4c482fbf287a-MIA
expires: Sun, 21 Jan 2024 00:07:37 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 613D 33 KB
11 KB 72ms
68ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38448
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: JrMPzqk2CAajoDJ2978JCYSAEvHYr86oeu6qMFa2i5Kmu-3zTe4f5Q==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 613D 2 KB
3 KB 71ms
69ms Script
application/javascript 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

c4425bf79d38f326138bacaa3c55d3b01eb90cd641e3e0f56f88ac721b3902b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:07 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 613D 51 B
381 B 263ms
261ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=3qzb7utbz4&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=6ho5&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c6a0b7cfcab1c08c8f99861136ed18bb224f13ae8506174dc0a7b892b6dfa2d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:07 GMT
x-t: 0.124
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYDO1n%2FpeJ8TMG5i85LHEdTWG7eaAZbCB2dtcUISMByELKMRdmnDxTBXg9JUSWH9cu8J9tzCWlszIyEXMQuwXc9Q69AASWDkITimHXkAyVdsqO2CU15shXK2Zh6C65SPXmYN9JCbAB%2FsHws%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c483ffd6dc2-MIA
expires: Sun, 21 Jan 2024 00:04:06 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 83CD 0
423 B 90ms
90ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:07 GMT
x-t: 1.46
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FXoOXZczXHpX%2Fr2O0%2FnP8dxj3j5VUWaXasDMin3FChjxnyaA%2FR7jsPNWj6mXqqFKksRXR11%2F3zaTnvetqbWNwWTn1GNU6by%2Fp47KSB2QWRGHanOUdOktvdLr01%2FeZsyBUSKsUghfs0u7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web4.ny1.dtscdn.com
cf-ray: 848b4c483fc5287a-MIA
expires: Sun, 21 Jan 2024 00:07:33 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 83CD 33 KB
11 KB 71ms
71ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38448
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: TnED65PevBdSueaTItGs3pxAFXZqlD_kkYmArYAdG7T-WLkkt2MSLA==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 83CD 2 KB
3 KB 68ms
68ms Script
application/javascript 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

c4425bf79d38f326138bacaa3c55d3b01eb90cd641e3e0f56f88ac721b3902b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:07 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 83CD 51 B
335 B 260ms
259ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=3qzb7utbz4&_pv=2&_ls=0&_cc=us&_pl=d&_cbid=445b&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bbb9035fbe7e090380c129371a7aaf18ac887fcb030047cd2363198c5836580

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:07 GMT
x-t: 0.146
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWth49PvQCrG59T2VWfPUhBjJnOgbnXcbKZAviuO%2FnsseJ4JfHJJgoHYzB1TxWtZK863wOX0eSihYqW0pIVKU7IVVrvhM3UCZN7oXf5N%2BBSlkZRxvEwkOZuKG0YOLjobHYSroB57GA6umLk%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c483ffe6dc2-MIA
expires: Sun, 21 Jan 2024 00:04:06 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame FB83 766 B
1 KB 63ms
60ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401252
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: UgR5ig9Ro8fpluEh6tgBDmhebVhjYAOnnLAunG12-s7pcun2uwUe5w==

GET
H2 200 bbjs.js Show response
bungaprediction.top/ Frame 9608 15 KB
3 KB 272ms
270ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Sun, 28 Jan 2024 00:04:07 GMT

POST
H2 200 a
a.dtssrv.com/ Frame DEC6 0
444 B 167ms
85ms Ping
text/html 2606:4700:3036::ac43:a392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/a?i=51A01705795437671B15BDFA0C3AC9B3&k=lotpano&v=b65df0f30ad8e652cf98343bd6d9a9fb927a435607e7603ad66e355cc37f8143
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbolo.treksantuy.xyz%2F&j=https%3A%2F%2Fsky.pasukanantidepo.shop%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bolo.treksantuy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEc55FdrFeGJPl%2B98OU%2BfYQYd345%2FwwHfV65TvB7std1vTqQtNWbLrVkA2yE8B6TPTXQ0R5bBBRBBvQUxdS873SXbt6UJk5OLbcxXzA0Ju%2BvpJsQJd%2Fgap7m50Ps1PCSt47XZ9rYmWMFVwk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 848b4c4a2fff743e-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame 700C 2 KB
1 KB 64ms
63ms Document
text/html 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer: https://bolo.treksantuy.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 68292
cache-control: public, max-age=86400
content-encoding: gzip
content-type: text/html
date: Sat, 20 Jan 2024 05:05:56 GMT
etag: W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified: Tue, 05 Sep 2023 17:36:56 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 dd80355363eac92e0372107558e579a8.cloudfront.net (CloudFront)
x-amz-cf-id: mt2WY-4D8erhg3xZ-HxNLQZHZOYYGfL3QI0_tdcyrb5pq7qbbAmgqg==
x-amz-cf-pop: JFK50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

POST
H2 200 a
a.dtssrv.com/ Frame A954 0
279 B 168ms
91ms Ping
text/html 2606:4700:3036::ac43:a392
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/a?i=51A01705795437671B15BDFA0C3AC9B3&k=lotpano&v=b65df0f30ad8e652cf98343bd6d9a9fb927a435607e7603ad66e355cc37f8143
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Frtx.dudasoleh.lol%2F&j=https%3A%2F%2Fbolo.treksantuy.xyz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a392 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rtx.dudasoleh.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OwIqqPDZmxcUKpVWs4geOPNu6eKS4AFQcV6%2FKU6hj7Nqs4W4W0K7So0ZgTjUao2k2mX%2FeN%2BGehtFXW0Gl9ukIRK%2BYUa8kAWkZ5mgNFOSrkHpU42LymIZVHuMVO4F7MrwGAVutMmFR5Jpq4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 848b4c4a2ffd743e-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame 7B83 2 KB
1 KB 63ms
62ms Document
text/html 108.138.128.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer: https://rtx.dudasoleh.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 68292
cache-control: public, max-age=86400
content-encoding: gzip
content-type: text/html
date: Sat, 20 Jan 2024 05:05:56 GMT
etag: W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified: Tue, 05 Sep 2023 17:36:56 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 dd80355363eac92e0372107558e579a8.cloudfront.net (CloudFront)
x-amz-cf-id: b3EiGTypd9i3hp1PY1JXatJHqzOdhRQU5vWfLYKi8p1WuTbT3Oso-A==
x-amz-cf-pop: JFK50-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

sync
x.bidswitch.net/ Frame 7CC9
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=33628
https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=8fa0be99-2128-4576-ba8e-19bd665ac5d9&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=6b5464a1-2869-4888-acd3-3d2426159c4f
https://ib.adnxs.com/getuid?https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=$UID&gdpr=0
https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=2907085194688289057&gdpr=0
https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=8fa0be99-2128-4576-ba8e-19bd665ac5d9&liid=&_ct=im
https://i.liadm.com/s/19948?bidder_id=178256&bidder_uuid=30803faa99724746b4e202a0eaeab930
https://x.bidswitch.net/sync?dsp_id=42&user_id=

43 B
235 B

67ms
66ms

Image
image/gif

35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=42&user_id=
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/sync?dsp_id=42&user_id=
Date: Sun, 21 Jan 2024 00:04:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 2

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 7AC4 18 KB
5 KB 256ms
256ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:07 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Sun, 28 Jan 2024 00:04:07 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 613D 2 KB
2 KB 66ms
65ms Script
application/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.3474918634845392&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

58627f33bcb7b5ed28675fa89d0a45aa0107bfcbec0b17bd3ffb5ac99b763943

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Sun, 21 Jan 2024 01:04:07 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 613D 42 B
265 B 69ms
68ms Image
image/gif 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fzona-bermain.com%2F&event_source=dtscout&rnd=0.3474918634845392&exptid=ZGgABWWsX20AAAAIA2FBAw%3D%3D&fcmp=false

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:07 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 83CD 2 KB
2 KB 67ms
66ms Script
application/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.12857880324651916&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

58627f33bcb7b5ed28675fa89d0a45aa0107bfcbec0b17bd3ffb5ac99b763943

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Sun, 21 Jan 2024 01:04:07 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 83CD 42 B
265 B 68ms
67ms Image
image/gif 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fzona-bermain.com%2F&event_source=dtscout&rnd=0.12857880324651916&exptid=ZGgABWWsX20AAAAIA2FBAw%3D%3D&fcmp=false

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:07 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 613D 50 B
463 B 71ms
70ms Fetch
application/json 18.173.132.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-31.jfk52.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:03:41 GMT
via: 1.1 836d15812518886911b1ae2be813f462.cloudfront.net (CloudFront), 1.1 e70925a92da0404e239c3620389c3dd0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C1, JFK52-P2
age: 68426
x-amzn-requestid: 8319ba11-3291-49be-91f4-712ce4d53366
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: R0oXJHR0iYcEqTg=
content-length: 50
x-amz-cf-id: XYlwQViXsXVU0B-IOnCPER6gmuybR3m6gw7WSgFmA5bIDhk8sSCOTg==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 83CD 50 B
461 B 70ms
70ms Fetch
application/json 18.173.132.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-31.jfk52.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 05:03:41 GMT
via: 1.1 836d15812518886911b1ae2be813f462.cloudfront.net (CloudFront), 1.1 e70925a92da0404e239c3620389c3dd0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C1, JFK52-P2
age: 68426
x-amzn-requestid: 8319ba11-3291-49be-91f4-712ce4d53366
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: R0oXJHR0iYcEqTg=
content-length: 50
x-amz-cf-id: NBs8IErFCtd4K8ids7FDhos18filSr3MuPyhElJf4DrnsD1aT7d8QQ==

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 7AC4 13 KB
4 KB 45ms
44ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 40128
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c4aab25d9d5-MIA
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 7AC4 6 KB
3 KB 258ms
257ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-china%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-cambodia%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20CHINA%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fprediksi-cambodia%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-28961636&@b3:1705795447&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fpaito-warna-china%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ff46e17b9516b26fe15a008eb811379743f70a0dc4e0d205ca3492c6db6112f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:07 GMT
x-t: 0.236
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWP0RED%2BP5%2BR1HCqlZTRLZ6t7IcFT4Gp5MZ2wzXwHpczjx%2B%2FrhdIhgh7spS4b2BmtRNDvS73n5h325z4ihbmsPKoFjMDwVraNkcBY6NP9epPdGsHeP685W81M6y58alMic4DWubAJCCwlTs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c4a9ade6dc2-MIA
expires: Sun, 21 Jan 2024 00:04:06 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 9608 11 KB
5 KB 50ms
49ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39482
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c4acb6fd9d5-MIA
content-length: 4547

GET
H/1.1

200
OK

sync
x.bidswitch.net/ Frame 2D22
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=33303
https://ib.adnxs.com/getuid?https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=$UID&gdpr=0
https://i.liadm.com/s/81081?bidder_id=91218&bidder_uuid=2907085194688289057&gdpr=0
https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=8fa0be99-2128-4576-ba8e-19bd665ac5d9&liid=&_ct=im
https://i.liadm.com/s/19948?bidder_id=178256&bidder_uuid=64a46fbb83ad4469ae1ee79e792db410
https://x.bidswitch.net/sync?dsp_id=42&user_id=

43 B
235 B

165ms
100ms

Image
image/gif

35.211.178.172
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=42&user_id=
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:08 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/sync?dsp_id=42&user_id=
Date: Sun, 21 Jan 2024 00:04:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame DA11 85 B
482 B 61ms
61ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://raja.hoki2d.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134896
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: rOEmaRlaKTBNBR-3w-g2RFcpNi5WgZiwy8LxyFfTh2wovnrdPLR-fg==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame BE4B 0
0 69ms
68ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=96349
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:07 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: LJhJpvwsOSKdEOeo_tYm6IndPOXnLmRTEOSOuuyyCf6FjboSxiMUKQ==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame 65D0 4 KB
4 KB 60ms
58ms Document
text/html 34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C153%2C148%2C145%2C136%2C122%2C116%2C106%2C104%2C94%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: b132743c6a2881f37317b4e03c8c64ba93fa2457a77041b846d961ad13f6ac3e

Request headers

Referer: https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-length: 4072
content-type: text/html
date: Sun, 21 Jan 2024 00:04:07 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.40.14.154

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame 6FBF 3 KB
4 KB 59ms
59ms Document
text/html 34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C155%2C154%2C150%2C142%2C135%2C132%2C125%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C86%2C79%2C76%2C65%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: cc2efd0dc47177ffb2cb1b570e930d9953f420857d299c3c05366afc05f87568

Request headers

Referer: https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-length: 3461
content-type: text/html
date: Sun, 21 Jan 2024 00:04:07 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.40.3.69

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 959E 2 KB
1 KB 67ms
66ms Document
text/html 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.3474918634845392&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sun, 21 Jan 2024 00:04:07 GMT
Expires: Sun, 28 Jan 2024 00:04:07 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame B3A1 2 KB
1 KB 68ms
68ms Document
text/html 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.12857880324651916&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sun, 21 Jan 2024 00:04:07 GMT
Expires: Sun, 28 Jan 2024 00:04:07 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame 9608 435 B
570 B 200ms
68ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-193372388&@b3:1705795448&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: bc92016452821960939643e008d184c29fb703819637a5c120994a15dea25451

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:07 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame DA11 766 B
1 KB 61ms
61ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401252
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: VfCnKPYKM29tU8Rw81TUAoP-NWylvQvtWG3YrEjbtG1CsDWIFsszeQ==

GET
H2

204

/
partner.mediawallahscript.com/ Frame 65D0
Redirect Chain

https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=ab64fa0e90b9b1997c07960e3f815611&custom=&tag_format=img&tag_action=sync
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=ab64fa0e90b9b1997c07960e3f815611&custom=&tag_format=img&tag_action=sync&final=true&reqid=98bd4940-b7f0-11ee-8ef5-8b1ef9e46...
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=2907085194688289057&tag_format=img&tag_action=sync
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=98c73450-b7f0-11ee-935c-cb27d312f951?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile...
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=ab64fa0e90b9b1997c07960e3f815611&tag_format=img&tag_action=sync&cb=348872348
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79&tag_format=img&tag_action=sync&cb=
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=98c73450-b7f0-11ee-935c-cb27d312f951&cb=1705795448348&rmn=y&redirect=https%3A%2F%2Fpartner.me...
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=567b8665-1f46-4481-b3fa-010aad7783dc&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1705795448348
https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync
https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=995c6f70-b7f0-11ee-b489-7530d5baf48f

0
406 B

62ms
60ms

Image
text/plain

18.206.31.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=995c6f70-b7f0-11ee-b489-7530d5baf48f
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C153%2C148%2C145%2C136%2C122%2C116%2C106%2C104%2C94%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 18.206.31.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-206-31-226.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Sun, 21 Jan 2024 00:04:08 GMT
cache-control: private, no-cache, must-revalidate, no-store, max-age=0
server: nginx
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=995c6f70-b7f0-11ee-b489-7530d5baf48f
date: Sun, 21 Jan 2024 00:04:08 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 65D0
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=ab64fa0e90b9b1997c07960e3f815611
https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=ab64fa0e90b9b1997c07960e3f815611&dcc=t

43 B
855 B

106ms
105ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=ab64fa0e90b9b1997c07960e3f815611&dcc=t

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C153%2C148%2C145%2C136%2C122%2C116%2C106%2C104%2C94%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JK9MQM4CKXJN1MSVE32Q
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: T1C9Q8PAFNG1FGFPDBH1
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=a8acf3b3-7ede-4e18-8405-edaf41005f97&id=ab64fa0e90b9b1997c07960e3f815611&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/ Frame 65D0
Redirect Chain

https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0
https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1

0
316 B

58ms
57ms

Image
text/plain

216.22.16.57
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C153%2C148%2C145%2C136%2C122%2C116%2C106%2C104%2C94%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Server: 216.22.16.57 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1
pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5570425638240000285/gdpr=/ Frame 65D0
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1040
https://c1.adform.net/serving/cookie/match?CC=1&party=1040
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5570425638240000285/gdpr=/gdpr_consent=

49 B
265 B

65ms
64ms

Image
image/gif

34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5570425638240000285/gdpr=/gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C153%2C148%2C145%2C136%2C122%2C116%2C106%2C104%2C94%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:08 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.52.126
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5570425638240000285/gdpr=/gdpr_consent=
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 65D0
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A0E219F0-02B3-4137-B8CA-48C3BF25EB31&gdpr=0

49 B
265 B

70ms
69ms

Image
image/gif

34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A0E219F0-02B3-4137-B8CA-48C3BF25EB31&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C153%2C148%2C145%2C136%2C122%2C116%2C106%2C104%2C94%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.60.147
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A0E219F0-02B3-4137-B8CA-48C3BF25EB31&gdpr=0
date: Sun, 21 Jan 2024 00:04:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK 41715
i.liadm.com/s/ Frame 65D0 43 B
673 B 70ms
59ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=ab64fa0e90b9b1997c07960e3f815611

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:07 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79/gdpr=0/ Frame 65D0
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79/gdpr=0/gdpr_consent=

49 B
265 B

72ms
70ms

Image
image/gif

34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79/gdpr=0/gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C153%2C148%2C145%2C136%2C122%2C116%2C106%2C104%2C94%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.49.157
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79/gdpr=0/gdpr_consent=
date: Sun, 21 Jan 2024 00:04:07 GMT
server: Kestrel
content-length: 249

GET
H2

200

tpid=3f0e3619-356c-4f14-80e4-391e99eb1d58
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 65D0
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=ab64fa0e90b9b1997c07960e3f815611&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D3f0e3619-356c-4f14-80e4-391e99eb1d58%252Chttps%2525...
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2907085194688289057&pt=3f0e3619-356c-4f14-80e4-391e99eb1d58%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%25...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=3f0e3619-356c-4f14-80e4-391e99eb1d58

49 B
264 B

64ms
63ms

Image
image/gif

34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=3f0e3619-356c-4f14-80e4-391e99eb1d58
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C153%2C148%2C145%2C136%2C122%2C116%2C106%2C104%2C94%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.10.67
content-length: 49
expires: 0

Redirect headers

date: Sun, 21 Jan 2024 00:04:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=3f0e3619-356c-4f14-80e4-391e99eb1d58
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

tpid=ac03efbe7dcc36e3406ab8835edc0195
sync.crwdcntrl.net/map/c=10832/tp=TRUP/ Frame 65D0
Redirect Chain

https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=ac03efbe7dcc36e3406ab8835edc0195

49 B
264 B

66ms
65ms

Image
image/gif

34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=ac03efbe7dcc36e3406ab8835edc0195
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C153%2C148%2C145%2C136%2C122%2C116%2C106%2C104%2C94%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.13.75
content-length: 49
expires: 0

Redirect headers

date: Sun, 21 Jan 2024 00:04:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 142
x-xss-protection: 1; mode=block
pragma: no-cache
to-dmp-sync: s1b-dmp-use1-aws.truoptik.com
server: cloudflare
user-agent: Tru Optik DMP 1.3.1
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=ac03efbe7dcc36e3406ab8835edc0195
access-control-allow-origin: *
cache-control: no-store
cf-ray: 848b4c4c6cd49ae0-MIA
expires: 0

GET
H2 200 ibs:dpid=121998&dpuuid=ab64fa0e90b9b1997c07960e3f815611&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0
dpm.demdex.net/ Frame 65D0 42 B
715 B 71ms
57ms Image
image/gif 107.23.44.245
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=ab64fa0e90b9b1997c07960e3f815611&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.23.44.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-44-245.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v053-066e48067.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: ce2m1aBgR6I=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

image.sbxx
ib.mookie1.com/ Frame 65D0
Redirect Chain

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=ab64fa0e90b9b1997c07960e3f815611
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=ab64fa0e90b9b1997c07960e3f815611

120 B
981 B

281ms
69ms

Image
image/png

69.169.85.7
AMC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=ab64fa0e90b9b1997c07960e3f815611
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C153%2C148%2C145%2C136%2C122%2C116%2C106%2C104%2C94%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Server: 69.169.85.7 Commack, United States, ASN29838 (AMC, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:08 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/png
p3p: CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: NY12
Content-Length: 120
Expires: -1

Redirect headers

Date: Sun, 21 Jan 2024 00:04:07 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=ab64fa0e90b9b1997c07960e3f815611
Access-Control-Allow-Origin: *
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Cache-Control: private
X-Server: LAS12
Content-Length: 217

GET
H3 200 utsync.ashx
ml314.com/ Frame 65D0 43 B
60 B 82ms
74ms Image
image/gif 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=50146&et=0&fp=ab64fa0e90b9b1997c07960e3f815611&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C153%2C148%2C145%2C136%2C122%2C116%2C106%2C104%2C94%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: image/gif
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0,Mon, 22 Jan 2024 00:04:07 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 65D0
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-aafc3a0b-9e29-5b97-53d1-4ca8ee376e7d$ip$38.132.118.71&gdpr=0&gdpr_consent=

49 B
265 B

68ms
68ms

Image
image/gif

34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-aafc3a0b-9e29-5b97-53d1-4ca8ee376e7d$ip$38.132.118.71&gdpr=0&gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C153%2C148%2C145%2C136%2C122%2C116%2C106%2C104%2C94%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.48.127
content-length: 49
expires: 0

Redirect headers

Location: https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-aafc3a0b-9e29-5b97-53d1-4ca8ee376e7d$ip$38.132.118.71&gdpr=0&gdpr_consent=
Date: Sun, 21 Jan 2024 00:04:07 GMT
Connection: keep-alive
Content-Length: 167
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 65D0 70 B
440 B 70ms
65ms Image
image/gif 50.16.174.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=51mdg9u&uid=ab64fa0e90b9b1997c07960e3f815611&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C153%2C148%2C145%2C136%2C122%2C116%2C106%2C104%2C94%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-174-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 21 Jan 2024 00:04:07 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 65D0
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0
https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-LjXgjWVE2pzjTeXOJ.XFZbPAF6apcX4yhu0-~A&gdpr=0

49 B
265 B

66ms
65ms

Image
image/gif

34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-LjXgjWVE2pzjTeXOJ.XFZbPAF6apcX4yhu0-~A&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C153%2C148%2C145%2C136%2C122%2C116%2C106%2C104%2C94%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.62.235
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-LjXgjWVE2pzjTeXOJ.XFZbPAF6apcX4yhu0-~A&gdpr=0
date: Sun, 21 Jan 2024 00:04:07 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=49c0b9de-e1d3-49be-9005-72cadc6c3c81-65ac5f77-5553/ Frame 65D0
Redirect Chain

https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=49c0b9de-e1d3-49be-9005-72cadc6c3c81-65ac5f77-5553/gdpr=0

49 B
265 B

100ms
100ms

Image
image/gif

34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=49c0b9de-e1d3-49be-9005-72cadc6c3c81-65ac5f77-5553/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C153%2C148%2C145%2C136%2C122%2C116%2C106%2C104%2C94%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:08 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.63.252
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=49c0b9de-e1d3-49be-9005-72cadc6c3c81-65ac5f77-5553/gdpr=0
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 65D0 0
675 B 249ms
59ms Image
text/plain 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=7&puid=ab64fa0e90b9b1997c07960e3f815611&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C153%2C148%2C145%2C136%2C122%2C116%2C106%2C104%2C94%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 2fcb300b847bad3e7dd1184ec8a1c2f5
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 65D0 170 B
188 B 89ms
81ms Image
image/png 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YWI2NGZhMGU5MGI5YjE5OTdjMDc5NjBlM2Y4MTU2MTE&gdpr=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5907
tags.bluekai.com/site/ Frame 65D0 62 B
304 B 142ms
130ms Image
image/gif 104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=7c1513a17521832612a6a3f382314840
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C153%2C148%2C145%2C136%2C122%2C116%2C106%2C104%2C94%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 21 Jan 2024 00:04:07 GMT
content-length: 62
content-type: image/gif

GET
H2 200 g.json Show response
aa.agkn.com/adscores/ Frame 65D0 108 B
727 B 243ms
70ms Script
application/json 13.225.214.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C153%2C148%2C145%2C136%2C122%2C116%2C106%2C104%2C94%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.214.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-84.ewr50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 7d8609b3485504171df5b0db41bd91d15cbc2fcce6872b22967c92d356f3193e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
via: 1.1 110142bfecf028552c3361846a29130a.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 108
x-amz-cf-id: Zx3CworxYIW4zFQszKb53oSR91Fhnhmx9nYOHK3anVNtG5uzMyk-jw==
expires: 0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 65D0 170 B
188 B 93ms
86ms Image
image/png 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_hm=YWI2NGZhMGU5MGI5YjE5OTdjMDc5NjBlM2Y4MTU2MTE&gdpr=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7169882469513063975/ Frame 65D0
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/ab64fa0e90b9b1997c07960e3f815611/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7169882469513063975/gdpr=0

49 B
264 B

66ms
65ms

Image
image/gif

34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7169882469513063975/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C153%2C148%2C145%2C136%2C122%2C116%2C106%2C104%2C94%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.4.239
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7169882469513063975/gdpr=0
pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

rand=802876266
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=2907085194688289057/gdpr=0/ Frame 65D0
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=802876266
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=2907085194688289057/gdpr=0/rand=802876266

49 B
264 B

67ms
63ms

Image
image/gif

34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=2907085194688289057/gdpr=0/rand=802876266
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C153%2C148%2C145%2C136%2C122%2C116%2C106%2C104%2C94%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C22%2C12%2C8%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.2.185
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
an-x-request-uuid: 881dd4d5-655c-40a6-8350-2214a783a31a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=2907085194688289057/gdpr=0/rand=802876266
x-proxy-origin: 38.132.118.71; 38.132.118.71; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 6FBF
Redirect Chain

https://x.bidswitch.net/syncd?gdpr=0&dsp_id=459&user_group=1&expires=30&user_id=${COOKIE}&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16722%26tp%3DMDAG%26tpid%3D%24%7BBSW_UID%7D%26gdpr%3D0
https://sync.crwdcntrl.net/qmap?c=16722&tp=MDAG&tpid=6b5464a1-2869-4888-acd3-3d2426159c4f&gdpr=0

49 B
265 B

69ms
65ms

Image
image/gif

34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=16722&tp=MDAG&tpid=6b5464a1-2869-4888-acd3-3d2426159c4f&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C155%2C154%2C150%2C142%2C135%2C132%2C125%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C86%2C79%2C76%2C65%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.58.162
content-length: 49
expires: 0

Redirect headers

Location: https://sync.crwdcntrl.net/qmap?c=16722&tp=MDAG&tpid=6b5464a1-2869-4888-acd3-3d2426159c4f&gdpr=0
Date: Sun, 21 Jan 2024 00:04:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

m
cm.mgid.com/ Frame 6FBF
Redirect Chain

https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=ab64fa0e90b9b1997c07960e3f815611
https://cm.mgid.com/m?c=ab64fa0e90b9b1997c07960e3f815611&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

43 B
158 B

71ms
69ms

Image
image/gif

2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?c=ab64fa0e90b9b1997c07960e3f815611&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C155%2C154%2C150%2C142%2C135%2C132%2C125%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C86%2C79%2C76%2C65%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D

Protocol

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 848b4c4caabf7445-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
location: https://cm.mgid.com/m?c=ab64fa0e90b9b1997c07960e3f815611&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 848b4c4c299c7445-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 6FBF
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=lotame&cspid=20&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16622%26tp%3DALDX%26tpid%3D%24{ADELPHIC...
https://sync.crwdcntrl.net/qmap?c=16622&tp=ALDX&tpid=b1c31223-06f0-43a1-9eea-2c3680072dd5&gdpr=0

49 B
265 B

77ms
77ms

Image
image/gif

34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=16622&tp=ALDX&tpid=b1c31223-06f0-43a1-9eea-2c3680072dd5&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C155%2C154%2C150%2C142%2C135%2C132%2C125%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C86%2C79%2C76%2C65%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.50.168
content-length: 49
expires: 0

Redirect headers

Location: https://sync.crwdcntrl.net/qmap?c=16622&tp=ALDX&tpid=b1c31223-06f0-43a1-9eea-2c3680072dd5&gdpr=0
Date: Sun, 21 Jan 2024 00:04:07 GMT
Connection: keep-alive
X-CI-RTID: 388831e6-f547-4ec4-a63d-b14675375273
Content-Length: 131
Content-Type: text/html; charset=utf-8

GET
H2 200 /
wt.rqtrk.eu/ Frame 6FBF 43 B
351 B 222ms
70ms Image
image/gif 51.222.241.106
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wt.rqtrk.eu/?pid=e34a6063-e846-4ccb-98d8-0eba4dd66b75&src=www&type=100&sid=0&cb=823571562&gdpr=0&gdpr_consent=&gdpr_pd=0&uid=ab64fa0e90b9b1997c07960e3f815611
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C155%2C154%2C150%2C142%2C135%2C132%2C125%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C86%2C79%2C76%2C65%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.222.241.106 , Canada, ASN16276 (OVH, FR),
Reverse DNS: haproxy-ca-012.roqad.pl
Software: istio-envoy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type: image/gif
cache-control: no-cache,private
x-envoy-upstream-service-time: 1
content-length: 43
expires: Sun, 21 Jan 2024 00:04:06 GMT

GET
H2

200

engine
pbid.pro-market.net/ Frame 6FBF
Redirect Chain

https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=ab64fa0e90b9b1997c07960e3f815611
https://fei.pro-market.net/engine?mimetype=img&site=159201&size=1x1&du=19&csync=ab64fa0e90b9b1997c07960e3f815611&sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=NzY0NjE1MTYxMjk3MjU1MDE4Mw==
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEHAlbfQ_QkcbxBwQRToPamI&google_cver=1

43 B
398 B

120ms
110ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEHAlbfQ_QkcbxBwQRToPamI&google_cver=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C155%2C154%2C150%2C142%2C135%2C132%2C125%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C86%2C79%2C76%2C65%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 2600:1901:0:8eee:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:08 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEHAlbfQ_QkcbxBwQRToPamI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79/gdpr=0/ Frame 6FBF
Redirect Chain

https://id5-sync.com/s/19/9.gif?puid=ab64fa0e90b9b1997c07960e3f815611&gdpr=0
https://id5-sync.com/c/19/19/9/1.gif?puid=ab64fa0e90b9b1997c07960e3f815611&gdpr=0&gdpr_consent=&us_privacy=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79&ttl=%%TTL%%
https://ib.adnxs.com/getuid?https://id5-sync.com/c/19/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/19/2/7/3.gif?puid=2907085194688289057&gdpr=0&gdpr_consent=
https://rtd-tm.everesttech.net/upi/pid/dm4ha19W?redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F136%2F6%2F4.gif%3Fpuid%3D%24%7BTM_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/19/136/6/4.gif?puid=ZaxfdAAQBIdxCQBH&gdpr=0&gdpr_consent=
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-bd8bVoH2197rv4p9zkl0akP92SyyEwK3fQnLYWYxwg/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F5%2F5.gif%3Fpuid%3D%24%21%7BTURN_...
https://id5-sync.com/c/19/224/5/5.gif?puid=7169882469513063975&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=0/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F4%2F6.gif%3Fpui...
https://tags.bluekai.com/site/5907?limit=0&id=7c1513a17521832612a6a3f382314840&redir=https://id5-sync.com/c/19/321/4/6.gif?puid=$_BK_UUID&gdpr=0&gdpr_consent=&gdpr_consent=&gdpr=0
https://id5-sync.com/c/19/321/4/6.gif?puid=A0oPmthX99OXuvhk
https://sync.sharethis.com/id5?uid=ID5-bd8bVoH2197rv4p9zkl0akP92SyyEwK3fQnLYWYxwg&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fid5-sync.com%2Fa%2F19%2F121%2F3%2F7%2Fgif%2F0%2F0%2F0%2F0%2F
https://id5-sync.com/a/19/121/3/7/gif/0/0/0/0/ZGgABWWsX20AAAAIA2FBAw==
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0&gdpr_consent=&id5=ID5-bd8bVoH2197rv4p9zkl0akP92SyyEwK3fQnLYWYxwg
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79/gdpr=0/gdpr_consent=

49 B
265 B

79ms
78ms

Image
image/gif

34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79/gdpr=0/gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C155%2C154%2C150%2C142%2C135%2C132%2C125%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C86%2C79%2C76%2C65%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:10 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.63.196
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79/gdpr=0/gdpr_consent=
date: Sun, 21 Jan 2024 00:04:09 GMT
server: Kestrel
content-length: 249

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 6FBF
Redirect Chain

https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D5979%26tp%3DADWZ%26tpid%3D%24%7BUID%7D%26gdpr%3D0
https://sync.crwdcntrl.net/qmap?c=5979&tp=ADWZ&tpid=959c865af95602501fce450bb00c5df5&gdpr=0

49 B
265 B

65ms
65ms

Image
image/gif

34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=5979&tp=ADWZ&tpid=959c865af95602501fce450bb00c5df5&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C155%2C154%2C150%2C142%2C135%2C132%2C125%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C86%2C79%2C76%2C65%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.58.120
content-length: 49
expires: 0

Redirect headers

date: Sun, 21 Jan 2024 00:04:07 GMT
via: 1.1 8df8d5dfeb782c83ceeb5679f78a9e4e.cloudfront.net (CloudFront)
x-clacks-overhead: GNU Terry Pratchett
x-adswizz-request-id: 82be06d8-3e60-4b92-b580-87057a09b3e2
x-amz-cf-pop: JFK52-P4
x-cache: Miss from cloudfront
location: https://sync.crwdcntrl.net/qmap?c=5979&tp=ADWZ&tpid=959c865af95602501fce450bb00c5df5&gdpr=0
x-amz-cf-id: EBI-z5IEk1fOYfXpqMwuJk53ZAWbL3-fb_holOLY1X9gtSUgkOKGtQ==

GET
H2 200 insync
thrtle.com/ Frame 6FBF 43 B
294 B 68ms
59ms Image
image/gif 54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/insync?vxii_pid=10014&gdpr=0&vxii_pdid=ab64fa0e90b9b1997c07960e3f815611
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C155%2C154%2C150%2C142%2C135%2C132%2C125%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C86%2C79%2C76%2C65%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Sun, 21 Jan 2024 00:04:07 GMT
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK ltm
audex.userreport.com/sync/put/ Frame 6FBF 43 B
433 B 333ms
164ms Image
image/gif 13.226.34.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://audex.userreport.com/sync/put/ltm?ltmid=ab64fa0e90b9b1997c07960e3f815611
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C155%2C154%2C150%2C142%2C135%2C132%2C125%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C86%2C79%2C76%2C65%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-16.ewr53.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:07 GMT
Via: 1.1 98ff52bb9a3187350f3ea674f4110afa.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: EWR53-C2
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: uvDdRKmt_Sv_caapi7gcw0og5zUFEpWCTMThX2nsAdEKYrmUDcvSjA==

GET
H2 200 cm
trc.taboola.com/sg/lotame/1/ Frame 6FBF 43 B
412 B 180ms
65ms Image
image/gif 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/lotame/1/cm
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C155%2C154%2C150%2C142%2C135%2C132%2C125%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C86%2C79%2C76%2C65%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-vcl-time-ms: 32
date: Sun, 21 Jan 2024 00:04:07 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 29889
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-mia-kmia1760075-MIA
pragma: no-cache
server: nginx
x-timer: S1705795448.771708,VS0,VE32
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 6FBF
Redirect Chain

https://pixel.shareaholic.com/sync?r=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D9193%26tp%3DSHLC%26tpid%3D%24u_id%26gdpr%3D0
https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=4a04df44-9265-4066-9330-e9bc96d5657e&gdpr=0

49 B
264 B

67ms
66ms

Image
image/gif

34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=4a04df44-9265-4066-9330-e9bc96d5657e&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C155%2C154%2C150%2C142%2C135%2C132%2C125%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C86%2C79%2C76%2C65%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.14.41
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/qmap?c=9193&tp=SHLC&tpid=4a04df44-9265-4066-9330-e9bc96d5657e&gdpr=0
pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'

GET 7
sync.search.spotxchange.com/audience_sync/ Frame 6FBF 0
0

GET
H2

200

tpid=d5fe2fd0-f00b-4636-a65d-dd80f91f0fc9
bcp.crwdcntrl.net/map/c=10737/tp=AMBO/ Frame 6FBF
Redirect Chain

https://pool.admedo.com/aa/j9fmpan1dspyp6ogch79
https://pool.admedo.com/ul_cb/aa/j9fmpan1dspyp6ogch79
https://bcp.crwdcntrl.net/map/c=10737/tp=AMBO/tpid=d5fe2fd0-f00b-4636-a65d-dd80f91f0fc9

49 B
265 B

64ms
64ms

Image
image/gif

34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=10737/tp=AMBO/tpid=d5fe2fd0-f00b-4636-a65d-dd80f91f0fc9
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C155%2C154%2C150%2C142%2C135%2C132%2C125%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C86%2C79%2C76%2C65%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:08 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.15.235
content-length: 49
expires: 0

Redirect headers

location: //bcp.crwdcntrl.net/map/c=10737/tp=AMBO/tpid=d5fe2fd0-f00b-4636-a65d-dd80f91f0fc9
date: Sun, 21 Jan 2024 00:04:08 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 /
loadus.exelator.com/load/ Frame 6FBF 0
324 B 423ms
58ms Image
text/plain 50.16.197.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=260&buid=ab64fa0e90b9b1997c07960e3f815611&j=0&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C155%2C154%2C150%2C142%2C135%2C132%2C125%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C86%2C79%2C76%2C65%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.197.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-197-56.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1 200
OK identity
c.cintnetworks.com/ Frame 6FBF 0
543 B 534ms
248ms Image
text/plain 40.71.11.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.cintnetworks.com/identity?a=5461&gdpr=0&id=Lotame:ab64fa0e90b9b1997c07960e3f815611
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C155%2C154%2C150%2C142%2C135%2C132%2C125%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C86%2C79%2C76%2C65%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 40.71.11.141 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:07 GMT
Cache-Control: max-age=60, private, must-revalidate
Access-Control-Allow-Credentials: true
Arr-Disable-Session-Affinity: true
Content-Length: 0
Vary: Origin
P3P: CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."

GET
H2

200

19505
tags.bluekai.com/site/ Frame 6FBF
Redirect Chain

https://pixel.onaudience.com/?mapped=ab64fa0e90b9b1997c07960e3f815611&partner=104&gdpr=0
https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=0
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=0
https://pixel.onaudience.com/?partner=252&mapped=y-LoM7gTJE2pRajTQv0FVGzMoQsD_RHDac2A--~A&gdpr=0
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b426b577e76f6dfa/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=ab64fa0e90b9b1997c07960e3f815611&gdpr=0
https://pixel.onaudience.com/?partner=282&icm&cver&gdpr=0&smartmap=1&redirect=stags.bluekai.com%2Fsite%2F52799%3Fid%3D%25m
https://stags.bluekai.com/site/52799?id=d30512183e3cb4f9
https://cms.analytics.yahoo.com/cms?partner_id=BLKAI
https://ups.analytics.yahoo.com/ups/58739/cms?partner_id=BLKAI
https://tags.bluekai.com/site/19505?id=y-7aIzTO9E2pJpG07yiZUjqkX5jDIV0H.SXk4-~A

62 B
304 B

133ms
131ms

Image
image/gif

104.126.112.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/19505?id=y-7aIzTO9E2pJpG07yiZUjqkX5jDIV0H.SXk4-~A
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C155%2C154%2C150%2C142%2C135%2C132%2C125%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C86%2C79%2C76%2C65%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 21 Jan 2024 00:04:09 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/19505?id=y-7aIzTO9E2pJpG07yiZUjqkX5jDIV0H.SXk4-~A
date: Sun, 21 Jan 2024 00:04:09 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=66f09bc1-42b4-43b1-b8b5-76e48d490be3/ Frame 6FBF
Redirect Chain

https://jadserve.postrelease.com/dmp/5?vk=ab64fa0e90b9b1997c07960e3f815611/gdpr=0&ntv_r=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D8157%2Ftp%3DNLDN%2Ftpid%3DNTV_USER_ID%2Fgdpr%3D0
https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=66f09bc1-42b4-43b1-b8b5-76e48d490be3/gdpr=0

49 B
264 B

65ms
64ms

Image
image/gif

34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=66f09bc1-42b4-43b1-b8b5-76e48d490be3/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C155%2C154%2C150%2C142%2C135%2C132%2C125%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C86%2C79%2C76%2C65%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:08 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.3.159
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:08 GMT
server: nginx
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.crwdcntrl.net/map/c=8157/tp=NLDN/tpid=66f09bc1-42b4-43b1-b8b5-76e48d490be3/gdpr=0
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 6FBF
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=120&cm=ab64fa0e90b9b1997c07960e3f815611
https://idsync.rlcdn.com/420246.gif?partner_uid=ZaxfeEVKSrjcZqDV_b_SZQN1
https://aorta.clickagy.com/pixel.gif?ch=114&cm=37cba886f9ea8d1917c434b66c050d9d592e80d24983ccec7c62e262ba0fc63225abae5358c0e7bc
https://us-u.openx.net/w/1.0/cm?id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.net%25...
https://us-u.openx.net/w/1.0/cm?cc=1&id=af408286-42f3-4d1c-bb48-10bd86dbcd66&r=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fch%3D4%26cm%3D%7BOPENX_ID%7D%26redir%3Dhttps%253A%252F%252Fus-u.openx.n...
https://aorta.clickagy.com/pixel.gif?ch=4&cm=93681a69-b85b-4b62-99d2-211d28ea025f&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZaxfeEVKSrjcZqDV_b_SZQN1

43 B
61 B

223ms
223ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZaxfeEVKSrjcZqDV_b_SZQN1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C155%2C154%2C150%2C142%2C135%2C132%2C125%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C86%2C79%2C76%2C65%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:08 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:08 GMT
server: Aorta/20240110.a47e9006f
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain
location: https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZaxfeEVKSrjcZqDV_b_SZQN1
access-control-allow-origin: *
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 295b3205e33b
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H2

204

0.gif
x01.aidata.io/ Frame 6FBF
Redirect Chain

https://x01.aidata.io/0.gif?pid=LOTAME&id=ab64fa0e90b9b1997c07960e3f815611&gdpr=0
https://x01.aidata.io/0.gif?pid=LOTAME&id=ab64fa0e90b9b1997c07960e3f815611&gdpr=0&bounce=1

0
432 B

206ms
206ms

Image
text/plain

89.108.119.43
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LOTAME&id=ab64fa0e90b9b1997c07960e3f815611&gdpr=0&bounce=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C155%2C154%2C150%2C142%2C135%2C132%2C125%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C86%2C79%2C76%2C65%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51370.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:08 GMT
last-modified: Sun, 21 Jan 2024 00:04:07 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Sun, 21 Jan 2024 00:04:07 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:08 GMT
last-modified: Sun, 21 Jan 2024 00:04:07 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://x01.aidata.io/0.gif?pid=LOTAME&id=ab64fa0e90b9b1997c07960e3f815611&gdpr=0&bounce=1
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sun, 21 Jan 2024 00:04:07 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 6FBF
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9202276048&gdpr=0
https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=213390604768000039233&gdpr=0&gdpr_consent=

49 B
265 B

70ms
69ms

Image
image/gif

34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=213390604768000039233&gdpr=0&gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C155%2C154%2C150%2C142%2C135%2C132%2C125%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C86%2C79%2C76%2C65%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:08 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.61.203
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:08 GMT
via: 1.1 110142bfecf028552c3361846a29130a.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://sync.crwdcntrl.net/qmap?c=368&tp=NEUS&tpid=213390604768000039233&gdpr=0&gdpr_consent=
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: VVI9qj3q8y5Ho-Z95FrJ5R9tSRQhJbtkVc4mXlcN5Qy9AjSwvIyflQ==
expires: 0

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZaxfdAAQBIdxCQBH/ Frame 6FBF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZaxfdAAQBIdxCQBH/gdpr=0

49 B
265 B

65ms
64ms

Image
image/gif

34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZaxfdAAQBIdxCQBH/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C155%2C154%2C150%2C142%2C135%2C132%2C125%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C86%2C79%2C76%2C65%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.57.202
content-length: 49
expires: 0

Redirect headers

x-served-by: cache-mia-kmia1760099-MIA
pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1705795448.664306,VS0,VE0
x-cache: HIT
location: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZaxfdAAQBIdxCQBH/gdpr=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 382416.gif
idsync.rlcdn.com/ Frame 6FBF 42 B
60 B 82ms
79ms Image
image/gif 35.244.154.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/382416.gif?partner_uid=ab64fa0e90b9b1997c07960e3f815611&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C155%2C154%2C150%2C142%2C135%2C132%2C125%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C86%2C79%2C76%2C65%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.154.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:07 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

200

rand=808919575
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=2907085194688289057/gdpr=0/ Frame 6FBF
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=808919575
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=2907085194688289057/gdpr=0/rand=808919575

49 B
264 B

64ms
64ms

Image
image/gif

34.234.61.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=2907085194688289057/gdpr=0/rand=808919575
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=158%2C155%2C154%2C150%2C142%2C135%2C132%2C125%2C115%2C108%2C105%2C103%2C101%2C100%2C92%2C89%2C86%2C79%2C76%2C65%2C26%2C14%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 34.234.61.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-234-61-205.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.1.182
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:07 GMT
an-x-request-uuid: bdb27490-9ecc-4003-8038-7b755b49af31
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=2907085194688289057/gdpr=0/rand=808919575
x-proxy-origin: 38.132.118.71; 38.132.118.71; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 7AC4 230 B
529 B 36ms
35ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 7AC4 231 B
530 B 36ms
35ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 613D 5 KB
2 KB 62ms
61ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2442
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: LvywKr9j28shhAcRXBRFyrIWdHpmjJSICbfHrSIdPnQXh3fDyBJ0Bg==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 83CD 5 KB
2 KB 61ms
61ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2442
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: J6hmo-JWnVbihQIOcYMfxbh49grrb-5_vO04OVYlcWC5xR0YCWRoMA==

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1268.23380/a/US/ Frame EC2C 19 KB
9 KB 73ms
72ms Script
text/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:07 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8535
Expires: Sun, 28 Jan 2024 00:04:07 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1268.23380/a/US/ Frame 31BE 19 KB
9 KB 77ms
76ms Script
text/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:07 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8535
Expires: Sun, 28 Jan 2024 00:04:07 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 7AC4 0
436 B 84ms
78ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-china%2F&r=https%3A%2F%2Fzona-bermain.com%2Fprediksi-cambodia%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-china%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-cambodia%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:07 GMT
x-t: 1.37
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aW%2FfGVL%2BqFN8S0HdC67PMiTMAjiZbPFFa6OgzisgaEDBNfebD%2FWRAPgTLDKiayGBCp5Hgzsfkx26cHJgCGuCwHJbWR2jOMvA8I3IZh0nyIg9rhIWq%2FpmPR%2FUrP1PLjx3tiSjezS5ZWnVSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web3.ny1.dtscdn.com
cf-ray: 848b4c4c8f52287a-MIA
expires: Sat, 20 Jan 2024 23:58:13 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 7AC4 33 KB
11 KB 72ms
66ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-china%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-cambodia%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38448
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: _L9mG98a1np3l34P659s0JhihL-W1WSky5OD-AeU7PqrP0yLRKuAeQ==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 7AC4 2 KB
3 KB 73ms
68ms Script
application/javascript 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-china%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-cambodia%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

c4425bf79d38f326138bacaa3c55d3b01eb90cd641e3e0f56f88ac721b3902b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:07 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 7AC4 0
290 B 269ms
264ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=1actuvzbj4&_pv=3&_ls=3&_cc=us&_pl=d&_b=chrome%40120&_cbid=60ac&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-china%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-cambodia%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:07 GMT
x-t: 0.07
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZuiAzEL%2BijhaGkfSv67pID2FxkingPRW2Ism9qzQM%2BmkA4NZ6BTG68GwbpGR79UWBFZivuJDBxtDjnWQLYOY6cRPX32ywCXj1MGWyNBRsDkdSoCIwgoUTFIDivJSZrBdeixEtSeVQcjE84w%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c4c8ce16dc2-MIA
expires: Sun, 21 Jan 2024 00:04:06 GMT

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 613D 167 B
580 B 72ms
68ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 83CD 167 B
580 B 149ms
72ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 9608 22 KB
12 KB 47ms
45ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 33290
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c4cde2fd9d5-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 9608 6 KB
3 KB 287ms
285ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-193372388&@b3:1705795448&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a122fc5a5f1634ca193e2ca54e24e8a5fa3923815299dd65f1503176eb6919d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
x-t: 0.24
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ztCZFv1UevUMHcd68sojFsK%2BTcYJBZseItRrEVyQb%2BHnc1iqHQaSKPnBHDTIvznWzT47JtARruV0x77Q9dvhC7E0s8X8eRjsBCvf47naJ1L%2FKkYU5%2FwSsfx1KRygea%2FznA4R25s6%2BSMYBAg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c4cdd366dc2-MIA
expires: Sun, 21 Jan 2024 00:04:06 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 7CC9 0
141 B 80ms
76ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=68246&pu=https://markas-prediktor.info/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:06 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: DB1092AAB83C4DA4A002A3370E9D17D2 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:07Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXO6j5qCHh9xemx98Q==

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame EC2C 0
289 B 85ms
82ms Image
text/plain 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGgABWWsX20AAAAIA2FBAw%253D%253D&tt=t.dhj&dhjLcy=1705795447543&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23380&ell=d&cck=__stid&dmn=zona-bermain.com&pn=%2F&qs=na&cc=US&cont=NA&evid=gwOVp0YAslQTMsOHxi-e&urls=&rnd=1705795447843&cid=c010&version=1.1268.23380&cc=US&cont=NA&cls=C&repeat=0&htmLcy=126&bcnLcy=281

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Sun, 21 Jan 2024 00:04:07 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 31BE 0
289 B 65ms
65ms Image
text/plain 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGgABWWsX20AAAAIA2FBAw%253D%253D&tt=t.dhj&dhjLcy=1705795447546&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23380&ell=d&cck=__stid&dmn=zona-bermain.com&pn=%2F&qs=na&cc=US&cont=NA&evid=QxOVp0YAQvAbwJ9tHBYY&urls=&rnd=1705795447891&cid=c010&version=1.1268.23380&cc=US&cont=NA&cls=C&repeat=0&htmLcy=165&bcnLcy=281

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Sun, 21 Jan 2024 00:04:07 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 7AC4 2 KB
2 KB 84ms
67ms Script
application/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9985387370900747&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

58627f33bcb7b5ed28675fa89d0a45aa0107bfcbec0b17bd3ffb5ac99b763943

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Sun, 21 Jan 2024 01:04:07 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 7AC4 42 B
265 B 70ms
68ms Image
image/gif 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fzona-bermain.com%2Fprediksi-cambodia%2F&event_source=dtscout&rnd=0.9985387370900747&exptid=ZGgABWWsX20AAAAIA2FBAw%3D%3D&fcmp=false

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:07 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 7AC4 5 KB
2 KB 62ms
61ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2442
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: W6RQJtpQpVncvjSN9qbitDt-1EW9YFOA_QkT5Gf6wXW3-5vAksy1ig==

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame 029C 107 KB
13 KB 302ms
299ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 029C 227 B
271 B 307ms
305ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 029C 2 KB
374 B 308ms
305ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 029C 28 KB
8 KB 308ms
306ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 029C 3 KB
827 B 310ms
308ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 029C 86 KB
29 KB 310ms
308ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 029C 13 KB
5 KB 321ms
319ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 029C 157 KB
26 KB 86ms
84ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:08 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6370189
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 029C 30 KB
7 KB 89ms
87ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 4465845
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4c4e6eb221d9-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 029C 21 KB
8 KB 85ms
83ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:08 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4041573
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 029C 62 KB
16 KB 87ms
85ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:08 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4489637
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET

csx
s.thebrighttag.com/ Frame B9BF
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=28082
https://match.prod.bidr.io/cookie-sync/liveintent
https://match.prod.bidr.io/cookie-sync/liveintent?_bee_ppp=1
https://i.liadm.com/s/62491?bidder_uuid=AAFEr07LWL8AABJZFwI98A&bidder_id=237139
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=12&rurl=https://i.liadm.com/s/35758?bidder_id%3D2380%26bidder_uuid%3D%7BuserId%7D
https://i.liadm.com/s/35758?bidder_id=2380&bidder_uuid=49c0b9de-e1d3-49be-9005-72cadc6c3c81-65ac5f77-5553
https://aa.agkn.com/adscores/g.pixel?sid=9212291498&_puid=8fa0be99-2128-4576-ba8e-19bd665ac5d9
https://i.liadm.com/s/35637?bidder_id=100905&bidder_uuid=213390604768000039233
https://s.thebrighttag.com/csx?tp=1YJNAYe

0
0

GET
H2

200

sync
thrtle.com/ Frame 12FE
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
https://sync.srv.stackadapt.com/sync?nid=throtle
https://thrtle.com/sync?vxii_pid=5044&vxii_pdid=qvw6C54pW5dT0Uyo7jdufSaEdkc&_t=1705795448

43 B
539 B

60ms
59ms

Image
image/gif

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5044&vxii_pdid=qvw6C54pW5dT0Uyo7jdufSaEdkc&_t=1705795448
Requested by: Host: markas-prediktor.info
URL: https://markas-prediktor.info/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://markas-prediktor.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Sun, 21 Jan 2024 00:04:08 GMT
content-length: 43
content-type: image/gif

Redirect headers

Location: https://thrtle.com/sync?vxii_pid=5044&vxii_pdid=qvw6C54pW5dT0Uyo7jdufSaEdkc&_t=1705795448
Date: Sun, 21 Jan 2024 00:04:08 GMT
Connection: keep-alive
Content-Length: 120
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 7AC4 167 B
581 B 67ms
66ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame B389 2 KB
1 KB 108ms
103ms Document
text/html 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.9985387370900747&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sun, 21 Jan 2024 00:04:08 GMT
Expires: Sun, 28 Jan 2024 00:04:08 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H3 200 7.png
zona-bermain.com/script/ Frame 029C 24 KB
24 KB 256ms
255ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame 029C 25 KB
25 KB 265ms
265ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame 029C 25 KB
25 KB 255ms
255ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame 029C 25 KB
25 KB 255ms
255ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame 029C 25 KB
25 KB 258ms
255ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame 029C 25 KB
25 KB 288ms
282ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame 029C 24 KB
24 KB 402ms
397ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame 029C 25 KB
25 KB 402ms
398ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H3 200 5.png
zona-bermain.com/script/ Frame 029C 25 KB
25 KB 403ms
399ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/5.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5f535c3b2a3e766186afdfcdcc69c61bdabd63853a8a22b30795fa317b28c453

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25302
expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H3 200 0.png
zona-bermain.com/script/ Frame 029C 25 KB
25 KB 403ms
400ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame 029C 43 B
182 B 209ms
70ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:08 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 029C 3 KB
1 KB 408ms
405ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 029C 8 KB
2 KB 271ms
264ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 029C 6 KB
2 KB 271ms
265ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 029C 112 KB
34 KB 271ms
265ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 029C 4 KB
2 KB 285ms
279ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 9608 0
460 B 85ms
83ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
x-t: 1.8
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SIEaXMmvJJxdpXGtdD%2FNssUK3VfisfgKRZXj9OXHjqkQVoRE5bQLw9c%2FL6H%2Fghqx9p8KRpMQtJEXru5i0sB6xfd78LlvCmoG0G5X6Y3Rc64Ys8v6lSid7iuiC63%2BlvKVPgEPp%2FgHdLcqBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 848b4c4efb88287a-MIA
expires: Sat, 20 Jan 2024 21:43:58 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 9608 33 KB
11 KB 67ms
66ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38449
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: xwKQIMMQaGquRUaWba7lhqOqXrWUp_Fb3gBikHUCIzWO2vAHcxzYpQ==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 9608 2 KB
3 KB 69ms
68ms Script
application/javascript 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

c4425bf79d38f326138bacaa3c55d3b01eb90cd641e3e0f56f88ac721b3902b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:08 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 9608 0
304 B 260ms
259ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=3qzb7utbz4&_pv=3&_ls=1&_cc=us&_pl=d&_b=chrome%40120&_cbid=4guh&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
x-t: 0.077
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SzWOfx3B4ftMZ2Hf77GgXj6Icx1yz2fQ4648mBbgbsYRCdad71o%2FsSOFlpxAuHGFYgsUsjsFvjPBIDskP4HMkxaeBNc0leYe6HMBC8adGaF263W6q9cgCDk1uZR%2F7DGMxVwZ9zJ4cutlE0c%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c4eff8e6dc2-MIA
expires: Sun, 21 Jan 2024 00:04:07 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1268.23380/a/US/ Frame 08D6 19 KB
9 KB 94ms
94ms Script
text/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:08 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8535
Expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 9608 2 KB
2 KB 68ms
67ms Script
application/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.05682600222415379&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

58627f33bcb7b5ed28675fa89d0a45aa0107bfcbec0b17bd3ffb5ac99b763943

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Sun, 21 Jan 2024 01:04:08 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 9608 42 B
265 B 68ms
68ms Image
image/gif 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fzona-bermain.com%2F&event_source=dtscout&rnd=0.05682600222415379&exptid=ZGgABWWsX20AAAAIA2FBAw%3D%3D&fcmp=false

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:08 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 9608 5 KB
2 KB 61ms
61ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2443
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: PyutAPlGoEIKf7hWBP-LAUqCJzo8f_GzSYVz-y97B2Ei4NL6wsSIIw==

GET
H2

200

sync
thrtle.com/ Frame 2D22
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
https://match.prod.bidr.io/cookie-sync/throtle?
https://match.prod.bidr.io/cookie-sync/throtle?_bee_ppp=1
https://thrtle.com/sync?vxii_pdid=AAFEr07LWL8AABJZFwI98A&vxii_pid=5037&_t=1705795448.5601714

43 B
540 B

61ms
60ms

Image
image/gif

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pdid=AAFEr07LWL8AABJZFwI98A&vxii_pid=5037&_t=1705795448.5601714
Requested by: Host: sky.pasukanantidepo.shop
URL: https://sky.pasukanantidepo.shop/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://raja.hoki2d.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Sun, 21 Jan 2024 00:04:08 GMT
content-length: 43
content-type: image/gif

Redirect headers

location: https://thrtle.com/sync?vxii_pdid=AAFEr07LWL8AABJZFwI98A&vxii_pid=5037&_t=1705795448.5601714
Date: Sun, 21 Jan 2024 00:04:08 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 7CC9
Redirect Chain

https://um.simpli.fi/lj_match?r=16660
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

67ms
66ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:08 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:08 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:08 GMT

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 9608 167 B
580 B 67ms
66ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 029C 11 KB
5 KB 45ms
45ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39483
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c50ecbfd9d5-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
kaptenoleng.com/ Frame 27E5 10 KB
2 KB 371ms
370ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:08 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 2677 2 KB
1 KB 73ms
72ms Document
text/html 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.05682600222415379&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sun, 21 Jan 2024 00:04:08 GMT
Expires: Sun, 28 Jan 2024 00:04:08 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 613D 43 B
177 B 67ms
65ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:08 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 029C 75 KB
76 KB 43ms
42ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 52940
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0169a029d86cd905494d0223eb6c0fce
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4c50f9ca497c-MIA
cdn-requestpullsuccess: True

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 08D6 0
289 B 66ms
65ms Image
text/plain 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGgABWWsX20AAAAIA2FBAw%253D%253D&tt=t.dhj&dhjLcy=1705795448081&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23380&ell=d&cck=__stid&dmn=zona-bermain.com&pn=%2Fprediksi-cambodia%2F&qs=na&cc=US&cont=NA&evid=k6OVp0YAJxi15Ac1juOp&urls=&rnd=1705795448486&cid=c010&version=1.1268.23380&cc=US&cont=NA&cls=C&repeat=0&htmLcy=199&bcnLcy=91

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Sun, 21 Jan 2024 00:04:08 GMT

GET
H3

200

/ Show response
zona-bermain.com/prediksi-taiwan/ Frame 9C91
Redirect Chain

https://zona-bermain.com/prediksi-taiwan
https://zona-bermain.com/prediksi-taiwan/

97 KB
20 KB

557ms
557ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/prediksi-taiwan/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

45fa7054f05ab3b5e09ae700719660587e59dc927513afe0c02eca9f813b5e30

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/prediksi-japan/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:09 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/91>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=91>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:08 GMT
location: https://zona-bermain.com/prediksi-taiwan/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 83CD 43 B
177 B 66ms
66ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:08 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame 029C 436 B
571 B 282ms
148ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20JAPAN%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fpaito-warna-china%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-166684469&@b3:1705795449&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fprediksi-japan%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: b40c199ebf849324a001963864b6deffaca618617904dd9c99e5dcec4f29be68

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:08 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame B9BF 0
141 B 77ms
77ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=11958&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:07 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: ADEC325A2CD9485FBB053B309A5E5C4D Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:08Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXPF5g1dMqeiir3nJw==

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1268.23380/a/US/ Frame 66E2 19 KB
9 KB 72ms
72ms Script
text/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:08 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8535
Expires: Sun, 28 Jan 2024 00:04:08 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ 0
73 B 255ms
68ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sky.pasukanantidepo.shop/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:08 GMT
content-length: 0
vary: Origin

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 7AC4 43 B
177 B 125ms
124ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:08 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 66E2 0
289 B 111ms
111ms Image
text/plain 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGgABWWsX20AAAAIA2FBAw%253D%253D&tt=t.dhj&dhjLcy=1705795448453&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23380&ell=d&cck=__stid&dmn=zona-bermain.com&pn=%2F&qs=na&cc=US&cont=NA&evid=a-OVp0YA9E1_cq-KZ_pf&urls=&rnd=1705795448731&cid=c010&version=1.1268.23380&cc=US&cont=NA&cls=C&repeat=0&htmLcy=119&bcnLcy=114

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Sun, 21 Jan 2024 00:04:08 GMT

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 029C 18 KB
5 KB 301ms
301ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 27E5 15 KB
4 KB 288ms
287ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 3247
expires: Sun, 28 Jan 2024 00:04:08 GMT

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 029C 13 KB
4 KB 55ms
54ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 40129
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c53a8e8d9d5-MIA
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 029C 6 KB
3 KB 265ms
265ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-japan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-china%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20JAPAN%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fpaito-warna-china%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-166684469&@b3:1705795449&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fprediksi-japan%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d238a8cb53d07fbd67edb82e84f4e521be981e8860166541be0371be759ee59

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
x-t: 0.257
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FFMbwCNajbjdmd%2By1ohzi%2BEi8NIUELcMZihI7DfWI4dGwYPbTQyWlbuWiINhMYtJAu%2BeRgg%2Bo6bn0uDD%2FomZjb9s%2F52EmODUAEJh9cXWvZlVAfc4Fb5C8HpS1zSdlGFHI5j5q3KSlf42g0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c539da26dc2-MIA
expires: Sun, 21 Jan 2024 00:04:08 GMT

GET

csx
s.thebrighttag.com/ Frame 7CC9
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=36798
https://s.thebrighttag.com/csx?tp=1YJNAYe

0
0

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame AFDB 85 B
483 B 63ms
63ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134897
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: DAVRmXvmPO4n173MjhN4k4rJ7_lSTzmoTGmXk54gyYKIXVBD5jbHuQ==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame AFDB 766 B
1 KB 62ms
61ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401253
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: tBmxM8EQ8Nj2ACPAPGy6-GLhpEpkL_T34T5yrPzPzTYVJEQlqtz2xg==

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame FC7E 0
0 75ms
74ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=86726
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:09 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: Gs0_XmtX3BcG1S_2N5PeB7Hvpw3WfQKDz0LdNqBWu4JYSV5pcTkbYA==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 68AE 0
0 71ms
70ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=27822
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:09 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: fnVcH4RznOSuxkmNgT7sP4VfXIwzES5w-poUOZDsDtbhwF4Rv9ifgQ==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 9608 43 B
177 B 67ms
67ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:09 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame B9BF
Redirect Chain

https://um.simpli.fi/lj_match?r=36593
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

66ms
66ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:09 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:09 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:09 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 029C 230 B
529 B 33ms
32ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 029C 231 B
530 B 34ms
33ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 27E5 11 KB
5 KB 51ms
50ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39484
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c556bbcd9d5-MIA
content-length: 4547

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 029C 0
570 B 85ms
83ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2Fprediksi-japan%2F&r=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-china%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-japan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-china%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
x-t: 1.28
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JlTDXQLQqdRYDNIO9a88M3lDUKFm5httSe6u9WgGaWaPLtZhQ21npw5XObZKaAmlPyMP95bBFLA106PSL8et92Vq3KMna8%2FP3iqvNzqKVt6TeCn1DMmVUbaMUgi21u5rYQfoapzSVoDWhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 848b4c559dba287a-MIA
expires: Sat, 20 Jan 2024 23:40:26 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 029C 33 KB
11 KB 72ms
71ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-japan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-china%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38450
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: DR1qRDTNmJrNMeozrg0kIQwyRx0X0Qkd2-D_TUrLqYybGzcjvCJvuQ==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 029C 2 KB
3 KB 68ms
68ms Script
application/javascript 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-japan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-china%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

c4425bf79d38f326138bacaa3c55d3b01eb90cd641e3e0f56f88ac721b3902b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:09 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 029C 0
315 B 258ms
257ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=1actuvzbj4&_pv=4&_ls=4&_cc=us&_pl=d&_b=chrome%40120&_cbid=4za5&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-japan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-china%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
x-t: 0.101
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k52Y%2Ff9rFapguyfdgjSSDfqfMxCcOKKf%2BB35MghDaBbC%2FUwT4jqcl7jM23gEJAOGaMshfWhoazSyA%2B7Ot0GPbQtqm%2BIULYBAHlg%2FY986JGlKDQFcDVPib0BP0rLwc9Uif50E8vsChagV8oc%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c559fdf6dc2-MIA
expires: Sun, 21 Jan 2024 00:04:08 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 2B48 0
0 70ms
69ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=9945
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:09 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: JyS-qyyVUhu6kReERLSeIV-L0PIInRaRL0tmYxi0q6xzUlMpbMlhFg==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame 27E5 435 B
570 B 198ms
66ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:108378658&@b3:1705795449&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: bc92016452821960939643e008d184c29fb703819637a5c120994a15dea25451

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:09 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 029C 2 KB
2 KB 68ms
65ms Script
application/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.22058188801678336&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

58627f33bcb7b5ed28675fa89d0a45aa0107bfcbec0b17bd3ffb5ac99b763943

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Sun, 21 Jan 2024 01:04:09 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 029C 42 B
265 B 69ms
67ms Image
image/gif 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-china%2F&event_source=dtscout&rnd=0.22058188801678336&exptid=ZGgABWWsX20AAAAIA2FBAw%3D%3D&fcmp=false

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:09 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 029C 5 KB
2 KB 62ms
60ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2444
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: dpAhVM-OMgOIt6v6sbgZfF-b3xWgmLHEaZ9ZUMtE94P_nLanfGJEMg==

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 029C 167 B
581 B 76ms
75ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:09 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame E707 2 KB
1 KB 65ms
65ms Document
text/html 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.22058188801678336&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sun, 21 Jan 2024 00:04:09 GMT
Expires: Sun, 28 Jan 2024 00:04:09 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2

204

/
loadus.exelator.com/load/ Frame 613D
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=17462
https://loadus.exelator.com/load/?p=204&g=661&j=0

0
324 B

58ms
58ms

Image
text/plain

50.16.197.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=661&j=0
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: H2
Server: 50.16.197.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-197-56.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

Location: https://loadus.exelator.com/load/?p=204&g=661&j=0
Date: Sun, 21 Jan 2024 00:04:09 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 27E5 22 KB
12 KB 51ms
50ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 33292
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c579eb9d9d5-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 27E5 6 KB
3 KB 263ms
263ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:108378658&@b3:1705795449&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 478aa38504fb3b61cb2d3e563aa61ca6370e3cc3e951a5002e0d855b0094d628

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
x-t: 0.232
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ouym9oNSuvcE95wziNrQC0FusrgicTUXsnM9h1Z4cvfWxsSy1nBRDQ%2B5T7LHFaIt%2FkvRKFnwF7ipMVuqUSATz5exF4afcdLl68mAFwp3tBKUd50AVd4ihqwNIpW5%2Fzx1EbNzpr7B%2BoZITzw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c579a406dc2-MIA
expires: Sun, 21 Jan 2024 00:04:08 GMT

GET
H2

204

/
loadus.exelator.com/load/ Frame 83CD
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=95705
https://loadus.exelator.com/load/?p=204&g=661&j=0

0
324 B

62ms
56ms

Image
text/plain

50.16.197.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=661&j=0
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/
Protocol: H2
Server: 50.16.197.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-197-56.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

Location: https://loadus.exelator.com/load/?p=204&g=661&j=0
Date: Sun, 21 Jan 2024 00:04:09 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1268.23380/a/US/ Frame FC5F 19 KB
9 KB 72ms
71ms Script
text/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:09 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8535
Expires: Sun, 28 Jan 2024 00:04:09 GMT

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame 9C91 107 KB
13 KB 257ms
255ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Sun, 28 Jan 2024 00:04:09 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 9C91 227 B
271 B 266ms
262ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Sun, 28 Jan 2024 00:04:09 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 9C91 2 KB
374 B 266ms
262ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Sun, 28 Jan 2024 00:04:09 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 9C91 28 KB
8 KB 266ms
263ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Sun, 28 Jan 2024 00:04:09 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 9C91 3 KB
827 B 268ms
265ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Sun, 28 Jan 2024 00:04:09 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 9C91 86 KB
29 KB 268ms
266ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Sun, 28 Jan 2024 00:04:09 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 9C91 13 KB
5 KB 276ms
274ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Sun, 28 Jan 2024 00:04:09 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 9C91 157 KB
26 KB 38ms
35ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:09 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6370191
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 9C91 30 KB
7 KB 44ms
41ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 4465846
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4c57ebb421d9-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 9C91 21 KB
8 KB 39ms
36ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:09 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4041574
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 9C91 62 KB
16 KB 38ms
36ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:09 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4489639
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 85D7 0
0 71ms
69ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=90148
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:09 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: V6F5zIzdTCgoppmSNQt_dv7dLapTr2SCFkQauua4TUNqp9lf8Ps33Q==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H3 200 7.png
zona-bermain.com/script/ Frame 9C91 24 KB
24 KB 258ms
255ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Sun, 28 Jan 2024 00:04:09 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame 9C91 25 KB
25 KB 269ms
267ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Sun, 28 Jan 2024 00:04:09 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame 9C91 25 KB
25 KB 256ms
255ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:10 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Sun, 28 Jan 2024 00:04:10 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame 9C91 25 KB
25 KB 267ms
267ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:10 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Sun, 28 Jan 2024 00:04:10 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame 9C91 25 KB
25 KB 269ms
267ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:10 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Sun, 28 Jan 2024 00:04:10 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame 9C91 25 KB
25 KB 298ms
292ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:10 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Sun, 28 Jan 2024 00:04:10 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame 9C91 24 KB
24 KB 305ms
299ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:10 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Sun, 28 Jan 2024 00:04:10 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame 9C91 25 KB
25 KB 314ms
308ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:10 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Sun, 28 Jan 2024 00:04:10 GMT

GET
H3 200 5.png
zona-bermain.com/script/ Frame 9C91 25 KB
25 KB 325ms
320ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/5.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5f535c3b2a3e766186afdfcdcc69c61bdabd63853a8a22b30795fa317b28c453

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:10 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25302
expires: Sun, 28 Jan 2024 00:04:10 GMT

GET
H3 200 0.png
zona-bermain.com/script/ Frame 9C91 25 KB
25 KB 333ms
328ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:10 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Sun, 28 Jan 2024 00:04:10 GMT

GET
H/1.1

200
OK

41715
i.liadm.com/s/ Frame B9BF
Redirect Chain

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=15553
https://sync.crwdcntrl.net/qmap?c=12611&tp=LVIN&gdpr=0&d=https://i.liadm.com/s/41715?bidder_id%3D127211&bidder_uuid=$%7Bprofile_id%7D
https://i.liadm.com/s/41715?bidder_id=127211

43 B
748 B

61ms
60ms

Image
image/gif

107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/41715?bidder_id=127211

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

HTTP/1.1

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:09 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:09 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://i.liadm.com/s/41715?bidder_id=127211
cache-control: no-cache
x-server: 10.40.61.154
content-length: 0
expires: 0

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame F059 85 B
483 B 63ms
63ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134898
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: yYqp3-VAV2prgPwzCDkIFv-o0AoHRTVGkMWP3S3iqjkCOZLlD-W5BA==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame 9C91 43 B
182 B 212ms
70ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:10 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 9C91 3 KB
1 KB 342ms
338ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:10 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Sun, 28 Jan 2024 00:04:10 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 9C91 8 KB
2 KB 279ms
272ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:10 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Sun, 28 Jan 2024 00:04:10 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 9C91 6 KB
2 KB 283ms
277ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:10 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Sun, 28 Jan 2024 00:04:10 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 9C91 112 KB
34 KB 284ms
278ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:10 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Sun, 28 Jan 2024 00:04:10 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 9C91 4 KB
2 KB 298ms
291ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:10 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Sun, 28 Jan 2024 00:04:10 GMT

GET
H2

200

sync
thrtle.com/ Frame 7CC9
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
https://idsync.reson8.com/sources/pixel/v1/sync?sourcekey=01CH0ZM0TGKTWGX4FTB1AQA71H&userid=7db4e1ff-29b3-4658-93ec-a54ac0e6cd48
https://thrtle.com/sync?vxii_pid=5017&vxii_pdid=51F3056B8EF2114EAF42108B90F46397

43 B
539 B

60ms
60ms

Image
image/gif

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5017&vxii_pdid=51F3056B8EF2114EAF42108B90F46397
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Sun, 21 Jan 2024 00:04:09 GMT
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:09 GMT
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: policyref=/static/w3c/p3p.xml, CP="DSP NON DEVo PSAo PSDo OUR BUS NAV COM STA UNI"
location: https://thrtle.com/sync?vxii_pid=5017&vxii_pdid=51F3056B8EF2114EAF42108B90F46397
cache-control: max-age=0, no-cache, no-store
cf-ray: 848b4c59ac506dcb-MIA
content-length: 0

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame FC5F 0
289 B 67ms
66ms Image
text/plain 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGgABWWsX20AAAAIA2FBAw%253D%253D&tt=t.dhj&dhjLcy=1705795449431&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23380&ell=d&cck=__stid&dmn=zona-bermain.com&pn=%2Fpaito-warna-china%2F&qs=na&cc=US&cont=NA&evid=VNPVp0YAW4Y51FeIPOy_&urls=&rnd=1705795449687&cid=c010&version=1.1268.23380&cc=US&cont=NA&cls=C&repeat=0&htmLcy=122&bcnLcy=150

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:09 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Sun, 21 Jan 2024 00:04:09 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame F059 766 B
1 KB 60ms
60ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401254
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: k9ObywoQvTRet8Wmo0aQoVmy-wcP3fI213DN8m3JgJ8y2-oVAE69ig==

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 7AC4 43 B
748 B 63ms
63ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=16587

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:09 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 3
Content-Type: image/gif

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 27E5 0
422 B 80ms
78ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
x-t: 0.94
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GDb1%2BTPltzVZQcpDdxP2nxK6lbWEvvWqSwC17VsEts%2Fq7l%2FdxdZOQNo59i9pSPbS5SLzYnurtXVMoVdesclieSweDXEW%2Fo1G7RNiw%2B%2BJKFozk7e06E31V7ByOMVYakscLvz6fWsimPXVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 848b4c597bec287a-MIA
expires: Sat, 20 Jan 2024 23:40:27 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 27E5 33 KB
11 KB 67ms
66ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38450
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: nTaqLsnEko1_MZtqu3wNmlEXDGNsXYWCXnoKfo2HBzMNi4NHbZoWfA==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 27E5 2 KB
3 KB 69ms
68ms Script
application/javascript 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

c4425bf79d38f326138bacaa3c55d3b01eb90cd641e3e0f56f88ac721b3902b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:09 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 27E5 0
288 B 127ms
127ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=3qzb7utbz4&_pv=4&_ls=3&_cc=us&_pl=d&_b=chrome%40120&_cbid=4lmn&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
x-t: 0.198
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jR4N3EVJxi6AnAtE8dQ862jcEHidyWJFZ4LQBUt0%2Bdq4RO%2B%2FOdnCriSIL0iZNZ%2BEmGPoA8LvgVPjoLGvIFXx1dCNwGnBuTvhWGP5wIePHUjdPRqAYJnlHJhA4eOUR2iQO8P9fOow6R%2FYeTw%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c597c426dc2-MIA
expires: Sun, 21 Jan 2024 00:04:08 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 9C91 11 KB
4 KB 53ms
50ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39484
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c59faacd9d5-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
kaptenoleng.com/ Frame 59DF 10 KB
2 KB 286ms
284ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:10 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 9C91 75 KB
76 KB 43ms
43ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 52941
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0169a029d86cd905494d0223eb6c0fce
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4c5a0e21497c-MIA
cdn-requestpullsuccess: True

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 27E5 2 KB
2 KB 66ms
65ms Script
application/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5620668939354307&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

58627f33bcb7b5ed28675fa89d0a45aa0107bfcbec0b17bd3ffb5ac99b763943

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Sun, 21 Jan 2024 01:04:09 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 27E5 42 B
265 B 73ms
73ms Image
image/gif 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fzona-bermain.com%2F&event_source=dtscout&rnd=0.5620668939354307&exptid=ZGgABWWsX20AAAAIA2FBAw%3D%3D&fcmp=false

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:09 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 27E5 5 KB
2 KB 62ms
62ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2444
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: a8Uv_MHZ04a13dlg8MjDSf22QO8G4y7f9PIbWcKSj9HN3gVnsGFQow==

GET
H3

200

/ Show response
zona-bermain.com/generate-bbfs/ Frame 4693
Redirect Chain

https://zona-bermain.com/generate-bbfs
https://zona-bermain.com/generate-bbfs/

96 KB
20 KB

522ms
521ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/generate-bbfs/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

858be89a3ea783d6bfd45ef5655038de9bb3100db6f7eaf5db736280940b71e1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/prediksi-taiwan/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:10 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/155>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=155>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:10 GMT
location: https://zona-bermain.com/generate-bbfs/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame 9C91 436 B
571 B 208ms
68ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20TAIWAN%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fprediksi-japan%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:74118819&@b3:1705795450&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: b40c199ebf849324a001963864b6deffaca618617904dd9c99e5dcec4f29be68

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:10 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 613D 0
140 B 114ms
112ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=64054&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: CCA4842EFC394317919D5620B8A0D2F5 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:10Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXPci4L6OgyjgIfg7g==

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 83CD 0
142 B 80ms
78ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=14724&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 2D86FA94CF65497F9E66844B092DA050 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:10Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXPclSGPhYzbgKLWXw==

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 029C 43 B
177 B 71ms
70ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:10 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 27E5 167 B
580 B 73ms
72ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 3596 2 KB
1 KB 75ms
65ms Document
text/html 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.5620668939354307&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sun, 21 Jan 2024 00:04:10 GMT
Expires: Sun, 28 Jan 2024 00:04:10 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 9608 43 B
748 B 70ms
64ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=50369

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:10 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 5
Content-Type: image/gif

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1268.23380/a/US/ Frame F21A 19 KB
9 KB 75ms
72ms Script
text/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:10 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8535
Expires: Sun, 28 Jan 2024 00:04:10 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame CDDB 0
72 B 71ms
67ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://king.laskar2d.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:10 GMT
content-length: 0
vary: Origin

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 59DF 15 KB
3 KB 287ms
287ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:10 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Sun, 28 Jan 2024 00:04:10 GMT

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 9C91 18 KB
5 KB 255ms
255ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/prediksi-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:10 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Sun, 28 Jan 2024 00:04:10 GMT

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 9C91 13 KB
4 KB 51ms
48ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 40131
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c5c6ec7d9d5-MIA
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 9C91 6 KB
3 KB 262ms
260ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-japan%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPREDIKSI%20TAIWAN%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fprediksi-japan%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:74118819&@b3:1705795450&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78665d0ac40194fb3ee33425f3abc78ea27db05f3a7d16e8e4fd20617870fad2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:10 GMT
x-t: 0.241
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5eP8cMxy3%2BlnqJs7J71Is6r9ObXCF7Ax6%2ByNXQvEpL4UD%2FESW7YWjW3zn0fxE9ZbfUT%2FMrqOktzPFGuWAiwN0icH1n3QYgIhFQ5HXfkFzZC8QZ28oL3Jt44D4HDhUXiATgPCBdePPOmNtaQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c5c6f7a6dc2-MIA
expires: Sun, 21 Jan 2024 00:04:09 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 7AC4 0
142 B 91ms
88ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=62949&pu=https://zona-bermain.com/prediksi-cambodia/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: FF5AE3A1B398442DBF6EAD2DAB766834 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:10Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXPgLPDg/nEyAqonXg==

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame F21A 0
289 B 93ms
92ms Image
text/plain 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGgABWWsX20AAAAIA2FBAw%253D%253D&tt=t.dhj&dhjLcy=1705795450050&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23380&ell=d&cck=__stid&dmn=zona-bermain.com&pn=%2F&qs=na&cc=US&cont=NA&evid=vWPVp0YAFygVvU_5rxdI&urls=&rnd=1705795450289&cid=c010&version=1.1268.23380&cc=US&cont=NA&cls=C&repeat=0&htmLcy=106&bcnLcy=96

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Sun, 21 Jan 2024 00:04:10 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame DEC6 0
72 B 68ms
68ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bolo.treksantuy.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:10 GMT
content-length: 0
vary: Origin

GET
H2

200

sync
thrtle.com/ Frame B9BF
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
https://match.adsrvr.org/track/cmf/generic?ttd_pid=brgeu23&ttd_tpi=1&TTD_PUID=7db4e1ff-29b3-4658-93ec-a54ac0e6cd48
https://thrtle.com/sync?vxii_pid=5015&vxii_pdid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79

43 B
541 B

59ms
59ms

Image
image/gif

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5015&vxii_pdid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Sun, 21 Jan 2024 00:04:10 GMT
content-length: 43
content-type: image/gif

Redirect headers

location: https://thrtle.com/sync?vxii_pid=5015&vxii_pdid=fa46c0a5-b18e-4497-af0b-ad4dc5823d79
date: Sun, 21 Jan 2024 00:04:10 GMT
server: Kestrel
content-length: 199

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 59DF 11 KB
5 KB 47ms
47ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39485
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c5de90ed9d5-MIA
content-length: 4547

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 613D
Redirect Chain

https://um.simpli.fi/lj_match?r=11540
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

68ms
68ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:10 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:10 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 83CD
Redirect Chain

https://um.simpli.fi/lj_match?r=62676
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

69ms
69ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:10 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:10 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 9C91 230 B
529 B 33ms
33ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 9C91 231 B
530 B 33ms
33ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame DE01 0
0 69ms
69ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=48945
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:10 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: -cxUfVyTfTw1toNuhnJy_SQbq4uMqq-26NtV98vPLEgCs2IkV9vjog==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 9C91 0
454 B 79ms
78ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F&r=https%3A%2F%2Fzona-bermain.com%2Fprediksi-japan%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-japan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:10 GMT
x-t: 0.92
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSCdE1Kqg7dIrP9pNhe5XboI7ChGA6fDnD6hmlywWNLeOYuoYDlAmubGMZhRxtPHZSwmp9LjXZUxVvYrav7KljEFa2R89TKQ74X4eC2slXptwNC3u3RzEywVqM3WXL1rnYvO8xnamWu4vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 848b4c5e6c17287a-MIA
expires: Sat, 20 Jan 2024 23:10:22 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 9C91 33 KB
11 KB 67ms
66ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-japan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38451
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: DFbvtgl9iqMXXdMFQVX32Fs4vVXNtBnv9wq67mlFkeS7GfmiPeetkg==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 9C91 2 KB
3 KB 69ms
68ms Script
application/javascript 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-japan%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

c4425bf79d38f326138bacaa3c55d3b01eb90cd641e3e0f56f88ac721b3902b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:10 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 9C91 0
289 B 265ms
265ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=1actuvzbj4&_pv=5&_ls=6&_cc=us&_pl=d&_b=chrome%40120&_cbid=3vt8&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-japan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:10 GMT
x-t: 0.09
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qrOTFiqpQ4VsD7G1wxH4bIFSCnpjBYJiZ%2FceWnVtebxtlrdqH9CmQFbU1oxSq3D5kj7T1xExPXtCHaP0V3IJmddNB%2FYQuJT3cAFtTjlD0tdjb1t9XXz%2BR9LKebOWi7vbRjityIZEw3bgyLo%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c5e69b56dc2-MIA
expires: Sun, 21 Jan 2024 00:04:09 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 9608 0
142 B 77ms
76ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=22209&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:09 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 94206C90567D4AA395A7CEC6647B2BD6 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:10Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXPlTOewceq5VDxRrg==

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame 59DF 435 B
570 B 198ms
66ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-131153494&@b3:1705795451&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: bc92016452821960939643e008d184c29fb703819637a5c120994a15dea25451

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:10 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 27E5 43 B
177 B 68ms
67ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:10 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 9C91 2 KB
2 KB 67ms
66ms Script
application/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.21657788835281022&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

58627f33bcb7b5ed28675fa89d0a45aa0107bfcbec0b17bd3ffb5ac99b763943

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:10 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1364
Expires: Sun, 21 Jan 2024 01:04:10 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 9C91 42 B
265 B 68ms
67ms Image
image/gif 18.224.111.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fzona-bermain.com%2Fprediksi-japan%2F&event_source=dtscout&rnd=0.21657788835281022&exptid=ZGgABWWsX20AAAAIA2FBAw%3D%3D&fcmp=false

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.224.111.247 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-224-111-247.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:10 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 9C91 5 KB
2 KB 62ms
61ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2445
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 2gF1qh5WvqnrJemDFLLBIlAHvPHcwerCmdGzyhwymXbH0uhfUfRZkA==

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 7AC4
Redirect Chain

https://um.simpli.fi/lj_match?r=71217
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

67ms
66ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:10 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:10 GMT

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 9C91 167 B
581 B 70ms
69ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 09CC 2 KB
1 KB 65ms
65ms Document
text/html 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.21657788835281022&stid=ZGgABWWsX20AAAAIA2FBAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Sun, 21 Jan 2024 00:04:10 GMT
Expires: Sun, 28 Jan 2024 00:04:10 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 59DF 22 KB
12 KB 50ms
49ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:10 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 33293
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c602c33d9d5-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 59DF 6 KB
3 KB 258ms
257ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-131153494&@b3:1705795451&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a02230c43ba29adf90f383a2f20ed218cd7f10aa375284a800d5c9ea517c95d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
x-t: 0.202
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TqsArnb7sEPUIDdTFDqtdDbowZODIYIf8c8W6wk%2FBlyTYqYUp6pCL3pDMvuwtWapBgRC3Z39dlexd7EiPWFPyN5rMQx74UIg9NjS2bh6yTnt4rGE5hp5ohQM4jkVaMJFsc6uef%2BrjFVkj14%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c602c046dc2-MIA
expires: Sun, 21 Jan 2024 00:04:10 GMT

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1268.23380/a/US/ Frame 88C9 19 KB
9 KB 72ms
72ms Script
text/javascript 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1268.23380/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:11 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8535
Expires: Sun, 28 Jan 2024 00:04:11 GMT

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame 4693 107 KB
13 KB 258ms
256ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Sun, 28 Jan 2024 00:04:11 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 4693 227 B
271 B 262ms
260ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Sun, 28 Jan 2024 00:04:11 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 4693 2 KB
374 B 263ms
260ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Sun, 28 Jan 2024 00:04:11 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 4693 28 KB
8 KB 263ms
261ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Sun, 28 Jan 2024 00:04:11 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 4693 3 KB
827 B 266ms
263ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Sun, 28 Jan 2024 00:04:11 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 4693 86 KB
29 KB 266ms
264ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Sun, 28 Jan 2024 00:04:11 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 4693 13 KB
5 KB 279ms
277ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Sun, 28 Jan 2024 00:04:11 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 4693 157 KB
26 KB 36ms
33ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:11 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6370192
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 4693 30 KB
7 KB 45ms
43ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 4465848
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4c61387721d9-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 4693 21 KB
8 KB 39ms
37ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:11 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4041576
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 4693 62 KB
16 KB 37ms
35ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:11 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4489640
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 404 jquery-1.10.2.min.js
zona-bermain.com/js/ Frame 4693 0
0 491ms
490ms Script
text/html 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/js/jquery-1.10.2.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
server: LiteSpeed
x-powered-by: PHP/8.2.14
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 7.png
zona-bermain.com/script/ Frame 4693 24 KB
24 KB 276ms
275ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Sun, 28 Jan 2024 00:04:11 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame 4693 25 KB
25 KB 262ms
261ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Sun, 28 Jan 2024 00:04:11 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame 4693 25 KB
25 KB 256ms
255ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Sun, 28 Jan 2024 00:04:11 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame 4693 25 KB
25 KB 303ms
302ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Sun, 28 Jan 2024 00:04:11 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame 4693 25 KB
25 KB 258ms
256ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Sun, 28 Jan 2024 00:04:11 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame 4693 25 KB
25 KB 294ms
292ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Sun, 28 Jan 2024 00:04:11 GMT

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 613D 43 B
748 B 62ms
61ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=35951

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:11 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 71BC 85 B
482 B 62ms
61ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134900
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: cz4mfxLi0z147pUxULlOdZ6SPDepitCLz_DmQ3lIWT_jttQMxPMDoQ==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 83CD 43 B
749 B 77ms
76ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=20473

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:11 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 15
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 7FFA 85 B
482 B 61ms
61ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134900
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: fPIXw1rQfhCr0tS175aaYIDmcT9HHQQ1G_-Jkcp9pXPLQCwUk3LW9A==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 029C 43 B
748 B 68ms
67ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=85053

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:11 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 8
Content-Type: image/gif

GET
H3 200 1.png
zona-bermain.com/script/ Frame 4693 24 KB
24 KB 295ms
293ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Sun, 28 Jan 2024 00:04:11 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame 4693 25 KB
25 KB 295ms
293ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Sun, 28 Jan 2024 00:04:11 GMT

GET
H3 200 5.png
zona-bermain.com/script/ Frame 4693 25 KB
25 KB 297ms
295ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/5.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5f535c3b2a3e766186afdfcdcc69c61bdabd63853a8a22b30795fa317b28c453

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25302
expires: Sun, 28 Jan 2024 00:04:11 GMT

GET
H3 200 0.png
zona-bermain.com/script/ Frame 4693 25 KB
25 KB 299ms
297ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Sun, 28 Jan 2024 00:04:11 GMT

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 88C9 0
289 B 66ms
66ms Image
text/plain 23.44.203.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGgABWWsX20AAAAIA2FBAw%253D%253D&tt=t.dhj&dhjLcy=1705795450849&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23380&ell=d&cck=__stid&dmn=zona-bermain.com&pn=%2Fprediksi-japan%2F&qs=na&cc=US&cont=NA&evid=KjPVp0YAKH3s5OS2ZKTG&urls=&rnd=1705795451084&cid=c010&version=1.1268.23380&cc=US&cont=NA&cls=C&repeat=0&htmLcy=88&bcnLcy=124

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.44.203.90 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-44-203-90.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23380&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:11 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Sun, 21 Jan 2024 00:04:11 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 9608
Redirect Chain

https://um.simpli.fi/lj_match?r=50115
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

87ms
87ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:11 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:11 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 71BC 766 B
1 KB 61ms
61ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401256
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: o6eh7z1Y4uuw5LJYPrugKJNq9pLWaGGd75VnToqSkvvN3JssxXEHWg==

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 7FFA 766 B
1 KB 62ms
61ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401256
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: NVfboI9cZJEpe9SzJ23A8dticrOA7TJPMKUM2vec0Vzp_yP5WOvDyQ==

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame 4693 43 B
182 B 199ms
66ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:11 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 4693 3 KB
1 KB 292ms
291ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Sun, 28 Jan 2024 00:04:11 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 4693 8 KB
2 KB 264ms
261ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Sun, 28 Jan 2024 00:04:11 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 4693 6 KB
2 KB 264ms
261ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Sun, 28 Jan 2024 00:04:11 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 4693 112 KB
34 KB 346ms
343ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Sun, 28 Jan 2024 00:04:11 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 4693 4 KB
2 KB 277ms
275ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Sun, 28 Jan 2024 00:04:11 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 59DF 0
439 B 81ms
79ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
x-t: 0.81
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MEocKfjFtAAMhNrkdV9YiOdperWc%2BtGQ%2BWIioIdsFTM9pDgYMwbN0W7pCxIFhJ0wT2TyrG3pemWncfp3D6SWJ%2FAn7LwiTtQOWf7HwKLvskY9A8Qmt2OnUhK852uYQvhCleAdNMgGXxtKZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 848b4c622adf287a-MIA
expires: Sat, 20 Jan 2024 21:44:01 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 59DF 33 KB
11 KB 68ms
66ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38452
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: lVAbSa89JwykmxjroD9J5z5hRodkrSJhrxoW0e4pBO4pV3wZUk4BUg==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 59DF 0
378 B 264ms
262ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=3qzb7utbz4&_pv=5&_ls=4&_cc=us&_pl=d&_b=chrome%40120&_cbid=48tm&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
x-t: 0.103
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XaZCdaICmuOK6VQfeEWtKLPeLmN4BZtngU%2B7mz7FZK%2FG69da7PIgAT8fZvpYQe4XrguguSRQA1QYfOkQk%2B5aPTNViJZhzT6M5rC%2BTFI%2FrjbYL78t1xt5ULaU3CIPvsXOSQZr57EQLmtkb08%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c622e946dc2-MIA
expires: Sun, 21 Jan 2024 00:04:10 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 6071 0
0 70ms
69ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=4116
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:11 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: NmNk5C5Fb8OPD7zdGIeGLujFe7Hlrj2P3Gk3-DjTEPUSLiLjjvZWww==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 59DF 5 KB
2 KB 62ms
60ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2446
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: dkEtAg93nlYQG-FDv2M6xfGKXSXH0sH7SoSrY2vFnwxuOwpwMYbR3g==

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 7AC4 43 B
748 B 64ms
63ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=52630

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:11 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 3
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame EBA9 85 B
482 B 61ms
61ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134900
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: J7qfGFn8MLPguHcpDfj0YybYoy9LJmSwcOxZUP7FFZ8W911QgsbG_g==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame EBA9 766 B
1 KB 64ms
63ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401256
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: fYWHfBJBK5o5LRFXChbQ8Aufv6ZAIpH-fDU3V6ZnOEMNqP8S_fNRGg==

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 59DF 167 B
580 B 67ms
67ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 9C91 43 B
177 B 71ms
71ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:11 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 029C 0
142 B 77ms
76ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=96353&pu=https://zona-bermain.com/paito-warna-china/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:10 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 268ED65CBB89465BBE6FF414D8D1DA03 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXP0LDYrEdzIE/CY4w==

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 4693 11 KB
5 KB 44ms
43ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39486
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c649b45d9d5-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
kaptenoleng.com/ Frame C491 10 KB
2 KB 280ms
280ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:11 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 4693 75 KB
76 KB 40ms
40ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 52943
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0169a029d86cd905494d0223eb6c0fce
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4c64ac89497c-MIA
cdn-requestpullsuccess: True

GET
H3

200

/ Show response
zona-bermain.com/live-china/ Frame 5945
Redirect Chain

https://zona-bermain.com/live-china
https://zona-bermain.com/live-china/

94 KB
20 KB

575ms
574ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/live-china/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

19f1c7426b80f7645ee2665683d160a64d5ae115b427112473021d04c2fad3b1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/generate-bbfs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:12 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/274>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=274>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:12 GMT
location: https://zona-bermain.com/live-china/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 9608 43 B
748 B 62ms
62ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=77790

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:11 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 874B 85 B
482 B 61ms
60ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134900
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: dC66lJtmw6CinOGseujzoZgShU5iahDmq2LDLWYqq3BmIdsWfWRhtQ==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame 4693 436 B
571 B 203ms
68ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mGENERATOR%20BBFS%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-106169236&@b3:1705795452&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: b40c199ebf849324a001963864b6deffaca618617904dd9c99e5dcec4f29be68

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:11 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 4693 18 KB
5 KB 256ms
255ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Sun, 28 Jan 2024 00:04:11 GMT

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 27E5 43 B
748 B 62ms
62ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=12266

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:11 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 874B 766 B
1 KB 62ms
61ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401256
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: WoEB_J49jqp052tF7LjsO1t5hNs8pDjx9dLp3d1ksh8gYMZSLaYvcg==

GET
H2

200

sync
thrtle.com/ Frame 613D
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
https://cms.analytics.yahoo.com/cms?partner_id=THROTLE
https://ups.analytics.yahoo.com/ups/58691/cms?partner_id=THROTLE
https://thrtle.com/sync?vxii_pid=5038&vxii_pdid=y-lzxAIbNE2oT7VWT5C0g.O0B07MeVhuxvE5VKtg--~A

43 B
543 B

60ms
60ms

Image
image/gif

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5038&vxii_pdid=y-lzxAIbNE2oT7VWT5C0g.O0B07MeVhuxvE5VKtg--~A
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Sun, 21 Jan 2024 00:04:12 GMT
content-length: 43
content-type: image/gif

Redirect headers

location: https://thrtle.com/sync?vxii_pid=5038&vxii_pdid=y-lzxAIbNE2oT7VWT5C0g.O0B07MeVhuxvE5VKtg--~A
date: Sun, 21 Jan 2024 00:04:11 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sync
thrtle.com/ Frame 83CD
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
https://cms.analytics.yahoo.com/cms?partner_id=THROTLE
https://ups.analytics.yahoo.com/ups/58691/cms?partner_id=THROTLE
https://thrtle.com/sync?vxii_pid=5038&vxii_pdid=y-lzxAIbNE2oT7VWT5C0g.O0B07MeVhuxvE5VKtg--~A
https://pixel-sync.sitescout.com/connectors/throtle/usersync?redir=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5026%26vxii_pdid%3D%7BuserId%7D%26vxii_ts%3D14%26_t%3D1705795452
https://thrtle.com/sync?vxii_pid=5026&vxii_pdid=49c0b9de-e1d3-49be-9005-72cadc6c3c81-65ac5f77-5553&vxii_ts=14&_t=1705795452

43 B
542 B

61ms
60ms

Image
image/gif

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5026&vxii_pdid=49c0b9de-e1d3-49be-9005-72cadc6c3c81-65ac5f77-5553&vxii_ts=14&_t=1705795452
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-cambodia/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Sun, 21 Jan 2024 00:04:12 GMT
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:11 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://thrtle.com/sync?vxii_pid=5026&vxii_pdid=49c0b9de-e1d3-49be-9005-72cadc6c3c81-65ac5f77-5553&vxii_ts=14&_t=1705795452
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame C491 15 KB
3 KB 287ms
287ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:12 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Sun, 28 Jan 2024 00:04:12 GMT

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 4693 13 KB
4 KB 64ms
63ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 40132
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c66ce1fd9d5-MIA
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 4693 6 KB
3 KB 266ms
266ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mGENERATOR%20BBFS%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-106169236&@b3:1705795452&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a985beadac8b7f43837b157e4c219376f272f59ba48584b069f5b4676c53a45

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:12 GMT
x-t: 0.214
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DdtIkfp0MYexw1QeHANnvbshv66qQeHYlmsH0MLGZ%2BrV%2BfK8DTOnNDktHuok3CXUib%2FYr0wLqEOso7IeuptxPfA3QVuY0VuflrbcIoGco%2Fa17%2BrZixvMCRDSun7pOqClOJYYgJLC6uPyOM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c66cd686dc2-MIA
expires: Sun, 21 Jan 2024 00:04:11 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 55FB 0
0 69ms
69ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=25574
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:12 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: kvhMAuy4qMKprUZVn1RI4jKaCxNtIthrTSVfFaFIvsqPrP1TGp7-hw==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 4693 230 B
529 B 34ms
33ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 4693 231 B
530 B 34ms
33ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 59DF 43 B
177 B 69ms
69ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:12 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 029C
Redirect Chain

https://um.simpli.fi/lj_match?r=57840
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

67ms
66ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:12 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:12 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:12 GMT

GET
H2

204

sync
thrtle.com/ Frame 7AC4
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
https://pixel-sync.sitescout.com/connectors/throtle/usersync?redir=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5026%26vxii_pdid%3D%7BuserId%7D%26vxii_ts%3D14%26_t%3D1705795452%26_reach%3D1
https://thrtle.com/sync?vxii_pid=5026&vxii_pdid=49c0b9de-e1d3-49be-9005-72cadc6c3c81-65ac5f77-5553&vxii_ts=14&_t=1705795452&_reach=1

0
468 B

59ms
59ms

Image
text/plain

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5026&vxii_pdid=49c0b9de-e1d3-49be-9005-72cadc6c3c81-65ac5f77-5553&vxii_ts=14&_t=1705795452&_reach=1
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:12 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:11 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://thrtle.com/sync?vxii_pid=5026&vxii_pdid=49c0b9de-e1d3-49be-9005-72cadc6c3c81-65ac5f77-5553&vxii_ts=14&_t=1705795452&_reach=1
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame C491 11 KB
5 KB 48ms
47ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39487
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c68888dd9d5-MIA
content-length: 4547

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 4693 0
455 B 78ms
77ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F&r=https%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:12 GMT
x-t: 1.39
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vVyaUqXTzEcy8HQzeeoD49LEXq6xY1c1v4fafWrQG04qvwTeTRpoMdjaI5kT8QWz66akrz8E%2FNxeMPDOTWsAv3YInGKtNGYkNGC4Z5XzjFx67KSu4Qzf3D2wS2tc0h4NUbqzcBzjGQEzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 848b4c68cf06287a-MIA
expires: Sun, 21 Jan 2024 00:01:59 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 4693 33 KB
11 KB 69ms
68ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38453
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: sWjZgRz4ELjq3GPD1t5HhUhdarKRnUP10tkMsWGySETVS_LshbE_yg==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 4693 0
280 B 261ms
260ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=1actuvzbj4&_pv=6&_ls=7&_cc=us&_pl=d&_b=chrome%40120&_cbid=29x1&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F&j=https%3A%2F%2Fzona-bermain.com%2Fprediksi-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:12 GMT
x-t: 0.099
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5cLCY9Rm5iWOVsBWi34EYwUhcRmx103zOqgM86BlDC6rO8qmPJVG7QBLttQqi2RTf7h1GKkM2T84rifSmWvBuAxJEcaX70pLhWZaIirfZxop4kzSVtUlVrlV6MvSMWSLX7IrdTiqcCwDOhQ%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c68c8276dc2-MIA
expires: Sun, 21 Jan 2024 00:04:11 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 27E5 0
141 B 90ms
89ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=67712&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:11 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 4286B8CAA4F64062883E8C44B4CE65A6 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:12Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXP/H/hYJGt83gSutw==

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame A954 0
72 B 69ms
68ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rtx.dudasoleh.lol/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:12 GMT
content-length: 0
vary: Origin

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame C491 434 B
569 B 205ms
67ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-62662416&@b3:1705795452&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: c8711e7fec7fc7124b43cc2cc5f6594852be5ea8548fa99b37ae4d91a1b3d4c5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:12 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 4693 5 KB
2 KB 63ms
62ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2447
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: gAI1drimPRWi2-cMcvNxX2HHmg9FN2nEZBoAgE5SNIUZPrmrNsDY4Q==

GET
H2

204

sync
thrtle.com/ Frame 9608
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
https://sync.crwdcntrl.net/map/c=10835/tp=ALCT/tpid=/gdpr=0/gdpr_consent=?https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5003%26vxii_pdid%3D%24%7Bprofile_id%7D%26vxii_ts%3D16%26_t%3D1705795452%26_rea...
https://thrtle.com/sync?vxii_pid=5003&vxii_pdid=ab64fa0e90b9b1997c07960e3f815611&vxii_ts=16&_t=1705795452&_reach=1

0
468 B

60ms
59ms

Image
text/plain

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5003&vxii_pdid=ab64fa0e90b9b1997c07960e3f815611&vxii_ts=16&_t=1705795452&_reach=1
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-china/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:12 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:12 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://thrtle.com/sync?vxii_pid=5003&vxii_pdid=ab64fa0e90b9b1997c07960e3f815611&vxii_ts=16&_t=1705795452&_reach=1
cache-control: no-cache
x-server: 10.40.58.104
content-length: 0
expires: 0

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 4693 167 B
581 B 66ms
66ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:12 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 9C91 43 B
748 B 62ms
61ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=42388

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:12 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame C491 22 KB
12 KB 47ms
46ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 33295
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c6acbb8d9d5-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame C491 6 KB
3 KB 260ms
260ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-62662416&@b3:1705795452&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97905a741cdb2fabb520b4a74056fbf405a508109b91da2f9fed2b4fdd5664b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:12 GMT
x-t: 0.239
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V1uG5vo05KxuAZ9M8GJsVF3XRp08uKrsIkwzccuxrJtObdOWadvvOhhgb9YC7tBa5jceOCNYxbL58Nf1GDArZFnxuLNMGWCfVFWWppWZ%2Fk7MU4dFvduUkD1ACbo04FaOEhiYgoNIqlOl2Vw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c6abad26dc2-MIA
expires: Sun, 21 Jan 2024 00:04:11 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 66FC 0
0 70ms
69ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=53469
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:12 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: rWzeyRtkPT3nrW576951RMvrZgmOqPlN8DFFAPGel7JC-Krtam68ow==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 029C 43 B
748 B 62ms
61ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=18217

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:12 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 3333 85 B
480 B 61ms
60ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134901
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: 2iLw8cir6Ti1a3mSuBdDtmnQz5vGyWEr_9L4mOLsdl0Fd05Kgo34Sg==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 3333 766 B
1 KB 61ms
60ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401257
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: l8Y4O7gPngbSo3mEHrZwdwW8MtCDFfO1wnXi5NkGGGgOooIpOnXUbg==

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame 5945 107 KB
13 KB 264ms
263ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:12 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Sun, 28 Jan 2024 00:04:12 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 5945 227 B
271 B 269ms
267ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:12 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Sun, 28 Jan 2024 00:04:12 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 5945 2 KB
374 B 270ms
267ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:12 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Sun, 28 Jan 2024 00:04:12 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 5945 28 KB
8 KB 270ms
268ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:12 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Sun, 28 Jan 2024 00:04:12 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 5945 3 KB
827 B 291ms
289ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:12 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Sun, 28 Jan 2024 00:04:12 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 5945 86 KB
29 KB 291ms
289ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:12 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Sun, 28 Jan 2024 00:04:12 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 5945 13 KB
5 KB 292ms
290ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:12 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Sun, 28 Jan 2024 00:04:12 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 5945 157 KB
26 KB 35ms
33ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:12 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6370194
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 5945 30 KB
7 KB 43ms
42ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 4465849
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4c6bb91c21d9-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 5945 21 KB
8 KB 37ms
36ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:12 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4041578
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 5945 62 KB
16 KB 37ms
36ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:12 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4489642
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 7.png
zona-bermain.com/script/ Frame 5945 24 KB
24 KB 260ms
260ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:12 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Sun, 28 Jan 2024 00:04:12 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame 5945 25 KB
25 KB 262ms
262ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:12 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Sun, 28 Jan 2024 00:04:12 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame 5945 25 KB
25 KB 256ms
255ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:13 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Sun, 28 Jan 2024 00:04:13 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame 5945 25 KB
25 KB 265ms
264ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:13 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Sun, 28 Jan 2024 00:04:13 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame 5945 25 KB
25 KB 259ms
255ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:13 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Sun, 28 Jan 2024 00:04:13 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame 5945 25 KB
25 KB 268ms
263ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:13 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Sun, 28 Jan 2024 00:04:13 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame 5945 24 KB
24 KB 460ms
455ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:13 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Sun, 28 Jan 2024 00:04:13 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame 5945 25 KB
25 KB 462ms
457ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:13 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Sun, 28 Jan 2024 00:04:13 GMT

GET
H3 200 5.png
zona-bermain.com/script/ Frame 5945 25 KB
25 KB 463ms
459ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/5.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5f535c3b2a3e766186afdfcdcc69c61bdabd63853a8a22b30795fa317b28c453

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:13 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25302
expires: Sun, 28 Jan 2024 00:04:13 GMT

GET
H3 200 0.png
zona-bermain.com/script/ Frame 5945 25 KB
25 KB 462ms
459ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:13 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Sun, 28 Jan 2024 00:04:13 GMT

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame 5945 43 B
182 B 199ms
66ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:13 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 5945 3 KB
1 KB 337ms
336ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:13 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Sun, 28 Jan 2024 00:04:13 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 5945 8 KB
2 KB 268ms
262ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:13 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Sun, 28 Jan 2024 00:04:13 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 5945 6 KB
2 KB 268ms
262ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:13 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Sun, 28 Jan 2024 00:04:13 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 5945 112 KB
34 KB 270ms
265ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:13 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Sun, 28 Jan 2024 00:04:13 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 5945 4 KB
2 KB 458ms
453ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:13 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Sun, 28 Jan 2024 00:04:13 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 27E5
Redirect Chain

https://um.simpli.fi/lj_match?r=37396
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

68ms
67ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:12 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:12 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:12 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame C491 0
297 B 81ms
79ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:12 GMT
x-t: 1.03
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=df%2BwT0w594e4L2jDTM2laW2s36xG%2FAn8K8ReDRQWfqugX%2FD2VB3n%2F2UdrfEuP1HGCwPdaIQV8oBkDxp%2Bcq8HZv7Lf%2B%2BbM%2FoAZs%2FrIDGhnKX%2FPK41lnLkrSuss3xS9ZlSiwRd%2BFhmEldX5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 848b4c6c9dc7287a-MIA
expires: Sun, 21 Jan 2024 00:01:59 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame C491 33 KB
11 KB 68ms
67ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38453
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: ONhu2fULqF8kMZbdpBAaLU3H5jluSaG7ndbP5UljS0dKijXmehdGOw==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame C491 0
330 B 258ms
257ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=3qzb7utbz4&_pv=6&_ls=6&_cc=us&_pl=d&_b=chrome%40120&_cbid=6e8h&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:13 GMT
x-t: 0.092
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdsSF%2FKcqxy4WQsooycLJbr7JoW223I6E9pXlFy%2B39ff3B128dRIHlViHtraLsrTF7cjwJfg01rIvVMimtumTwB3mBYBCMxS66ruxmwOJGyB6zCojK%2F1jAw6wWxwf1iSJyYuz%2F59sWEWmj8%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c6c9d5a6dc2-MIA
expires: Sun, 21 Jan 2024 00:04:12 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame C491 5 KB
2 KB 62ms
62ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2448
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: jOgcUAspRvlAWqBH5hV2dvklbzcAS5_nA3fc_KmXSJTMJQpdqYbBMA==

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 9C91 0
142 B 80ms
79ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=51331&pu=https://zona-bermain.com/prediksi-japan/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:12 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: B66E03F38AE14C2D82A21751CEF493BC Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:13Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXQK0lcjXNUYqkdPsw==

GET
H2 200 livechina.php Show response
w1.bungaprediction.com/ Frame 830B 855 B
791 B 1659ms
327ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://w1.bungaprediction.com/livechina.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/8.1.27

Resource Hash

6da55789d39fc24c0fcef28e6fca1f32988c00cb0aadab8df57a5ee3395f8830

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 415
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:14 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.27

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 5945 75 KB
76 KB 44ms
44ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 52945
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0169a029d86cd905494d0223eb6c0fce
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4c6e0aeb497c-MIA
cdn-requestpullsuccess: True

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 5945 11 KB
5 KB 45ms
45ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39488
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c6e1854d9d5-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
kaptenoleng.com/ Frame 1D26 10 KB
2 KB 281ms
280ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:13 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 59DF 43 B
748 B 66ms
65ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=92271

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:13 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 5
Content-Type: image/gif

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame C491 167 B
580 B 67ms
66ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:13 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H3

200

/ Show response
zona-bermain.com/live-sydney/ Frame D4AA
Redirect Chain

https://zona-bermain.com/live-sydney
https://zona-bermain.com/live-sydney/

95 KB
20 KB

559ms
558ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/live-sydney/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

e28e015eeb5054af0819dfc34a2b778dfb1dd67d04d939e431c59c154cd8cd12

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/live-china/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:14 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/249>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=249>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:13 GMT
location: https://zona-bermain.com/live-sydney/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 4693 43 B
177 B 67ms
67ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:13 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 12FE 0
72 B 68ms
68ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://markas-prediktor.info/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:13 GMT
content-length: 0
vary: Origin

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame 5945 436 B
571 B 204ms
67ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLIVE%20CHINA%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:76048698&@b3:1705795453&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Flive-china%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: b40c199ebf849324a001963864b6deffaca618617904dd9c99e5dcec4f29be68

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:13 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 27E5 43 B
749 B 73ms
72ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=23412

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:13 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 12
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 7707 85 B
483 B 63ms
62ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134902
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: SmKHSLLzx7RvEFlC8zA8NL5CAPsnXSs20_4w-l4L7yJS3BNJF0XuhQ==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 1D26 15 KB
3 KB 290ms
289ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:13 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Sun, 28 Jan 2024 00:04:13 GMT

GET
H2

204

sync
nlsn.thrtle.com/ Frame 029C
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
https://thrtl.redinuid.imrworldwide.com/thrtl?url=https%3A%2F%2Fnlsn.thrtle.com%2Fsync%3Fvxii_pid%3D5036%26vxii_ts%3D18%26_reach%3D1
https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=9c335d30-b7f0-11ee-ab35-159b86e69bdf

0
469 B

94ms
60ms

Image
text/plain

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=9c335d30-b7f0-11ee-ab35-159b86e69bdf
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:13 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

Redirect headers

location: https://nlsn.thrtle.com/sync?vxii_pid=5036&vxii_ts=18&_reach=1&puid=9c335d30-b7f0-11ee-ab35-159b86e69bdf
date: Sun, 21 Jan 2024 00:04:13 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
content-length: 0

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 7707 766 B
1 KB 62ms
62ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401258
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: Lla-OfUiIy0ID67qC_YU_ynA8WG9rqKDionjKc38xfNAD6hqJ3CMVw==

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 5945 13 KB
4 KB 46ms
45ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 40134
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c709c57d9d5-MIA
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 5945 6 KB
3 KB 260ms
259ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Flive-china%2F&j=https%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLIVE%20CHINA%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:76048698&@b3:1705795453&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Flive-china%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7d7587027d68dc9103d5e5dd4154cad74effffdbacb4bb835d46818756e928e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:13 GMT
x-t: 0.213
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nq9RjNjt11Jja5SEg5v4Y4eNo0rAy9Y47F2DVi4hKXJ8w82NAlSuhbTNOSe0bHJqEwcTMmMuxNbgE4pNoUEFWAXk%2BWjU7C8kLd%2F3h0seC7NxyRt6UBcTqJ1EsMErcxm0tgGRWBWK3lIb%2BZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c709ac56dc2-MIA
expires: Sun, 21 Jan 2024 00:04:12 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 2D22 0
72 B 69ms
68ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://raja.hoki2d.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:13 GMT
content-length: 0
vary: Origin

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 9C91
Redirect Chain

https://um.simpli.fi/lj_match?r=17151
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

70ms
68ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:13 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:13 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:13 GMT

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 5945 18 KB
5 KB 257ms
257ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-china/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:13 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Sun, 28 Jan 2024 00:04:13 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 59DF 0
141 B 77ms
77ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=98220&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:12 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 52636B5100D24AE09441BC32AD653A84 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:13Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXQTd6RNRBIegaJd0w==

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 186F 0
0 70ms
69ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=97383
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:13 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: 01tLoH3W0IgQNnpwCENg5VOmRqnDzZMGZQCaDi3PT2g3up3Wu4ze3g==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 1D26 11 KB
4 KB 46ms
46ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39488
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c720f04d9d5-MIA
content-length: 4547

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame C491 43 B
177 B 68ms
67ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:13 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 5945 0
561 B 85ms
84ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2Flive-china%2F&r=https%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Flive-china%2F&j=https%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:13 GMT
x-t: 1.28
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qBTEOMGTeJv%2Bvxw3TxxkdOSP9GcS%2Fg3UJ26ZhpDyMSR5qhebikEYnQueCOLt89%2F0qSCVPs4nHe6mdPRieqD1AM5JX2btfywzmwBcL84EDqzJ5wgI4M%2FA%2BtnXx1uvNwhp8H7uzV4kD4bcFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 848b4c727927287a-MIA
expires: Sat, 20 Jan 2024 23:10:25 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 5945 33 KB
11 KB 66ms
66ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Flive-china%2F&j=https%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38454
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: DLAg7GIGBv0Ec4kYS2lSM_B7-g2Aj-knJKx1Jsmx3HYbW8dI9LmSag==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 5945 0
340 B 261ms
260ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=1actuvzbj4&_pv=7&_ls=9&_cc=us&_pl=d&_b=chrome%40120&_cbid=39mj&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Flive-china%2F&j=https%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
x-t: 0.082
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9z1Z6SgDmrmOITjaRqb5C%2BeYk5KrNWSfk6P1m5iAlsp4ckVsvbh0uuk8qLIVTUpw0%2Bw3fy4xwnlT1qV5TCVqtECqYpqzzLIoSsu9YwAXfA3gfDggK%2B%2F99HGjSIvWgKPKD%2BjGle9MVPScCyc%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c727cc16dc2-MIA
expires: Sun, 21 Jan 2024 00:04:13 GMT

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame 1D26 434 B
569 B 208ms
69ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-134518592&@b3:1705795454&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: c8711e7fec7fc7124b43cc2cc5f6594852be5ea8548fa99b37ae4d91a1b3d4c5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:14 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 5945 230 B
529 B 34ms
33ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 5945 231 B
530 B 34ms
33ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 5945 5 KB
2 KB 62ms
61ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2448
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: hhEhPO8uakXLVh9pkZEXCr0wxl9-kN9nJLLztuZZxPfmrxJj1fhHhA==

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 5945 167 B
581 B 66ms
65ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:14 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 1D26 22 KB
12 KB 46ms
45ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 33297
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c745a7ed9d5-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 1D26 6 KB
3 KB 260ms
259ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-134518592&@b3:1705795454&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa8c7373d2f717b45fde2355d085cdc33d70c08d5e5672a67b29a11b2935ad68

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
x-t: 0.228
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vrb55bvhzpRqVkknd7kJOpIFm%2BuZkvMKI6HjJoaKvX5V9Ubs7iDtjY6ydfawv%2BT%2Bx5SgFIYPjdT6Jb5zlprrGkBPQnQ02bodSQ8d0YnlkH39pgU05eC1R8hGTvt%2F6ZLpQTyAJdtfFYMWs50%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c745eae6dc2-MIA
expires: Sun, 21 Jan 2024 00:04:13 GMT

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 9C91 43 B
748 B 62ms
61ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=82985

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:14 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame B4B2 85 B
483 B 62ms
61ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134903
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: eglYryJKjhOTxevz_3UFRrJyK-Zsj8czjGwnThJt1_NpNjOPLR7eng==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 59DF
Redirect Chain

https://um.simpli.fi/lj_match?r=53193
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

69ms
68ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:14 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:14 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:14 GMT

GET
H2

200

sync
thrtle.com/ Frame 27E5
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
https://loadm.exelator.com/load/?p=204&g=1133&j=0
https://loadm.exelator.com/load/?p=204&g=1133&j=0&xl8blockcheck=1
https://thrtle.com/sync?vxii_pid=5007&vxii_pdid=561b135810ef8614dae49e16cd8ed3c1

43 B
546 B

59ms
59ms

Image
image/gif

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5007&vxii_pdid=561b135810ef8614dae49e16cd8ed3c1
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-japan/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Sun, 21 Jan 2024 00:04:14 GMT
content-length: 43
content-type: image/gif

Redirect headers

date: Sun, 21 Jan 2024 00:04:14 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://thrtle.com/sync?vxii_pid=5007&vxii_pdid=561b135810ef8614dae49e16cd8ed3c1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame D4AA 107 KB
13 KB 256ms
255ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame D4AA 227 B
271 B 264ms
262ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame D4AA 2 KB
374 B 265ms
263ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame D4AA 28 KB
8 KB 266ms
264ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame D4AA 3 KB
827 B 268ms
266ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame D4AA 86 KB
29 KB 268ms
267ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame D4AA 13 KB
5 KB 276ms
275ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame D4AA 157 KB
26 KB 34ms
32ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:14 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6370195
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame D4AA 30 KB
7 KB 52ms
51ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 4465851
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4c751e2f21d9-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame D4AA 21 KB
8 KB 35ms
34ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:14 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4041579
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame D4AA 62 KB
16 KB 35ms
34ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:14 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4489643
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame B4B2 766 B
1 KB 62ms
62ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401259
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: YEJft1A-bTn6tL1ZpxF2ju_ayrC6yGa6BMjLcO3erUZvCWfBBjKg-Q==

GET
H3 200 7.png
zona-bermain.com/script/ Frame D4AA 24 KB
24 KB 256ms
255ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame D4AA 25 KB
25 KB 266ms
265ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame D4AA 25 KB
25 KB 255ms
255ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame D4AA 25 KB
25 KB 258ms
258ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame D4AA 25 KB
25 KB 257ms
255ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame D4AA 25 KB
25 KB 284ms
279ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame D4AA 24 KB
24 KB 294ms
290ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame D4AA 25 KB
25 KB 304ms
301ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 5.png
zona-bermain.com/script/ Frame D4AA 25 KB
25 KB 315ms
312ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/5.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5f535c3b2a3e766186afdfcdcc69c61bdabd63853a8a22b30795fa317b28c453

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25302
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 0.png
zona-bermain.com/script/ Frame D4AA 25 KB
25 KB 326ms
322ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 4693 43 B
748 B 62ms
61ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=23305

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:14 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 76DB 0
0 71ms
71ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=63792
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:14 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: 2b3kuwrbQyesel-pFtGSHnw1GFgMivkuJNJC4UwGb6Brr1LS8N1KXA==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame D4AA 43 B
182 B 204ms
67ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:14 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame D4AA 3 KB
1 KB 334ms
331ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame D4AA 8 KB
2 KB 267ms
263ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame D4AA 6 KB
2 KB 269ms
265ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame D4AA 112 KB
34 KB 269ms
265ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame D4AA 4 KB
2 KB 283ms
279ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 1D26 0
454 B 86ms
85ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
x-t: 1.15
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8XuPTGzzLBnlajNijWws17bt6FMUCWtOst6Y7NQQkkj6b97laIbILvTto3dLhDIF6k9VXIUVrJkMCh2PxE8mpoAxWscA71JQcU8BeKiW1wU6e7LVvnrsZFsQYZoydZvJjyV4awrI3BpIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 848b4c765ff6287a-MIA
expires: Sun, 21 Jan 2024 00:04:45 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 1D26 33 KB
11 KB 67ms
66ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38455
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: 0tTu_22o72AD9HxkrlkfZlecRlIRBd-gKLKiyObk74tzidNr1qzJDQ==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 1D26 0
301 B 261ms
260ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=3qzb7utbz4&_pv=7&_ls=7&_cc=us&_pl=d&_b=chrome%40120&_cbid=6gqy&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
x-t: 0.08
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CdTKcKil6dNHEaNJ1u9CKwASnlfAYRP382H4xKzW3pcoR8giq2%2FJuoKRCOBPCVFeqc2UYrSp4nVXDoynHy7YGOgPJ2YSc5Bxl%2FXEUzAgErKDACBd9Tok7dcdjYXGvnF5ftpb%2BlBl8e%2FpZA%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c7669966dc2-MIA
expires: Sun, 21 Jan 2024 00:04:13 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 1D26 5 KB
2 KB 65ms
64ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2449
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: yAX-qCKsPQarNfs3vdM-jK1BnOXpCnhmEhjruj1p042ywePQeNX7lw==

GET
H2 200 livesydney.php Show response
w1.bungaprediction.com/ Frame 7D6E 1 KB
558 B 330ms
328ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://w1.bungaprediction.com/livesydney.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/8.1.27

Resource Hash

6103421bd04418c028aca18be8a8bdcdec1a4adb5ddf55d4df7b1a1b8091cfb2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 515
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:14 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.27

GET
H3 200 3.png
zona-bermain.com/script/ Frame D4AA 25 KB
25 KB 333ms
331ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame D4AA 25 KB
25 KB 343ms
341ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame D4AA 25 KB
25 KB 354ms
352ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame D4AA 75 KB
76 KB 41ms
41ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 52946
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0169a029d86cd905494d0223eb6c0fce
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4c777816497c-MIA
cdn-requestpullsuccess: True

GET
H3 200 8.png
zona-bermain.com/script/ Frame D4AA 25 KB
25 KB 328ms
327ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame D4AA 24 KB
24 KB 339ms
337ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 5.png
zona-bermain.com/script/ Frame D4AA 25 KB
25 KB 355ms
354ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/5.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5f535c3b2a3e766186afdfcdcc69c61bdabd63853a8a22b30795fa317b28c453

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25302
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 0.png
zona-bermain.com/script/ Frame D4AA 25 KB
25 KB 359ms
357ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame D4AA 25 KB
25 KB 368ms
366ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H3 200 7.png
zona-bermain.com/script/ Frame D4AA 24 KB
24 KB 377ms
376ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Sun, 28 Jan 2024 00:04:14 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame D4AA 11 KB
5 KB 46ms
45ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39489
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c779f60d9d5-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
kaptenoleng.com/ Frame F1D5 10 KB
2 KB 280ms
280ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:14 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3

200

/ Show response
zona-bermain.com/jalur-shio/ Frame 36DE
Redirect Chain

https://zona-bermain.com/jalur-shio
https://zona-bermain.com/jalur-shio/

98 KB
20 KB

547ms
546ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/jalur-shio/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

e1c033fb24dbcdc0dc5d1acf1441bf18771adeea22bc5ad423f1cba47d68b72d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/live-sydney/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:15 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/293>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=293>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:15 GMT
location: https://zona-bermain.com/jalur-shio/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 59DF 43 B
748 B 72ms
72ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=64291

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:14 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame B701 85 B
482 B 61ms
60ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134903
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: nLDPaKUrr2uFlJfgFgcS6V2sLOTHUGfoeLQQFXD6l0VedoA6YgfSZQ==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 5945 43 B
177 B 68ms
67ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:14 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 1D26 167 B
580 B 72ms
72ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:14 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame D4AA 436 B
571 B 211ms
69ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLIVE%20SYDNEY%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Flive-china%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:96471212&@b3:1705795455&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Flive-sydney%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 1381418b1f1f64506dd2a5df168d83b148facfc6a2143a24c8969712bfb9b6e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:14 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame B701 766 B
1 KB 60ms
60ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401259
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: vBst8zOdTbXT-r9h340TECoaTvTwMn7nBc2Nd5YLP8KzDlgI7csWCA==

GET
H2 200 live-draw-china.php Show response
rankcrack.com/ Frame A23C 651 B
771 B 1075ms
790ms Document
text/html 2606:4700:3036::ac43:84f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rankcrack.com/live-draw-china.php
Requested by: Host: w1.bungaprediction.com
URL: https://w1.bungaprediction.com/livechina.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:84f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fb574ba0087738e2662388a3f51043e2d9010322bc48390a0a34e1ce588fcac

Request headers

Referer: https://w1.bungaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 848b4c7a4f6d4962-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YDahJrETyMEZxiAhiIfdVXtU01XmviDjXQvZZ7WXnAh%2FKwxns9FJdLt2zylDlKSFni6XMd9E20Ru%2Bg75qDyh74ryReWGGYL%2BeZRLDVry758WatVS35VGoZ7uMhGZ9xszX5OqXEw5UPLm6R9d"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 830B 11 KB
4 KB 46ms
45ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: w1.bungaprediction.com
URL: https://w1.bungaprediction.com/livechina.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39489
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c7888dbd9d5-MIA
content-length: 4547

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 4693 0
141 B 77ms
77ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=14698&pu=https://zona-bermain.com/prediksi-taiwan/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:13 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 1817C3511DA64C45BA49D01654357F8A Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXQlNmbOeNWWHUmLVg==

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame C491 43 B
748 B 65ms
64ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=53873

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:14 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 3
Content-Type: image/gif

GET
H/1.1 200
OK 4585452.php Show response
s4.histats.com/stats/ Frame 830B 435 B
570 B 203ms
68ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4585452.php?4585452&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s329&@ten-US&@u1600&@b1:-67832640&@b3:1705795455&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fw1.bungaprediction.com%2Flivechina.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: cde7706a94ea59cdabf47cefabad4419ecdf0973ab6f66f3857bc54641131ed9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:15 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame F1D5 15 KB
3 KB 287ms
287ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Sun, 28 Jan 2024 00:04:15 GMT

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame D4AA 18 KB
5 KB 259ms
259ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/live-sydney/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Sun, 28 Jan 2024 00:04:15 GMT

GET
H2 200 / Show response
opesia.vip/iframe-live/livesydney2.php/ Frame 5162 3 KB
1 KB 777ms
666ms Document
text/html 2606:4700:3036::6815:5f47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://opesia.vip/iframe-live/livesydney2.php/
Requested by: Host: w1.bungaprediction.com
URL: https://w1.bungaprediction.com/livesydney.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5f47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28dbb8fadd06f596bb80ad03c70f1c80f2b16a9fd0b2ad17414335a16b525cd7

Request headers

Referer: https://w1.bungaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 848b4c7a4cd3daa3-MIA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zv9S06GjBpWithA90suWB27t5LYMtQkNKXOo50GnAbVoa%2BuTi6vCCfE%2FK4MBEI%2F3Axw7hA4GxBwrsDKlIn53jp%2B%2FJyM5Qh8wVWtEcLumffd2QBwWsadQy%2BU60OaS6yRUG74k%2BtmRcn4%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 7D6E 11 KB
4 KB 45ms
44ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: w1.bungaprediction.com
URL: https://w1.bungaprediction.com/livesydney.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39489
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c79aa30d9d5-MIA
content-length: 4547

GET
H2

204

sync
thrtle.com/ Frame 9C91
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
https://a.tribalfusion.com/i.match?p=b31&redirect=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5042%26vxii_pdid%3D%24TF_USER_ID_ENC%24%26vxii_ts%3D22%26_t%3D1705795455%26_reach%3D1&u=7db4e1ff-29b3-...
https://s.tribalfusion.com/z/i.match?p=b31&redirect=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5042%26vxii_pdid%3D%24TF_USER_ID_ENC%24%26vxii_ts%3D22%26_t%3D1705795455%26_reach%3D1&u=7db4e1ff-29b...
https://thrtle.com/sync?vxii_pid=5042&vxii_pdid=18072662068712545955&vxii_ts=22&_t=1705795455&_reach=1

0
473 B

61ms
60ms

Image
text/plain

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5042&vxii_pdid=18072662068712545955&vxii_ts=22&_t=1705795455&_reach=1
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:15 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 769
content-type: text/html
location: https://thrtle.com/sync?vxii_pid=5042&vxii_pdid=18072662068712545955&vxii_ts=22&_t=1705795455&_reach=1
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 848b4c7b9df0db01-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame D4AA 13 KB
5 KB 49ms
47ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 40136
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c79da71d9d5-MIA
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame D4AA 6 KB
3 KB 259ms
257ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Flive-sydney%2F&j=https%3A%2F%2Fzona-bermain.com%2Flive-china%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLIVE%20SYDNEY%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Flive-china%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:96471212&@b3:1705795455&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Flive-sydney%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7be825134f1bf25725a30ed66a3d9c593ed2e57ac26abaed288bb784fe8a52

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
x-t: 0.25
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FkDbRTvBfBQ8TETVG42Ldj4rmo%2B6hxAFf6gWAG0u5nk5LZq3akEc2XltlfM7fiFmqVqey8Uh8t0lQBPLGQBGG92C29rvlFB7UarpyK4U2%2Be34v78kjfwmJMNCoaIEl0T4b52RNvzCU9exA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c79ded96dc2-MIA
expires: Sun, 21 Jan 2024 00:04:14 GMT

GET
H/1.1 200
OK 4585452.php Show response
s4.histats.com/stats/ Frame 7D6E 435 B
570 B 206ms
67ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4585452.php?4585452&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s329&@ten-US&@u1600&@b1:-26880992&@b3:1705795455&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fw1.bungaprediction.com%2Flivesydney.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: cde7706a94ea59cdabf47cefabad4419ecdf0973ab6f66f3857bc54641131ed9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:15 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H2 200 cc_329.js Show response
s10.histats.com/counters/ Frame 830B 18 KB
7 KB 50ms
49ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_329.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e88766f9257d0fcab42980c1182bbcbdd7ba7ed435aab35b645d9c5a4279ffc7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 48413
etag: "1331309106"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c7adc41d9d5-MIA
content-length: 7420

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 830B 6 KB
3 KB 115ms
114ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivechina.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4585452.php?4585452&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s329&@ten-US&@u1600&@b1:-67832640&@b3:1705795455&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fw1.bungaprediction.com%2Flivechina.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13f9dca5894a908d2bedb686143ea27151bb6e0ddb5b47938fb0a9ca30947d9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
x-t: 0.247
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRKLBrKIPC9N%2BR5bSB5JcBI0lyfNzQAoULOD70sNWMQ8qScn6hGsnVf7zSg8LwRkM3tyRafbLR4aJ%2BJVJ4zjHiSfxC8IgUT6xSf82ewXGTTaLl1wTlCidzEdcECI%2Frc5oRsk0lKHhbAJYZg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: mtl1
cf-ray: 848b4c7ad8676dc2-MIA
expires: Sun, 21 Jan 2024 00:04:14 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame D4AA 230 B
529 B 33ms
32ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame D4AA 231 B
530 B 34ms
33ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:15 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 4977 0
0 74ms
73ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=35498
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:15 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: _j4SklHC3P3ZTlP5fY6A1dl28BGMD1RuSt7YNaH45dJyqmQNB2cRNA==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame F1D5 11 KB
5 KB 45ms
45ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39490
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c7b8d6ed9d5-MIA
content-length: 4547

GET
H2 200 cc_329.js Show response
s10.histats.com/counters/ Frame 7D6E 18 KB
7 KB 55ms
55ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_329.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e88766f9257d0fcab42980c1182bbcbdd7ba7ed435aab35b645d9c5a4279ffc7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 48413
etag: "1331309106"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c7b9d75d9d5-MIA
content-length: 7420

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 7D6E 6 KB
3 KB 262ms
262ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivesydney.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4585452.php?4585452&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s329&@ten-US&@u1600&@b1:-26880992&@b3:1705795455&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fw1.bungaprediction.com%2Flivesydney.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9a6fb1bcaf76a6aaaaed347ebb24a475685fd3bb6e07f87b288891347d4667c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
x-t: 0.22
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cek03lm4bPZUXfy%2BBOGbND61R%2FZhbIppjzJZtMadLoBE6PqDFiZSkqENjoK9wRIS8cOdqW6yK50eolaz8amCmNtIF56UkPzJ5h9%2Fl9lky1CGSUwfOx%2Fm8s%2F0xqozQiIE3bM96SZdkHBBs34%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c7b99356dc2-MIA
expires: Sun, 21 Jan 2024 00:04:14 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame D4AA 0
457 B 81ms
80ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2Flive-sydney%2F&r=https%3A%2F%2Fzona-bermain.com%2Flive-china%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Flive-sydney%2F&j=https%3A%2F%2Fzona-bermain.com%2Flive-china%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
x-t: 0.74
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5n6%2B%2Fx8188J55%2B%2FMX1Ar9Lpa08YIZoHTYLZOU5CSiPOp4ftU8ugkKNt7YJgXiuMcAO6g0T9ra6VBKjNmGChwvcEUw9jo6bWO2RAav2W0YS9ZlNRRiwb3CVfjnlKHPv86C6zJYpxbatslpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 848b4c7b99b8287a-MIA
expires: Sat, 20 Jan 2024 23:10:27 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame D4AA 33 KB
11 KB 67ms
67ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Flive-sydney%2F&j=https%3A%2F%2Fzona-bermain.com%2Flive-china%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38456
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: 3wunhL6gRwTebpCKTYVf1NuZjUTMP5XRUvDN9Jwuis_mA72VlCt_WA==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame D4AA 0
287 B 260ms
260ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=1actuvzbj4&_pv=8&_ls=10&_cc=us&_pl=d&_b=chrome%40120&_cbid=7gcn&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Flive-sydney%2F&j=https%3A%2F%2Fzona-bermain.com%2Flive-china%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
x-t: 0.078
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9SLIZPZq2Ggv2OhmsFwzCof3JSJIgCvcqDa5Pum121th16FpvbtRiJ5Q%2FOBQ%2F%2Fs9FlWWDTQYp3VOiVDR4uzQVDw%2Fus88J7KlPOS7UdHvP5tLi72v%2BQ6eW4p0DOIZh4VEj93Z4EroOcIBRk%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c7b993b6dc2-MIA
expires: Sun, 21 Jan 2024 00:04:14 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 830B 0
418 B 96ms
94ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fw1.bungaprediction.com%2Flivechina.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivechina.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
x-t: 1.4
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIAj1RbeKFo0n39W9y5h7FIt%2F5sJlxLxAB56jQlGOF770Nhf0EHrEBHmtHH0y%2BY%2F3fq4i1KDe3oDCtC4YQQsvqn8GBzTj%2FJYMdz3nfTW8x7Jo9lU0YyTPtDZi4kJhcXnV3QnhN8bXWjnnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 848b4c7b99c7287a-MIA
expires: Sun, 21 Jan 2024 00:04:46 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 830B 33 KB
11 KB 78ms
77ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivechina.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38456
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: hIeg3Fp6eYsuEcp_CdOPN2agL3-yulK4y3yBfAV1UR8x75hqXSJxAw==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 830B 51 B
339 B 264ms
263ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=w1.bungaprediction.com&_ss=6wsm59s7ny&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=3rbp&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivechina.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acb6e632d4ca2735f6b1d1203b78fd3debe50ca4f23e3b0f3aae38bdad9dcbb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
x-t: 0.123
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sbim2%2B9rbGnt5e%2FZifBNHuG7lOCvXjyXJsJMo%2Bg173i0SFISiar6yNYKLExpvjWKMXy8SAqXFlyYKWNCmKU1HfWBZK7K4XpJTU5tGqHWZhAMD0TEyy85%2Bj0Dzrxal4KvNY7z5fp8foXU9g8%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c7b99466dc2-MIA
expires: Sun, 21 Jan 2024 00:04:14 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 4693
Redirect Chain

https://um.simpli.fi/lj_match?r=41504
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

67ms
66ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:15 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:15 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame C491 0
228 B 77ms
76ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=45065&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:14 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: EA66C775FF6C40A299BD98B2B9E2F286 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:15Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXQtK2GZDIW3ISneZA==

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 1D26 43 B
177 B 67ms
66ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:15 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame F1D5 434 B
569 B 203ms
68ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:28869682&@b3:1705795455&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: c8711e7fec7fc7124b43cc2cc5f6594852be5ea8548fa99b37ae4d91a1b3d4c5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:15 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame D4AA 5 KB
2 KB 63ms
62ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2450
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 5rdhRNytlOib3I-XW-qX7-bXeXADJSTzGsmRZ3YqQCnKwUt4AAPzOA==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 830B 50 B
464 B 71ms
70ms Fetch
application/json 18.173.132.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-31.jfk52.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 11:54:34 GMT
via: 1.1 aaf016fef66eecea8770da00a4c0e9d6.cloudfront.net (CloudFront), 1.1 e70925a92da0404e239c3620389c3dd0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, JFK52-P2
age: 43781
x-amzn-requestid: 0df85fe8-7523-4bbf-9926-a75c493d77b3
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: R1kjHFGQiYcEO-Q=
content-length: 50
x-amz-cf-id: A9MHxdl0zguCGFtWyKOY5dOVIGH81GWQ4OXm2p3xLRQohHJf-9LvPw==

GET
H2

204

sync
thrtle.com/ Frame 59DF
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
https://pm.w55c.net/ping_match.gif?rurl=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5011%26vxii_pdid%3D_wfivefivec_%26vxii_ts%3D24%26_t%3D1705795455%26_reach%3D1&st=THROTLE
https://pm.w55c.net/ping_match.gif?scc=1&rurl=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5011%26vxii_pdid%3D_wfivefivec_%26vxii_ts%3D24%26_t%3D1705795455%26_reach%3D1&st=THROTLE
https://thrtle.com/sync?vxii_pid=5011&vxii_pdid=v21ecxEE1RrljV5&vxii_ts=24&_t=1705795455&_reach=1&st=THROTLE

0
473 B

60ms
59ms

Image
text/plain

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5011&vxii_pdid=v21ecxEE1RrljV5&vxii_ts=24&_t=1705795455&_reach=1&st=THROTLE
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/prediksi-taiwan/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

Redirect headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:15 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-799-g9c6cd74#rel-ec2-master i-00c4c64a1a8d4085a@us-east-1b@dxedge-app-us-east-1-prod-asg
Location: https://thrtle.com/sync?vxii_pid=5011&vxii_pdid=v21ecxEE1RrljV5&vxii_ts=24&_t=1705795455&_reach=1&st=THROTLE
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame D4AA 167 B
581 B 68ms
67ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:15 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 7D6E 0
292 B 101ms
101ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fw1.bungaprediction.com%2Flivesydney.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivesydney.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
x-t: 10.16
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x3%2FRmDaTL6lpl3mFwxYMTsb7FKfFXx9681OOE6V%2FF1MExxQbSVZ5doGxBA76iTXLSHjPyJlADS3X4v4%2FstBZGAZMBgAv%2FDIRa8WmNmi39RG7dq5Es1rppO%2FsfQV9g7UN86EJ2qH%2Fb25okA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 848b4c7e1e1d287a-MIA
expires: Sun, 21 Jan 2024 00:04:46 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 7D6E 33 KB
11 KB 67ms
67ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivesydney.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38456
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: 1hFLKby9KMwPlh2I9_eg8lEWmwygNwGacmtJc5bTtx8s2VNqZ3GXKg==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 7D6E 51 B
341 B 259ms
258ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=w1.bungaprediction.com&_ss=6wsm59s7ny&_pv=2&_ls=0&_cc=us&_pl=d&_cbid=6faq&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fw1.bungaprediction.com%2Flivesydney.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf970150374baa5cf3025b43b9172d1ef77dbd0f3d9859d72059912cb273f19b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
x-t: 0.115
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwdX0gIuruIsF5kiK2G1iQ%2FK7wios8F7kNw8%2FDN9h8RT8yH9peGErl9zf7FkAt0ErlVQgIzODRN2Q7I8BFm8n3zMt3v6Yl5%2B%2FRtPnFdF78cddPUN4Vrkccjy9WiVOE0KVG0lKS3tl9evgyQ%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c7e1c436dc2-MIA
expires: Sun, 21 Jan 2024 00:04:14 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 830B 5 KB
2 KB 70ms
70ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2450
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 4116OKyGSRzWNjTXQ3cf3OUgibiPegAFCGXdRBQyMtX7Z6MGPgDV6A==

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame F1D5 22 KB
12 KB 50ms
50ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 33298
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c7e39f4d9d5-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame F1D5 6 KB
3 KB 264ms
263ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:28869682&@b3:1705795455&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fd5746d2787bac24796cb89d2a7171889ff7f12fc7bbc115f8eb6ce77759329

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
x-t: 0.447
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNRYeULAg1b0dmWqwaL2kPq0XhyrkH3HqjQhyeeJjTj7qDNDAAGwB4cchhG9C2ESqrdL%2FwXdXFJlsvW7JuNhp8ObPhp0X6RXIks0TuTGRBZ9HZULi1XA9KHobiO8DuaC98WbMm9u5EGURBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c7e3c6f6dc2-MIA
expires: Sun, 21 Jan 2024 00:04:14 GMT

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame 36DE 107 KB
13 KB 266ms
265ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Sun, 28 Jan 2024 00:04:15 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 36DE 227 B
271 B 350ms
350ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Sun, 28 Jan 2024 00:04:15 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 36DE 2 KB
374 B 351ms
351ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Sun, 28 Jan 2024 00:04:15 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 36DE 28 KB
8 KB 352ms
351ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Sun, 28 Jan 2024 00:04:15 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 36DE 3 KB
827 B 518ms
518ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Sun, 28 Jan 2024 00:04:15 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 36DE 86 KB
29 KB 264ms
263ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Sun, 28 Jan 2024 00:04:15 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 36DE 13 KB
5 KB 514ms
513ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Sun, 28 Jan 2024 00:04:15 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 36DE 157 KB
26 KB 37ms
37ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:15 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6370197
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 36DE 30 KB
7 KB 42ms
42ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 4465852
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4c7e7ba721d9-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 36DE 21 KB
8 KB 37ms
36ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:15 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4041581
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 36DE 62 KB
16 KB 37ms
36ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:15 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4489645
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery-3.1.1.js Show response
code.jquery.com/ Frame 5162 261 KB
77 KB 269ms
34ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.1.js
Requested by: Host: opesia.vip
URL: https://opesia.vip/iframe-live/livesydney2.php/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d7a71d3dd740e95755227ba6446a3a21b8af6c4444f29ec2411dc7cd306e10b0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opesia.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1523682
x-cache: HIT, HIT
content-length: 78665
x-served-by: cache-lga21952-LGA, cache-mia-kmia1760043-MIA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1705795456.019897,VS0,VE1
etag: W/"28feccc0-413ba"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 11, 1

GET
H3 200 7.png
zona-bermain.com/script/ Frame 36DE 24 KB
24 KB 462ms
461ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Sun, 28 Jan 2024 00:04:15 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame 36DE 25 KB
25 KB 463ms
463ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Sun, 28 Jan 2024 00:04:15 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame 36DE 25 KB
25 KB 256ms
255ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Sun, 28 Jan 2024 00:04:16 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame 36DE 25 KB
25 KB 259ms
258ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Sun, 28 Jan 2024 00:04:16 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame 36DE 25 KB
25 KB 256ms
255ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Sun, 28 Jan 2024 00:04:16 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame 36DE 25 KB
25 KB 280ms
277ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Sun, 28 Jan 2024 00:04:16 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame 36DE 24 KB
24 KB 286ms
284ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Sun, 28 Jan 2024 00:04:16 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame 36DE 25 KB
25 KB 294ms
292ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Sun, 28 Jan 2024 00:04:16 GMT

GET
H3 200 5.png
zona-bermain.com/script/ Frame 36DE 25 KB
25 KB 302ms
300ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/5.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5f535c3b2a3e766186afdfcdcc69c61bdabd63853a8a22b30795fa317b28c453

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25302
expires: Sun, 28 Jan 2024 00:04:16 GMT

GET
H3 200 0.png
zona-bermain.com/script/ Frame 36DE 25 KB
25 KB 310ms
308ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Sun, 28 Jan 2024 00:04:16 GMT

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 5945 43 B
748 B 68ms
68ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=90680

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:15 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 8
Content-Type: image/gif

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame 36DE 43 B
182 B 210ms
70ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:16 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 36DE 3 KB
1 KB 326ms
325ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Sun, 28 Jan 2024 00:04:16 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 36DE 8 KB
2 KB 266ms
264ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Sun, 28 Jan 2024 00:04:16 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 36DE 6 KB
2 KB 267ms
264ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Sun, 28 Jan 2024 00:04:16 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 36DE 112 KB
34 KB 268ms
266ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Sun, 28 Jan 2024 00:04:16 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 36DE 4 KB
2 KB 279ms
277ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Sun, 28 Jan 2024 00:04:16 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 7D6E 5 KB
2 KB 61ms
61ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2450
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: Kr37dNTo1dsiXHLMKM001oQy7eDnePaisk2A00mSa3EK0KoBf2KvIg==

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 830B 167 B
587 B 67ms
66ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:15 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://w1.bungaprediction.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 4693 43 B
748 B 61ms
61ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=86210

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:15 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 78C0 85 B
481 B 77ms
63ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134905
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: hbOKTiZeZ_-mN1KKaDxsKnrq1mKnpypbJYg2J0R8Y5jI2sl453ylSw==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame C491
Redirect Chain

https://um.simpli.fi/lj_match?r=91489
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

75ms
74ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:15 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:15 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 7D76 0
0 76ms
70ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=95710
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:16 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: OtT8-TC-zU476u2w7XSP0h1gvVHmFR1VRtLwhbmm45ffEHzOjp135g==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H2 200 style5.css
rankcrack.com/css/ Frame A23C 8 KB
2 KB 830ms
816ms Stylesheet
text/css 2606:4700:3036::ac43:84f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rankcrack.com/css/style5.css
Requested by: Host: rankcrack.com
URL: https://rankcrack.com/live-draw-china.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:84f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8afd8132abd29ec4f4e38e5088bc5cce3b8c65a97439a0f6cacfcf7975b9d144

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rankcrack.com/live-draw-china.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 01 Feb 2023 07:47:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2b1ea1-1fb2-5f39ea947f180"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m1PszHCGUo%2FpntP8RK5%2BoAXGuKqHNRj2Hk7%2BJhLF9FWfpc6eXlv9zZvtHyIXe9GMLwcmsXYAh3GzZAKZmkLs%2BAeoMK0sbaZYjP4Kb%2BkfUpNKeYtQA20p%2BKFA2cwFTiZHl4ncNUdK4y4eN8bh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 848b4c801fa94962-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ Frame A23C 2 KB
663 B 90ms
77ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald&display=swap

Requested by

Host: rankcrack.com
URL: https://rankcrack.com/live-draw-china.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b94669d62b1a08f3e99eeca2a395ddc4b78bb99ea5c4c1c43b7a423c67dc2a37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rankcrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jan 2024 00:04:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jan 2024 22:45:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Jan 2024 00:04:16 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame A23C 86 KB
31 KB 208ms
63ms Script
text/javascript 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: rankcrack.com
URL: https://rankcrack.com/live-draw-china.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://rankcrack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:16:09 GMT

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame F1D5 0
461 B 110ms
110ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
x-t: 25.92
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PpdH98b%2BbuI3Af6rM0jJdE8VqGX7jlAKIvLAZkyUHmRcXGSImZmzCdl7IfFQUeEMwALZOvdW%2Bt63%2F5Qmm2SaYRGSHwHEFo2MwTGYaVEbpZG%2BugT832qIAZC0TsK186f9SXlJBomZcrU0lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 848b4c801a4f287a-MIA
expires: Sat, 20 Jan 2024 23:40:33 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame F1D5 33 KB
11 KB 74ms
73ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38457
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: K_Yo-9I2PO2CyNtdKjpCGWADJlBOKo_stHRpaH_DPTKeD9Ci7BTrkQ==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame F1D5 0
421 B 261ms
260ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=3qzb7utbz4&_pv=8&_ls=9&_cc=us&_pl=d&_b=chrome%40120&_cbid=1s7y&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
x-t: 0.105
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZmaUsFw%2FhwgBWaJ3XFR3VSRukBOHKwwmA%2FkGdzHC3cSms5iMORkHsEgqpKsqipW4veS1c8QeYQBWaZTX%2Bjr1eYs58BDNSBTN3edgt8Dt2otB%2FFoDoDUkPW0uQdbToXSc8Oe9qpQbg4dfOTI%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c802ee86dc2-MIA
expires: Sun, 21 Jan 2024 00:04:15 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 7CC9 0
72 B 69ms
68ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zona-bermain.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:16 GMT
content-length: 0
vary: Origin

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 7D6E 167 B
587 B 69ms
68ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:16 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://w1.bungaprediction.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 78C0 766 B
1 KB 61ms
60ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401261
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: YpIQhG8X-UmAt-uFS7NT-c4EabpXIQAYi0EvzaKLuQa9jP7MIomvPQ==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame F1D5 5 KB
2 KB 61ms
61ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2451
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 77AiHHJuu2tL5tn2qdZ7qDvdqMSsM430GC9s05LuMxLa2Xv2ONk6zg==

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame D4AA 43 B
177 B 68ms
67ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:16 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame F1D5 167 B
580 B 68ms
66ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:16 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 5945 0
141 B 76ms
76ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=80297&pu=https://zona-bermain.com/generate-bbfs/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:15 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A5C85F6A3D414AB1A5C0B28D41D8940A Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXQ8sY8O/neJHCeyag==

GET
H3 200 3.png
zona-bermain.com/script/ Frame 36DE 25 KB
25 KB 299ms
298ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Sun, 28 Jan 2024 00:04:16 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame 36DE 25 KB
25 KB 310ms
308ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Sun, 28 Jan 2024 00:04:16 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame 36DE 25 KB
25 KB 312ms
310ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Sun, 28 Jan 2024 00:04:16 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame 36DE 25 KB
25 KB 325ms
324ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Sun, 28 Jan 2024 00:04:16 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame 36DE 24 KB
24 KB 325ms
324ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Sun, 28 Jan 2024 00:04:16 GMT

GET
H3 200 5.png
zona-bermain.com/script/ Frame 36DE 25 KB
25 KB 334ms
333ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/5.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5f535c3b2a3e766186afdfcdcc69c61bdabd63853a8a22b30795fa317b28c453

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25302
expires: Sun, 28 Jan 2024 00:04:16 GMT

GET
H3 200 0.png
zona-bermain.com/script/ Frame 36DE 25 KB
25 KB 337ms
336ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Sun, 28 Jan 2024 00:04:16 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame 36DE 25 KB
25 KB 347ms
346ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Sun, 28 Jan 2024 00:04:16 GMT

GET
H3 200 7.png
zona-bermain.com/script/ Frame 36DE 24 KB
24 KB 354ms
353ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Sun, 28 Jan 2024 00:04:16 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 36DE 11 KB
5 KB 46ms
46ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39491
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c825ff2d9d5-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
kaptenoleng.com/ Frame 00AF 10 KB
2 KB 282ms
281ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-length: 2408
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:16 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 36DE 75 KB
76 KB 46ms
45ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 52948
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0169a029d86cd905494d0223eb6c0fce
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4c827802497c-MIA
cdn-requestpullsuccess: True

GET
H3

200

/ Show response
zona-bermain.com/paito-warna-hongkong/ Frame 03A8
Redirect Chain

https://zona-bermain.com/paito-warna-hongkong
https://zona-bermain.com/paito-warna-hongkong/

265 KB
34 KB

459ms
458ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/paito-warna-hongkong/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

f1d5c63eb538181b48c9875d1c18d64e0e1b54807ed5aedd14bd851f8027c755

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/jalur-shio/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:17 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/95>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=95>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:16 GMT
location: https://zona-bermain.com/paito-warna-hongkong/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame C491 43 B
748 B 66ms
64ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=89248

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:16 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 3
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame CF53 85 B
483 B 64ms
64ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134905
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: KUaI4ugD8BzHDbqq7nTrGLNZOdyGX3l0s2-MIprwVPU3J6cuXpVDzg==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 1D26 43 B
748 B 71ms
69ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=52684

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:16 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 9
Content-Type: image/gif

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame 36DE 436 B
571 B 205ms
69ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mJALUR%20SHIO%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Flive-sydney%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-87573449&@b3:1705795456&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fjalur-shio%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 1381418b1f1f64506dd2a5df168d83b148facfc6a2143a24c8969712bfb9b6e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:16 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame CF53 766 B
1 KB 61ms
61ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401261
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: TCKJsQ7iTq5aLg_V8E2BaswNtWhPdHepgVEBnQCbIlTUcR93okLe0g==

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 830B 43 B
177 B 75ms
68ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:16 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 36DE 18 KB
5 KB 256ms
255ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/jalur-shio/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Sun, 28 Jan 2024 00:04:16 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 00AF 15 KB
3 KB 291ms
288ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Sun, 28 Jan 2024 00:04:16 GMT

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 7D6E 43 B
177 B 87ms
86ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:16 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 36DE 13 KB
4 KB 65ms
64ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 40137
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c84db89d9d5-MIA
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 36DE 6 KB
3 KB 266ms
266ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fjalur-shio%2F&j=https%3A%2F%2Fzona-bermain.com%2Flive-sydney%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mJALUR%20SHIO%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Flive-sydney%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-87573449&@b3:1705795456&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fjalur-shio%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 194e14a5ee445eff16bf25a7bd34425ccb733ba98acb573d39804bb57748d797

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
x-t: 0.221
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4vhiwBu2YYcu1xSeeSYw%2FQhYevnitnvn3GHmj5xtyXS%2BHNIE4scYpwJe1ygLmZ%2BS8KKYaKKvbg3z5ZPfPOZauSRt6SxxwWIC92eXmrMX9nsCMIIhlonYxjjWRgvkIs%2B%2BGtTl0HGb%2Bhrb3U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c84cce16dc2-MIA
expires: Sun, 21 Jan 2024 00:04:15 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame F612 0
0 69ms
69ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=8886
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:16 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: QeQ-giCJ14tERjnLz5aRN8JbNa1nHr0z76wRiAX0oEvSCGuZ6Fa-ow==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H2

204

sync
thrtle.com/ Frame 4693
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
https://ib.adnxs.com/getuid?https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5006%26vxii_pdid%3D%24UID%26vxii_ts%3D26%26_t%3D1705795456%26_reach%3D1
https://thrtle.com/sync?vxii_pid=5006&vxii_pdid=2907085194688289057&vxii_ts=26&_t=1705795456&_reach=1

0
473 B

61ms
61ms

Image
text/plain

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5006&vxii_pdid=2907085194688289057&vxii_ts=26&_t=1705795456&_reach=1
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

Redirect headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:16 GMT
an-x-request-uuid: 71e91ff7-3726-42bc-b3f0-aadfee4b46db
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://thrtle.com/sync?vxii_pid=5006&vxii_pdid=2907085194688289057&vxii_ts=26&_t=1705795456&_reach=1
x-proxy-origin: 38.132.118.71; 38.132.118.71; 570.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 5945
Redirect Chain

https://um.simpli.fi/lj_match?r=65469
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

89ms
89ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:16 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:16 GMT

GET
H3 200 cn.php Show response
rankcrack.com/ Frame A23C 1 KB
738 B 814ms
813ms XHR
text/html 2606:4700:3036::ac43:84f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rankcrack.com/cn.php
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:84f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28eb771c52635f262d150e0b54111a13ac1cd929187b8697600bc6483b4f1c6c

Request headers

Accept: text/html, */*; q=0.01
Referer: https://rankcrack.com/live-draw-china.php
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xuxEQB5q5QBd0DPwIvGKBDMB1zwML3qf40ANkrMAQqu%2Fh7pVTrUQ%2FfNCd%2FzOqp9ItiLUo9ha0NVccp9248SA6UDm%2F%2By4fBsUYQPy5t0UwXrjTrbclj7xpAe9vnNlBWxXZgvNuRDSf0%2FZex19"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 848b4c8618f3b3c1-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 1D26 0
142 B 83ms
81ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=17960&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: E7DFD2376E964FE9AC620126E60D30A5 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXRF6MDrfpxVLVXJFg==

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 36DE 230 B
529 B 33ms
33ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 36DE 231 B
530 B 33ms
33ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame B9BF 0
72 B 69ms
69ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zona-bermain.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:17 GMT
content-length: 0
vary: Origin

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame F1D5 43 B
177 B 67ms
66ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:17 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 00AF 11 KB
5 KB 47ms
46ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39492
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c86cf22d9d5-MIA
content-length: 4547

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 36DE 0
556 B 251ms
249ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2Fjalur-shio%2F&r=https%3A%2F%2Fzona-bermain.com%2Flive-sydney%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fjalur-shio%2F&j=https%3A%2F%2Fzona-bermain.com%2Flive-sydney%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
x-t: 3.02
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIObSfGhqZdZ7r1fW%2FGqmYTPp8b%2BJbgDPLSBy0XqMG9quF66Ohfzt9ZfKk0hRXpqUKNCo3ri5nQ81EPF5TeuccJNKl67jbP13LuBCfGC04iwnCjLPvMDjulR5Mbo62blsHkjj2Wbt30ixw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 848b4c872811287a-MIA
expires: Sun, 21 Jan 2024 00:04:48 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 36DE 33 KB
11 KB 68ms
67ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fjalur-shio%2F&j=https%3A%2F%2Fzona-bermain.com%2Flive-sydney%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38458
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: xWYIxdmduZvfPgZgcoSEGebXySQNxTqMz6YbPPLZ3BfDwV2Sr5ZUYQ==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 36DE 0
311 B 261ms
260ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=1actuvzbj4&_pv=9&_ls=12&_cc=us&_pl=d&_b=chrome%40120&_cbid=12cs&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fjalur-shio%2F&j=https%3A%2F%2Fzona-bermain.com%2Flive-sydney%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
x-t: 0.089
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZpTtTjN%2BbpUtL1sBDWO5VV0NcGNm5D7Xo1SSgZaBVrr2i%2BUof3XmnMSRAbeli9dxoCNMj2qw7e%2FBu%2BxZ9wSGXzm1s96ypXWCAlTyv4sk%2BItobSjzuSgYH1%2FpQDRpIxCGitGDdJ75hfJvJo%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c871fd46dc2-MIA
expires: Sun, 21 Jan 2024 00:04:16 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 3F14 0
0 73ms
71ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=33899
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://w1.bungaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:17 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: Q0VW73004Wt47Kb-WBG4atEVy-s7845opcPAoong1Hm5iMSVt5TgjQ==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H2

200

sync
thrtle.com/ Frame C491
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
https://i.liadm.com/s/56290?bidder_id=199768&bidder_uuid=7db4e1ff-29b3-4658-93ec-a54ac0e6cd48
https://thrtle.com/sync?vxii_pid=5028&vxii_pdid=8fa0be99-2128-4576-ba8e-19bd665ac5d9&_t=1705795457

43 B
546 B

62ms
61ms

Image
image/gif

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5028&vxii_pdid=8fa0be99-2128-4576-ba8e-19bd665ac5d9&_t=1705795457
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Sun, 21 Jan 2024 00:04:17 GMT
content-length: 43
content-type: image/gif

Redirect headers

Location: https://thrtle.com/sync?vxii_pid=5028&vxii_pdid=8fa0be99-2128-4576-ba8e-19bd665ac5d9&_t=1705795457
Date: Sun, 21 Jan 2024 00:04:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 5

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame 00AF 434 B
569 B 206ms
68ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:27738119&@b3:1705795457&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: c8711e7fec7fc7124b43cc2cc5f6594852be5ea8548fa99b37ae4d91a1b3d4c5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:17 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 36DE 5 KB
2 KB 64ms
62ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2452
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: otM-sG-TErUxlbSonxiwn48hbYsJ8YaJgGj5018RqqQ9448cyoZe0A==

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 10CB 0
0 72ms
69ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=69010
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://w1.bungaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:17 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: pK7ILFUnq3B-NOi0xGShenA-is3OGFUFBPT8ICYqrubYgk64ej5j8g==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame D4AA 43 B
748 B 70ms
65ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=18967

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:17 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 3
Content-Type: image/gif

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 36DE 167 B
581 B 70ms
68ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:17 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 00AF 22 KB
12 KB 54ms
52ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 33300
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c88ba35d9d5-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 00AF 6 KB
3 KB 260ms
259ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:27738119&@b3:1705795457&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2886e0696f0258ed37ece82a981cc229d024ca5abe47012923a298b60aa8d999

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
x-t: 0.281
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2BC9MXCc%2FVHSBwvLewXwDr6tprVUonJDwBKMnhVbedXef5cDhT44xMhRirrcxbjWfBagfQ2XRzTVFA1fZbRFlXa2CoAB6nCiwsFJP0THDJdApQUOG5vWmTz9pHwyEguYdsyNhqaPtXWvXjk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c88b9c06dc2-MIA
expires: Sun, 21 Jan 2024 00:04:16 GMT

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 5945 43 B
748 B 68ms
66ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=71659

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:17 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 7
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 48D7 85 B
483 B 65ms
60ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134906
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: Sp_ckOdCsjomFHD4jnW2Taix5xNOUxEKV9DTeQFytxW93kLzCqBQvA==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame 03A8 107 KB
13 KB 265ms
261ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 03A8 227 B
271 B 269ms
266ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 03A8 2 KB
374 B 270ms
265ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 03A8 28 KB
8 KB 270ms
266ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 03A8 3 KB
827 B 270ms
266ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 03A8 86 KB
29 KB 271ms
267ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 03A8 13 KB
5 KB 279ms
275ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 03A8 157 KB
26 KB 47ms
43ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:17 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6370198
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 03A8 30 KB
7 KB 54ms
50ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 4465854
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4c891bdb21d9-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 03A8 21 KB
8 KB 48ms
45ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:17 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4041582
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 03A8 62 KB
16 KB 48ms
45ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:17 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4489647
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 1D26
Redirect Chain

https://um.simpli.fi/lj_match?r=66265
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

70ms
69ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:17 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:17 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:17 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 6A53 0
0 71ms
69ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=58512
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:17 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: dIrUEZFePmGnsiYCfQUXLxW_0jm6wulJCearu4xLgvQiIEQSUJGrPg==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 48D7 766 B
1 KB 63ms
57ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401262
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: H6jS_rHBDOlS2jCA2KJ1wJvdSdSe_h3ZUlvPDogk6ye8fn6MVWydfQ==

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-content/themes/asteroid/assets/js/ Frame 03A8 95 KB
32 KB 260ms
255ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/assets/js/jquery.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 32851
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H3 200 table.js Show response
zona-bermain.com/wp-content/themes/asteroid/assets/js/ Frame 03A8 2 KB
778 B 270ms
266ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/assets/js/table.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

b51bfeff329c0195ee3437eb0cad7a24cecc800620b4e4c847fba2dd44cddc59

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 755
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H3 200 warna.js Show response
zona-bermain.com/wp-content/themes/asteroid/assets/js/ Frame 03A8 13 KB
3 KB 271ms
267ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/assets/js/warna.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

60e20b6d9d14fa44ca8ca91b46f8650c695793e879be3cf1fa6f8e2ba0561045

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3215
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H3 200 7.png
zona-bermain.com/script/ Frame 03A8 24 KB
24 KB 271ms
267ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame 03A8 25 KB
25 KB 278ms
275ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame 03A8 25 KB
25 KB 268ms
256ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame 03A8 25 KB
25 KB 272ms
261ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame 03A8 25 KB
25 KB 279ms
267ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame 03A8 25 KB
25 KB 310ms
299ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame 03A8 24 KB
24 KB 311ms
300ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame 03A8 25 KB
25 KB 319ms
308ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H3 200 5.png
zona-bermain.com/script/ Frame 03A8 25 KB
25 KB 323ms
313ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/5.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5f535c3b2a3e766186afdfcdcc69c61bdabd63853a8a22b30795fa317b28c453

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25302
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H3 200 0.png
zona-bermain.com/script/ Frame 03A8 25 KB
25 KB 330ms
319ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame 03A8 43 B
182 B 209ms
70ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:18 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 03A8 3 KB
1 KB 342ms
332ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 03A8 8 KB
2 KB 289ms
277ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 03A8 6 KB
2 KB 290ms
278ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 03A8 112 KB
34 KB 291ms
280ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 03A8 4 KB
2 KB 309ms
298ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Sun, 28 Jan 2024 00:04:17 GMT

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 830B 43 B
748 B 61ms
60ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=35439

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:17 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 00AF 0
307 B 122ms
119ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
x-t: 3.05
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mz6TpVy5UuPnWzeO%2FZlkWlCcaHnzcBsbd1Y%2FYyCgTooBppSnSJFyDZPorczTgEpw2Zt%2BouQbzZusrVicefGTD0uOLIHIu5CZVo%2FbTBb9xZTwUxeb%2Fbgz9Pm%2FO0E2lWPNsm8B4Beavek9XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 848b4c8b0f17287a-MIA
expires: Sun, 21 Jan 2024 00:04:48 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 00AF 33 KB
11 KB 75ms
72ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38458
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: -8VEaTpYOrgwn3nGkVlygAAIDvfxclx_B8B7v-2n2ACcPCpWfD2z-Q==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 00AF 0
286 B 265ms
263ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=3qzb7utbz4&_pv=9&_ls=11&_cc=us&_pl=d&_b=chrome%40120&_cbid=uysn&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
x-t: 0.164
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9gJrOU%2B46X3wYxv2cjxjSgkLuxQyaecYGbiDQBrXa3yKzS6tpMhWukH%2FDQe3IzSjAOPXFJVWQxAyliofmjKejSsbZwjT%2BtLzCQp1RyfzcPQEBm6j99LUy8PxD46SYutWBySF2ZBXK8NI40%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c8b1cb36dc2-MIA
expires: Sun, 21 Jan 2024 00:04:16 GMT

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 7D6E 43 B
748 B 66ms
63ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=99906

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:17 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame D4AA 0
142 B 80ms
76ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=35904&pu=https://zona-bermain.com/live-china/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:16 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 4D2C8500593E4C439E3C664DB19D856F Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:17Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXRUckWODtlPNagtKw==

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 03A8 11 KB
5 KB 47ms
47ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39493
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c8c8fc8d9d5-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
kaptenoleng.com/ Frame E2ED 10 KB
2 KB 280ms
280ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:18 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 00AF 5 KB
2 KB 65ms
64ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2453
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: xn-zhGLnCtbivol4iIzxTNE-eGVcwzks7jRFLMH0fz2vOXuAOhNEog==

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 03A8 75 KB
76 KB 56ms
55ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 52950
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0169a029d86cd905494d0223eb6c0fce
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4c8cbf4f497c-MIA
cdn-requestpullsuccess: True

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 1D26 43 B
748 B 68ms
65ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=62302

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:18 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 4
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 33EE 85 B
481 B 64ms
64ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134907
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: QPWZCBFpeHetO3237tV_-bztug9-GmerKLcebnFdCt5vRYAr4GTyqA==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H3

200

/ Show response
zona-bermain.com/generate-bbfs/ Frame 7F9B
Redirect Chain

https://zona-bermain.com/generate-bbfs
https://zona-bermain.com/generate-bbfs/

96 KB
20 KB

559ms
558ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/generate-bbfs/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

10086e559bd8f881bfe5ae8ce580dce3e90077ac65ef4dc9a9af9b3ba2afb3ce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/paito-warna-hongkong/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:18 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/155>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=155>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:18 GMT
location: https://zona-bermain.com/generate-bbfs/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame F1D5 43 B
749 B 80ms
79ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=54510

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:18 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 18
Content-Type: image/gif

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 36DE 43 B
177 B 87ms
71ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:18 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame 03A8 436 B
571 B 201ms
68ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20HONGKONG%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fjalur-shio%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:2381416&@b3:1705795458&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fpaito-warna-hongkong%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: ee053a27a18fa6026d1dd96aee2dc7763176f9ec05090050148aadf2d607dc7f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:18 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 33EE 766 B
1 KB 69ms
63ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401263
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: U3zZGfYWGIBA6lwQNC5px3pzwNFBNVRLtGMg2Z-Zl26RO9_tVULXfg==

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 00AF 167 B
580 B 68ms
67ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 830B 0
142 B 83ms
82ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=48693&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 20256DC3313748DFBD707D40EB390FF5 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXRaUrwpkK3aYXkW4A==

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 03A8 18 KB
5 KB 259ms
258ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-hongkong/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:18 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Sun, 28 Jan 2024 00:04:18 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame E2ED 15 KB
3 KB 293ms
293ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:18 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Sun, 28 Jan 2024 00:04:18 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 7D6E 0
141 B 78ms
78ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=10092&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 0745403540334CDC9623827C39425E81 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXRebCcUEfKbD6+90Q==

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame D4AA
Redirect Chain

https://um.simpli.fi/lj_match?r=29943
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

73ms
72ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:18 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:18 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:18 GMT

GET
H2

204

sync
thrtle.com/ Frame 5945
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
https://sync-tm.everesttech.net/upi/pid/EhuOE4dM?redir=https%3A%2F%2Fthrtle.com%2Fsync%3Fvxii_pid%3D5032%26vxii_pdid%3D%24%7BTM_USER_ID%7D%26vxii_ts%3D30%26_reach%3D1
https://thrtle.com/sync?vxii_pid=5032&vxii_pdid=ZaxfdAAQBIdxCQBH&vxii_ts=30&_reach=1

0
473 B

62ms
61ms

Image
text/plain

54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=5032&vxii_pdid=ZaxfdAAQBIdxCQBH&vxii_ts=30&_reach=1
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/
Protocol: H2
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:18 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

Redirect headers

x-served-by: cache-mia-kmia1760099-MIA
pragma: no-cache
date: Sun, 21 Jan 2024 00:04:18 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1705795459.741562,VS0,VE0
x-cache: HIT
location: https://thrtle.com/sync?vxii_pid=5032&vxii_pdid=ZaxfdAAQBIdxCQBH&vxii_ts=30&_reach=1
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 613D 0
72 B 83ms
80ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaptenoleng.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:18 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 83CD 0
72 B 82ms
80ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaptenoleng.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:18 GMT
content-length: 0
vary: Origin

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame F1D5 0
142 B 91ms
90ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=50276&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:17 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: FBB61C929CFA43418C4E93C3F7839502 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:18Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXRfZETg4VgV9PBadg==

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 21F1 0
0 74ms
73ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=65567
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:18 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: ZMtIzjB7W-bdUIV7m-AbwBkDW1rWpFNFpAT-X7-5ZPlw1npZ9jgajg==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 03A8 13 KB
4 KB 62ms
60ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 40139
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c90ddabd9d5-MIA
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 03A8 6 KB
3 KB 267ms
267ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-hongkong%2F&j=https%3A%2F%2Fzona-bermain.com%2Fjalur-shio%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20HONGKONG%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fjalur-shio%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:2381416&@b3:1705795458&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fpaito-warna-hongkong%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58b0f31c6e17f9dee0063375557d9446636f450ec9587903c0f26d9459d714a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:18 GMT
x-t: 0.222
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4M6HgpuOiVcPSNl4Ea2ir2KwmyXEpsvjhvkiXQr1eXPWutm8tkfxgu5LqDNqTZhDFxrcdBzhQMdwSn83a5YKAZDhT2qjB9HIC3SrUaEi%2FHNuiD3qdSGVDZoZCl%2F4YY84jdchftHqx5S%2F4Pg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c90dbd06dc2-MIA
expires: Sun, 21 Jan 2024 00:04:17 GMT

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 03A8 230 B
529 B 38ms
35ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 03A8 231 B
530 B 39ms
36ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 830B
Redirect Chain

https://um.simpli.fi/lj_match?r=87105
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

90ms
90ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:18 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:18 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:18 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 7AC4 0
72 B 136ms
136ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zona-bermain.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:18 GMT
content-length: 0
vary: Origin

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame E2ED 11 KB
4 KB 46ms
46ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39493
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c92a880d9d5-MIA
content-length: 4547

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 03A8 0
461 B 90ms
88ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-hongkong%2F&r=https%3A%2F%2Fzona-bermain.com%2Fjalur-shio%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-hongkong%2F&j=https%3A%2F%2Fzona-bermain.com%2Fjalur-shio%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:19 GMT
x-t: 1.27
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxsViJi2cwE5XNmoSIcy3pLyuQGl%2FS7nuixaKFT67bJuTLVNC3pv%2FLQHkwQBJtWDAEd48ZA9%2B%2BvhcINBLz0U2K5jHHEDW970bHEqsPBWHfCyPaCdzRw191lWbxVkoOD5%2FUHOWXccO4qIEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 848b4c934d70287a-MIA
expires: Sun, 21 Jan 2024 00:02:05 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 03A8 33 KB
11 KB 76ms
75ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-hongkong%2F&j=https%3A%2F%2Fzona-bermain.com%2Fjalur-shio%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38460
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: -zZYRQ_d-cbwxkeaX5vBTzhNPNEGDfRwNB9eOSboLu0DdWiDRvccVA==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 03A8 0
335 B 267ms
267ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=1actuvzbj4&_pv=10&_ls=14&_cc=us&_pl=d&_b=chrome%40120&_cbid=6eh0&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-hongkong%2F&j=https%3A%2F%2Fzona-bermain.com%2Fjalur-shio%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:19 GMT
x-t: 0.078
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tdRWVMLcNefUK8gkkL3gbqr7Na7f2e5h0UlBO8tNzwLglM9IYAdOsjz5wAdJEjZowyoQK%2BYDX2l25D8fyR27%2BlvoJClZLsDb%2BFPnnA0WY9zvtzMSIKpYYF9adEHWMnl3JYoLst1nIthoUQ%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c934e566dc2-MIA
expires: Sun, 21 Jan 2024 00:04:18 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 7D6E
Redirect Chain

https://um.simpli.fi/lj_match?r=60636
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

67ms
66ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:19 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:19 GMT

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame E2ED 434 B
569 B 207ms
69ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:31426510&@b3:1705795459&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: ee21798eb15eee2aeea72f3d5bb954ba2d2fbb6b98e0b3a6892ad402bfccb60c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:19 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame 7F9B 107 KB
13 KB 262ms
260ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:19 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Sun, 28 Jan 2024 00:04:19 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 7F9B 227 B
271 B 515ms
509ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:19 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Sun, 28 Jan 2024 00:04:19 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 7F9B 2 KB
374 B 516ms
510ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:19 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Sun, 28 Jan 2024 00:04:19 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 7F9B 28 KB
8 KB 516ms
509ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:19 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Sun, 28 Jan 2024 00:04:19 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 7F9B 3 KB
827 B 519ms
512ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:19 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Sun, 28 Jan 2024 00:04:19 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 7F9B 86 KB
29 KB 519ms
512ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:19 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Sun, 28 Jan 2024 00:04:19 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 7F9B 13 KB
5 KB 531ms
524ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:19 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Sun, 28 Jan 2024 00:04:19 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 7F9B 157 KB
26 KB 39ms
33ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:19 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6370200
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 7F9B 30 KB
7 KB 48ms
42ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 4465856
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4c93cb4221d9-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 7F9B 21 KB
8 KB 40ms
35ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:19 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4041584
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 7F9B 62 KB
16 KB 41ms
35ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:19 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4489648
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 404 jquery-1.10.2.min.js
zona-bermain.com/js/ Frame 7F9B 0
0 518ms
512ms Script
text/html 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/js/jquery-1.10.2.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:19 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
server: LiteSpeed
x-powered-by: PHP/8.2.14
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 7.png
zona-bermain.com/script/ Frame 7F9B 24 KB
24 KB 530ms
525ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:19 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Sun, 28 Jan 2024 00:04:19 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame 7F9B 25 KB
25 KB 531ms
526ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:19 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Sun, 28 Jan 2024 00:04:19 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame 7F9B 25 KB
25 KB 256ms
255ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:19 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Sun, 28 Jan 2024 00:04:19 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame 7F9B 25 KB
25 KB 259ms
259ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:19 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Sun, 28 Jan 2024 00:04:19 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame 7F9B 25 KB
25 KB 257ms
255ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Sun, 28 Jan 2024 00:04:20 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame 7F9B 25 KB
25 KB 281ms
277ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Sun, 28 Jan 2024 00:04:20 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame 7F9B 24 KB
24 KB 288ms
285ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Sun, 28 Jan 2024 00:04:20 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame 7F9B 25 KB
25 KB 295ms
291ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Sun, 28 Jan 2024 00:04:20 GMT

GET
H3 200 5.png
zona-bermain.com/script/ Frame 7F9B 25 KB
25 KB 304ms
300ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/5.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5f535c3b2a3e766186afdfcdcc69c61bdabd63853a8a22b30795fa317b28c453

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25302
expires: Sun, 28 Jan 2024 00:04:20 GMT

GET
H3 200 0.png
zona-bermain.com/script/ Frame 7F9B 25 KB
25 KB 311ms
308ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Sun, 28 Jan 2024 00:04:20 GMT

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame 7F9B 43 B
182 B 204ms
68ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:20 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 7F9B 3 KB
1 KB 318ms
316ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Sun, 28 Jan 2024 00:04:20 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 7F9B 8 KB
2 KB 268ms
263ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Sun, 28 Jan 2024 00:04:20 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 7F9B 6 KB
2 KB 268ms
264ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Sun, 28 Jan 2024 00:04:20 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 7F9B 112 KB
34 KB 269ms
265ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Sun, 28 Jan 2024 00:04:20 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 7F9B 4 KB
2 KB 280ms
276ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Sun, 28 Jan 2024 00:04:20 GMT

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame D4AA 43 B
748 B 68ms
64ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=70372

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:19 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 5
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 363B 85 B
482 B 63ms
61ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134908
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: uHkxvFfumEGdMtHWLHN8m1uPBI_50zktl0lVmYJlIpIIfif-GcxwJg==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame F1D5
Redirect Chain

https://um.simpli.fi/lj_match?r=47128
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

68ms
68ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:19 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:19 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:19 GMT

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 36DE 43 B
748 B 64ms
62ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=14013

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:19 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 4
Content-Type: image/gif

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 00AF 43 B
177 B 69ms
68ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:19 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 363B 766 B
1 KB 63ms
62ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401264
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: v0gFJWs_-qriRSXJJt5IV4A46eXktD9q0wn33Iz3S2i0-nxSFvBjPg==

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 03A8 5 KB
2 KB 62ms
62ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2454
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: zZvsyrPQ5e7bBkpD7pCiRcXAJPBw_jATIR3TIpgsBVl4JMFrFsaECw==

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 9608 0
72 B 69ms
68ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaptenoleng.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:19 GMT
content-length: 0
vary: Origin

GET
H2 204 sync
thrtle.com/ Frame 1D26 0
473 B 59ms
59ms Image
text/plain 54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:19 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 830B 43 B
748 B 67ms
66ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=28734

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:19 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 5
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 1A2C 85 B
482 B 411ms
410ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://w1.bungaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134908
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: Wu_yOVXN_EZw0UJX_TjJXh7WJT0juIe22scILUPD2NwYP_zacnn23A==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame E2ED 22 KB
12 KB 54ms
47ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:19 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 33302
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c955cbdd9d5-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame E2ED 6 KB
3 KB 260ms
254ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:31426510&@b3:1705795459&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c82a2aef8b99c770c858139cd5eb9bc064f2bae847aed7fda70537fb06536f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:19 GMT
x-t: 0.242
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tj8RlXQT8kvCoYYdpU3mJiK6qsGia7YSfphRVhyAH2EueYuLVT1Oa9uhQ0Q9P%2FOtnPqrh2tGItdnn2Tifq0RjlL0ECa0ApxfKWyL5yPjVqy7hzVzoOfhwoKymmHCXOGZw6XCYck2GS43Juk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c9558d56dc2-MIA
expires: Sun, 21 Jan 2024 00:04:18 GMT

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 03A8 167 B
581 B 71ms
67ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 7D6E 43 B
748 B 68ms
67ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=57165

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:19 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame A0AF 85 B
483 B 67ms
66ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://w1.bungaprediction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134908
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: n1zXOgLv4lPfaHILQuiFO5a7ytLYyhhKOlTbYsSjv2D5k3IKXZPNUg==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame F1D5 43 B
748 B 66ms
65ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=30206

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:19 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 3BF6 85 B
482 B 64ms
63ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134908
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: xPmU765BohWfpOMwbnvsjmU0a-ZRAMsnWE2DSFyXSxuXlau0VjHyzg==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 36DE 0
143 B 80ms
80ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=15113&pu=https://zona-bermain.com/live-sydney/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:18 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 27ECF3E2FECD4023A5D54ECE9534CBDF Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:19Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXRw+5l6wWAF705PNA==

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 405B 0
0 69ms
68ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=55013
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:19 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: 5Uhq0af62H8eq98ihkTF33mtf9iTlQJKNIMd08LJ5zZlFloUqlc_og==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 1A2C 766 B
1 KB 62ms
61ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401264
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: 8EsJU3MmjOIyFojZj0K2jccHlUMPj0dY3Otmj5zLVy7VF9McdW-I1w==

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame A0AF 766 B
1 KB 61ms
60ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401264
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: OE4O_HzZkGNePk2p60gxfw1PXAqgq00cyOKPBKRYM75xF-YiDbsB6A==

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 3BF6 766 B
1 KB 60ms
60ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401264
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: BF0B8a8EGXdRxaACKI0aL_DoD3OBZYz9az-cwqHb5TzDpOocreZ_mQ==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame E2ED 0
447 B 96ms
94ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
x-t: 9.17
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RoqiGjmQO1GX2UGY7Lhf9rzgmFhB%2F6KWUJMSAlW6TeCmmHr3VuKFUY%2BlxPSEb4%2FFMUM9mU8I1HLF5hIN32HNy7wgrX%2FUhRqToI%2F%2FVuN7Ad2ERqEk7bheI2fZUbvGspsCVV%2BlWy3RAtfhIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 848b4c98aefc287a-MIA
expires: Sun, 21 Jan 2024 00:04:51 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame E2ED 33 KB
11 KB 67ms
66ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38460
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: PJi4v_6-PDwEwrkDhOxN60zn0GCOnDYJ7cPXWPj9oNkJ3wwUYAkBRQ==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame E2ED 0
341 B 267ms
265ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=3qzb7utbz4&_pv=10&_ls=13&_cc=us&_pl=d&_b=chrome%40120&_cbid=4yjv&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
x-t: 0.087
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAv40f7v7soNMGpJdL11iMQK42LnitDU9wJjrY5VTqQ28z4dSTGrBvbUmIfYPIkjrsTVqS892m5Byaipt6g82L4tqe3hbrBlGXNyiqxpaVvGDDYg81MfMCESQsGapLvmx4il0WTqWAaoCf0%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c98bc546dc2-MIA
expires: Sun, 21 Jan 2024 00:04:19 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame 7F9B 25 KB
25 KB 260ms
258ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Sun, 28 Jan 2024 00:04:20 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame 7F9B 25 KB
25 KB 272ms
269ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Sun, 28 Jan 2024 00:04:20 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame 7F9B 25 KB
25 KB 275ms
272ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Sun, 28 Jan 2024 00:04:20 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame 7F9B 25 KB
25 KB 281ms
279ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Sun, 28 Jan 2024 00:04:20 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame 7F9B 24 KB
24 KB 295ms
292ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Sun, 28 Jan 2024 00:04:20 GMT

GET
H3 200 5.png
zona-bermain.com/script/ Frame 7F9B 25 KB
25 KB 298ms
296ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/5.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5f535c3b2a3e766186afdfcdcc69c61bdabd63853a8a22b30795fa317b28c453

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25302
expires: Sun, 28 Jan 2024 00:04:20 GMT

GET
H3 200 0.png
zona-bermain.com/script/ Frame 7F9B 25 KB
25 KB 306ms
304ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Sun, 28 Jan 2024 00:04:20 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame 7F9B 25 KB
25 KB 313ms
312ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Sun, 28 Jan 2024 00:04:20 GMT

GET
H3 200 7.png
zona-bermain.com/script/ Frame 7F9B 24 KB
24 KB 319ms
318ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Sun, 28 Jan 2024 00:04:20 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 7F9B 11 KB
5 KB 48ms
46ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39495
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c996bd3d9d5-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
kaptenoleng.com/ Frame AF1E 10 KB
2 KB 283ms
282ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:20 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H2 204 sync
thrtle.com/ Frame D4AA 0
473 B 60ms
59ms Image
text/plain 54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 7F9B 75 KB
76 KB 44ms
43ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 52952
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0169a029d86cd905494d0223eb6c0fce
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4c998a3b497c-MIA
cdn-requestpullsuccess: True

GET
H3

200

/ Show response
zona-bermain.com/generator-line-angka/ Frame 4A3A
Redirect Chain

https://zona-bermain.com/generator-line-angka
https://zona-bermain.com/generator-line-angka/

96 KB
20 KB

500ms
500ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/generator-line-angka/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

1ddc73e82f33d36d98cf976674cc0cdde63bbaf61a6338ae7ff0739a4c81dac5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/generate-bbfs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:21 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/159>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=159>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:20 GMT
location: https://zona-bermain.com/generator-line-angka/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 03A8 43 B
177 B 69ms
68ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:20 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame E2ED 5 KB
2 KB 64ms
63ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2455
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: yth7gYQNXiGe1ZNMwk-Gx9Wn9S_xL6VQ-Dy3DsgWS0j9R4jakBTl7A==

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame 7F9B 436 B
571 B 210ms
69ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mGENERATOR%20BBFS%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fpaito-warna-hongkong%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-91797462&@b3:1705795460&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: ee053a27a18fa6026d1dd96aee2dc7763176f9ec05090050148aadf2d607dc7f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:20 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 36DE
Redirect Chain

https://um.simpli.fi/lj_match?r=33750
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

67ms
66ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:20 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:20 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:20 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 029C 0
72 B 69ms
68ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zona-bermain.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:20 GMT
content-length: 0
vary: Origin

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 7F9B 18 KB
5 KB 255ms
255ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generate-bbfs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Sun, 28 Jan 2024 00:04:20 GMT

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame AF1E 15 KB
3 KB 287ms
287ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Sun, 28 Jan 2024 00:04:20 GMT

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 00AF 43 B
748 B 65ms
64ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=12690

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:20 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 5
Content-Type: image/gif

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame E2ED 167 B
580 B 71ms
69ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:20 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 7F9B 13 KB
4 KB 48ms
46ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 40141
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c9d19a3d9d5-MIA
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 7F9B 6 KB
3 KB 259ms
258ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F&j=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-hongkong%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mGENERATOR%20BBFS%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fpaito-warna-hongkong%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-91797462&@b3:1705795460&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71efc3882e0c113302fd1714b86e2e5337d12adb637094d4dea3b20f1b4f2bf9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
x-t: 0.331
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5baWrm2LFO1lUyi7FYYmDObNmX1I1YF%2BkVYbU4a%2BY4w2WMi9udGoHmJEb977yrVeOS3kaqsCOsJWIf9P1CZIoONDY%2B053hXbOL6GCPEq7alqjvcO8gCzgT3WFiz%2BZNTDlY04pr5i7HZnXU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4c9d19116dc2-MIA
expires: Sun, 21 Jan 2024 00:04:19 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 5B64 0
0 75ms
69ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=88831
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:20 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: VE7ODB0hpvkc3Df3SUuiOR6Ua-0j7xCNUq4aPtwXW8nIa4Fq-PRPgA==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 7F9B 230 B
529 B 37ms
32ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 7F9B 231 B
530 B 38ms
33ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame AF1E 11 KB
4 KB 49ms
44ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39495
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4c9ddaa0d9d5-MIA
content-length: 4547

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame AF1E 434 B
569 B 199ms
66ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-107700743&@b3:1705795461&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: ee21798eb15eee2aeea72f3d5bb954ba2d2fbb6b98e0b3a6892ad402bfccb60c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:21 GMT
Connection: close
Content-Length: 434
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 36DE 43 B
748 B 62ms
61ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=69065

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:20 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame BA25 85 B
482 B 61ms
61ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134909
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: 3faRDxzxCMpxMD3_LsBzE3FuRO72a4fyAhhMF4QQtRPAeBBqDVfi5Q==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 27E5 0
72 B 71ms
69ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaptenoleng.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:21 GMT
content-length: 0
vary: Origin

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 00AF 0
142 B 82ms
77ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=90386&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 833A8A8DD92D489792FB524FA4C26FAD Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXSEIFRmyhBoj1fyHQ==

GET
H2 204 sync
thrtle.com/ Frame 830B 0
473 B 63ms
61ms Image
text/plain 54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/live-china/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2 204 sync
thrtle.com/ Frame 7D6E 0
473 B 63ms
62ms Image
text/plain 54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w1.bungaprediction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2 204 sync
thrtle.com/ Frame F1D5 0
473 B 60ms
59ms Image
text/plain 54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 7F9B 0
441 B 133ms
131ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F&r=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-hongkong%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F&j=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-hongkong%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
x-t: 4.62
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6KlSUb4PEVLdUBeeY4kHvZW%2Fg2KC0NNSvUTFGkeIHq9ZdvYps4C2JsaGZ6vYj4ZwvovB1wlUFvS0AmL3VAB35zZPFQACTZfR7ofJi0hfhMfor3KGKNCCyI9Mr4kf4p%2BJuU2wGixoRh5%2Bxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 848b4c9f9ba5287a-MIA
expires: Sun, 21 Jan 2024 00:04:52 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 7F9B 33 KB
11 KB 68ms
67ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F&j=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-hongkong%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38462
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: 5nzTxBVAQYTDGvODsXQHMamLaItC8m3ckEMO9hOEfUO0CPqsGj9IWw==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 7F9B 0
334 B 130ms
129ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=1actuvzbj4&_pv=11&_ls=16&_cc=us&_pl=d&_b=chrome%40120&_cbid=14rs&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F&j=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-hongkong%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
x-t: 0.134
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGSHLdf8dcujOpyS6qiGRLHF5%2B14MlfF%2FgO7fmAnCdbwLssbvC4G3y5IEla6PYYfPyQFGH5sW%2FaMELLsK%2B2T2iWBJ2Zf7Bnxd9DpiMYRt%2FiByVvc7UxB5E%2B3tFutbcGGLJfbKiKQ5wdOOzY%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4c9f9c4a6dc2-MIA
expires: Sun, 21 Jan 2024 00:04:20 GMT

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame AF1E 22 KB
12 KB 70ms
53ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 33304
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4ca07e3ed9d5-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame AF1E 6 KB
3 KB 279ms
262ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-107700743&@b3:1705795461&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8de83d25df5be87934ec0a1091c0ab13aedd0c8d0552cbc2e1e3d14ff147ab33

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
x-t: 0.211
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gVbmpQ%2FtHVnIEyTuMbD2wqNV7dJstJUmHSOM9xG8dCHlvS9zNfTbFSerXrcly3mpxmPuQTIV7A%2BLsT0S9ySanQK8s4hKf8u0c6rDZWnrMVXLqMUngfL4Qr31G%2BOSO4smqz30tygwYZNQO%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4ca06d346dc2-MIA
expires: Sun, 21 Jan 2024 00:04:20 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame BA25 766 B
1 KB 71ms
63ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401266
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: ySD-sxprolDqc9qNH_Tj4aZcUgnCk_kH7-lOa8X8e8as4Zjmsy1H2Q==

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame E2ED 43 B
177 B 69ms
68ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:21 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame 4A3A 107 KB
13 KB 263ms
255ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Sun, 28 Jan 2024 00:04:21 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 4A3A 227 B
289 B 264ms
256ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Sun, 28 Jan 2024 00:04:21 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 4A3A 2 KB
374 B 263ms
256ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Sun, 28 Jan 2024 00:04:21 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 4A3A 28 KB
8 KB 263ms
256ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Sun, 28 Jan 2024 00:04:21 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 4A3A 3 KB
827 B 265ms
258ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Sun, 28 Jan 2024 00:04:21 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 4A3A 86 KB
29 KB 265ms
258ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Sun, 28 Jan 2024 00:04:21 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 4A3A 13 KB
5 KB 272ms
266ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Sun, 28 Jan 2024 00:04:21 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 4A3A 157 KB
26 KB 39ms
33ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:21 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6370202
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 4A3A 30 KB
7 KB 47ms
42ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 4465858
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4ca0dcdc21d9-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 4A3A 21 KB
8 KB 42ms
36ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:21 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4041586
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 4A3A 62 KB
16 KB 45ms
39ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:21 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4489650
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 404 jquery-1.10.2.min.js
zona-bermain.com/js/ Frame 4A3A 0
0 482ms
476ms Script
text/html 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/js/jquery-1.10.2.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
server: LiteSpeed
x-powered-by: PHP/8.2.14
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 7.png
zona-bermain.com/script/ Frame 4A3A 24 KB
24 KB 284ms
278ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Sun, 28 Jan 2024 00:04:21 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame 4A3A 25 KB
25 KB 271ms
264ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Sun, 28 Jan 2024 00:04:21 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame 4A3A 25 KB
25 KB 256ms
255ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Sun, 28 Jan 2024 00:04:21 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame 4A3A 25 KB
25 KB 263ms
262ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Sun, 28 Jan 2024 00:04:21 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame 4A3A 25 KB
25 KB 256ms
255ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Sun, 28 Jan 2024 00:04:21 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame 4A3A 25 KB
25 KB 275ms
272ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Sun, 28 Jan 2024 00:04:21 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame 4A3A 24 KB
24 KB 281ms
279ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Sun, 28 Jan 2024 00:04:21 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame 4A3A 25 KB
25 KB 290ms
288ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Sun, 28 Jan 2024 00:04:21 GMT

GET
H3 200 5.png
zona-bermain.com/script/ Frame 4A3A 25 KB
25 KB 297ms
295ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/5.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5f535c3b2a3e766186afdfcdcc69c61bdabd63853a8a22b30795fa317b28c453

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25302
expires: Sun, 28 Jan 2024 00:04:21 GMT

GET
H3 200 0.png
zona-bermain.com/script/ Frame 4A3A 25 KB
25 KB 303ms
302ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Sun, 28 Jan 2024 00:04:21 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 7F9B 5 KB
2 KB 62ms
61ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2456
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: sHoUogFsEZg-ZtljEQ3TqIoUDa4l33lfTR3pGBygcuOVSVDTNTrTDw==

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame 4A3A 43 B
182 B 200ms
67ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:21 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 4A3A 3 KB
1 KB 309ms
308ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Sun, 28 Jan 2024 00:04:21 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 4A3A 8 KB
2 KB 264ms
262ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Sun, 28 Jan 2024 00:04:21 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 4A3A 6 KB
2 KB 265ms
262ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Sun, 28 Jan 2024 00:04:21 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 4A3A 112 KB
34 KB 266ms
264ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Sun, 28 Jan 2024 00:04:21 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 4A3A 4 KB
2 KB 274ms
272ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Sun, 28 Jan 2024 00:04:21 GMT

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 03A8 43 B
748 B 67ms
66ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=76340

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:21 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 7
Content-Type: image/gif

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 7F9B 167 B
581 B 67ms
66ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame AF1E 0
438 B 83ms
82ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
x-t: 2.32
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6vv%2BxwCUIhDeVWmEr%2Bd44EyEXIHE%2Fa05h8LpzBkmqoMVkNjUYeFWYhz415Gwd7SbA9RoXOGvtUl54BK%2F7Qay%2FRTU9YwcAvw5R3zsznQekgu4ErQeAjyODsI9u46orX2f6gUSYQMrXZYcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 848b4ca2aa19287a-MIA
expires: Sat, 20 Jan 2024 23:40:38 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame AF1E 33 KB
11 KB 68ms
68ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38462
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: 2uvlEvk3wVaSOAL3xMJ-kmQeeuPiUlYZCmsX1OtnctDgk7CV6lTK6g==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame AF1E 0
291 B 259ms
259ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=3qzb7utbz4&_pv=11&_ls=14&_cc=us&_pl=d&_b=chrome%40120&_cbid=16g3&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
x-t: 0.093
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3%2FKOk7X7JZQVy2T6covk%2FDeMKpJa8Ws4T7Hpi6O7paFCGmb%2B9J0j%2FiQdQFwHgyaqdPYctUQBfs44gzfqn1cCQMlMFtTulAnoCqGhPAkE5Zl9%2FOR%2FqZqP%2BxaEu6ayGTd%2BIMmGnsof28vG3E%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4ca2a8ac6dc2-MIA
expires: Sun, 21 Jan 2024 00:04:20 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 00AF
Redirect Chain

https://um.simpli.fi/lj_match?r=92611
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

67ms
66ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:21 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:21 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:21 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame AF1E 5 KB
2 KB 61ms
61ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2456
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: muDIQPbGMXYBQ4C2UXXy5SLzAaqFgSjP9eAWKRrFPJ0yKMnQrQDJbQ==

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame BB20 0
0 72ms
70ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=78975
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:21 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: dXGWFXC8tRuTG9BgRGF5rEOmaNKPhZ_i1wzf50zIf8k8QH3KUL6prA==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame AF1E 167 B
580 B 68ms
68ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 4A3A 11 KB
5 KB 48ms
47ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39496
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4ca42cb8d9d5-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
kaptenoleng.com/ Frame 8410 10 KB
2 KB 285ms
284ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:22 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 4A3A 75 KB
76 KB 41ms
41ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 52953
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0169a029d86cd905494d0223eb6c0fce
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4ca44b3a497c-MIA
cdn-requestpullsuccess: True

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 9C91 0
72 B 69ms
68ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zona-bermain.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:21 GMT
content-length: 0
vary: Origin

GET
H3

200

/ Show response
zona-bermain.com/kalender-togel/ Frame 6776
Redirect Chain

https://zona-bermain.com/kalender-togel
https://zona-bermain.com/kalender-togel/

101 KB
20 KB

455ms
454ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/kalender-togel/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

7e9bb5e1dd4cc86243a847bd88bc20213c0506815b5e1531f617f63995583ad9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/generator-line-angka/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:22 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/297>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=297>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:22 GMT
location: https://zona-bermain.com/kalender-togel/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 03A8 0
142 B 81ms
80ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=12889&pu=https://zona-bermain.com/jalur-shio/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:20 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: C3434DEAEBB44B82B0ACBB3A62AEF70D Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXSRYtOVL9PXId37ZA==

GET
H2 204 sync
thrtle.com/ Frame 36DE 0
473 B 61ms
60ms Image
text/plain 54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 4A3A 18 KB
5 KB 256ms
255ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/generator-line-angka/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:22 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Sun, 28 Jan 2024 00:04:22 GMT

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame 4A3A 436 B
571 B 204ms
68ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mGENERATOR%20LINE%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:56607991&@b3:1705795462&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: ee053a27a18fa6026d1dd96aee2dc7763176f9ec05090050148aadf2d607dc7f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:22 GMT
Connection: close
Content-Length: 436
Content-Type: text/html;charset=UTF-8

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 7F9B 43 B
177 B 67ms
66ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:22 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 00AF 43 B
750 B 292ms
291ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=34850

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:22 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 208
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame F189 85 B
483 B 64ms
64ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134911
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: qM3Y8V8335BHxZ4vKDVdBCmjqhedKYRJQzKRN8LX3umYzeKGP2gS1Q==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame F189 766 B
1 KB 63ms
61ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401267
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: tjYF7m9ZpUrfpiU8gzFZjNzzBm9OXpRx1nIByL-SGmheYW_dXTE6VQ==

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 8410 15 KB
3 KB 287ms
287ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:22 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Sun, 28 Jan 2024 00:04:22 GMT

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 4A3A 13 KB
4 KB 51ms
49ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 40143
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4ca73958d9d5-MIA
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 4A3A 6 KB
3 KB 267ms
265ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F&j=https%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mGENERATOR%20LINE%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:56607991&@b3:1705795462&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1aa107e1e77aa0258a32c782575d12d42e91aa392d3c73af25f90ef9ca4d0dd1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:22 GMT
x-t: 0.223
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHkbpsQ8AUVHsWwVScuY6wbomd3fXuztJxbtQhWWk3jRIDpPJCZCo6ZKJSe3A4Yr9TPQQj8vW4ocmk%2FgcC9daGVHbWrPUuSzvdevjh6xBgBKXLhdVw%2BLHywMqTiFje8xKf8cluxSYBZyDr8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4ca73e316dc2-MIA
expires: Sun, 21 Jan 2024 00:04:21 GMT

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame E2ED 43 B
748 B 69ms
68ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=19591

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:22 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 6
Content-Type: image/gif

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 4A3A 230 B
529 B 41ms
39ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 4A3A 231 B
530 B 41ms
39ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 59DF 0
72 B 75ms
75ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaptenoleng.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:22 GMT
content-length: 0
vary: Origin

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 03A8
Redirect Chain

https://um.simpli.fi/lj_match?r=38145
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

75ms
75ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:22 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:22 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:22 GMT

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame AF1E 43 B
177 B 70ms
69ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:22 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 8410 11 KB
5 KB 49ms
44ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39497
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4ca95c61d9d5-MIA
content-length: 4547

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame F3C9 0
0 70ms
69ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=93754
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:22 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: 5hnTn9z-AM7qmeza27Y3-xK9IrlkuqzUpzkyFkJGoHUwVZ-Mf82hbQ==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 4A3A 0
581 B 79ms
77ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F&r=https%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F&j=https%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:22 GMT
x-t: 0.97
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fzk0cDnTrpeMQ1sjO3%2FaCZjaoq1jZ7zJlST71tJgjo4sE3zefLoM0XMgpG2l%2BuJrvoW%2Bg3B%2FQEAVSS3jQZq8VOX%2FngDOjzSSPMbNfk9W2Er7Qa%2B0RTRNTg%2BMlB9GPmCX87a5K0%2Flk050sA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 848b4ca97eb5287a-MIA
expires: Sat, 20 Jan 2024 23:10:34 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 4A3A 33 KB
11 KB 68ms
67ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F&j=https%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38463
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: Vf7sk6ZC485TmNTlacQTz9P5AFTPSli32FQIzJITfqXKmN6L64fvFw==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 4A3A 0
380 B 263ms
263ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=1actuvzbj4&_pv=12&_ls=18&_cc=us&_pl=d&_b=chrome%40120&_cbid=3ksi&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F&j=https%3A%2F%2Fzona-bermain.com%2Fgenerate-bbfs%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:22 GMT
x-t: 0.095
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6idozyGHC3w%2FoXcLGlcsXQEdIvgBqGcRfz5Cupe73QcsQMRUN5bd43XbDvucOSj3ovaFNIbkkaGDcCi8uIVfp3f0f9iizamKtPiQ5rSkMXox3y%2F2VZV4u58j%2Brq3Doewx1eq%2BRHHGoHf1g%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4ca9892e6dc2-MIA
expires: Sun, 21 Jan 2024 00:04:21 GMT

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame 8410 435 B
570 B 199ms
66ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:186228835&@b3:1705795463&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 5a300278c9b15294d6a4e0a354c1d766fa1482ea44899238d9bbb55c533013d8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:22 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 4A3A 5 KB
2 KB 62ms
61ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2457
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: LCKQjKBNzVe8p2pCHzUndWDQWq50fbo9SF5JnOKTtxxsSV-aALKzKg==

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame E2ED 0
141 B 83ms
73ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=84091&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:21 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 1ADE1B8967F149D0BB44A91D67D5C860 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:22Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXSf9R2e3wKGANeO7w==

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame 6776 107 KB
13 KB 259ms
255ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/kalender-togel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:22 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Sun, 28 Jan 2024 00:04:22 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 6776 227 B
271 B 264ms
260ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/kalender-togel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:22 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Sun, 28 Jan 2024 00:04:22 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 6776 2 KB
374 B 264ms
261ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/kalender-togel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:22 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Sun, 28 Jan 2024 00:04:22 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 6776 28 KB
8 KB 264ms
261ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/kalender-togel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:22 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Sun, 28 Jan 2024 00:04:22 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 6776 3 KB
827 B 269ms
265ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/kalender-togel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:22 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Sun, 28 Jan 2024 00:04:22 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 6776 86 KB
29 KB 270ms
265ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/kalender-togel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:22 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Sun, 28 Jan 2024 00:04:22 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 6776 13 KB
5 KB 273ms
269ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/kalender-togel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:22 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Sun, 28 Jan 2024 00:04:22 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 6776 157 KB
26 KB 38ms
34ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:22 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6370204
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 6776 30 KB
7 KB 44ms
41ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 4465859
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4caafa4921d9-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 6776 21 KB
8 KB 40ms
37ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:22 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4041588
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 6776 62 KB
16 KB 38ms
36ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:22 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4489652
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 204 sync
thrtle.com/ Frame 00AF 0
473 B 60ms
59ms Image
text/plain 54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/jalur-shio/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:22 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H3 200 7.png
zona-bermain.com/script/ Frame 6776 24 KB
25 KB 257ms
255ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/kalender-togel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Sun, 28 Jan 2024 00:04:23 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame 6776 25 KB
25 KB 264ms
261ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/kalender-togel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Sun, 28 Jan 2024 00:04:23 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame 6776 25 KB
25 KB 264ms
262ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/kalender-togel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Sun, 28 Jan 2024 00:04:23 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame 6776 25 KB
25 KB 267ms
266ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/kalender-togel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Sun, 28 Jan 2024 00:04:23 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame 6776 25 KB
25 KB 265ms
258ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/kalender-togel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Sun, 28 Jan 2024 00:04:23 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame 6776 25 KB
25 KB 287ms
281ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/kalender-togel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Sun, 28 Jan 2024 00:04:23 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame 6776 24 KB
24 KB 296ms
290ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/kalender-togel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Sun, 28 Jan 2024 00:04:23 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame 6776 25 KB
25 KB 300ms
294ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/kalender-togel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Sun, 28 Jan 2024 00:04:23 GMT

GET
H3 200 5.png
zona-bermain.com/script/ Frame 6776 25 KB
25 KB 304ms
299ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/5.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5f535c3b2a3e766186afdfcdcc69c61bdabd63853a8a22b30795fa317b28c453

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/kalender-togel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25302
expires: Sun, 28 Jan 2024 00:04:23 GMT

GET
H3 200 0.png
zona-bermain.com/script/ Frame 6776 25 KB
25 KB 313ms
307ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/kalender-togel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Sun, 28 Jan 2024 00:04:23 GMT

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 4A3A 167 B
581 B 66ms
66ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:22 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame 6776 43 B
182 B 210ms
74ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:23 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 6776 3 KB
1 KB 315ms
310ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/kalender-togel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Sun, 28 Jan 2024 00:04:23 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 6776 8 KB
2 KB 271ms
264ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/kalender-togel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Sun, 28 Jan 2024 00:04:23 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 6776 6 KB
2 KB 273ms
267ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/kalender-togel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Sun, 28 Jan 2024 00:04:23 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 6776 112 KB
34 KB 274ms
268ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/kalender-togel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Sun, 28 Jan 2024 00:04:23 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 6776 4 KB
2 KB 286ms
280ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/kalender-togel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Sun, 28 Jan 2024 00:04:23 GMT

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 8410 22 KB
12 KB 47ms
44ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 33305
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4cabaf63d9d5-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 8410 7 KB
3 KB 265ms
263ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:186228835&@b3:1705795463&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74dec684ec726efc2a8cce698050eb6533b349c81d5a5ca266db974c75178c5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
x-t: 0.203
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vio1p5%2F1tw5wx%2FZlhkqOnnsQB10T%2FkhJNf9QELApY5x61%2FlRzZMhRd0dInPKjvXl86Me8OyYFkYEe0YxVftL5tP3yOqAtA7%2FNHoYx3tQC1qOr%2FP07rPIkfK3tblxcLs5LfvMSYAiU5pHjBc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4cababcb6dc2-MIA
expires: Sun, 21 Jan 2024 00:04:22 GMT

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 03A8 43 B
748 B 116ms
115ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=90304

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:22 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 5335 85 B
481 B 113ms
112ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134912
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: 4E96x4xo0Elib6OqfH5121vFQ7Xn3HiYJTVMMey8aF7OR8k6hfQosA==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 4B24 0
0 80ms
68ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=16557
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:23 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: ZO_zUOf7Ecg4U__jpuJWZwedH1TGNxggSDdPAuBPLUOYU_y3ozUP6Q==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 5335 766 B
1 KB 64ms
55ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401268
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: qjD67QKU_90aCUNFiYeIuDNZlJp6MWwvQcMw-kZ5aBPCwkDgS9W12g==

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 7F9B 43 B
748 B 62ms
61ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=25278

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:23 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 6776 11 KB
5 KB 55ms
50ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39498
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4cad79ded9d5-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
kaptenoleng.com/ Frame C4BD 10 KB
2 KB 299ms
282ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:23 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 6776 75 KB
76 KB 41ms
41ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 52955
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0169a029d86cd905494d0223eb6c0fce
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4cad880a497c-MIA
cdn-requestpullsuccess: True

GET
H3

200

/ Show response
zona-bermain.com/paito-warna-taiwan/ Frame 6014
Redirect Chain

https://zona-bermain.com/paito-warna-taiwan
https://zona-bermain.com/paito-warna-taiwan/

265 KB
34 KB

545ms
544ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/paito-warna-taiwan/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

e49776ceeb988f46bfaccae155fa7e79b479aa6d7fffd408ddb22ad69e88a4e5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/kalender-togel/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:24 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/105>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=105>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:23 GMT
location: https://zona-bermain.com/paito-warna-taiwan/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 8410 0
461 B 85ms
83ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
x-t: 1.21
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lqCoww48ED8ZAA9%2FZmrNqzs3T4oPmcINiyMrvfOdvoAYgwxOh7TbrTyzD5ZiHb1fI7Gv1RuuSu7vyogF%2F8zMTX9lXjoRwvpkseMEvTX21wOwb6I3vXCzDVyf0W%2FqiSO%2FEtENcxUnMkhk%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web16.ny1.dtscdn.com
cf-ray: 848b4cadfe56287a-MIA
expires: Sun, 21 Jan 2024 00:02:10 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 8410 33 KB
11 KB 79ms
78ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38464
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: J1VQIDVfCDsB42wuDXsT6aSkDuttHNZyuaUKBErm3R07Oj3dxTELSw==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 8410 0
285 B 261ms
259ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=3qzb7utbz4&_pv=12&_ls=16&_cc=us&_pl=d&_b=chrome%40120&_cbid=3e54&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
x-t: 0.09
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scw8Ihd4b0pi7qLTUy0%2FjWRKwicunv9fGp5DDGFzeBqyP02ZTbd5hqJgV9%2B%2BGM2gkGpez8w5YzJkex7UlmFhUc1KJN8e%2FpcS11%2FYY9U6fOB32JQUm1zCyMnPLmvKHc1mB7UbSR8og76Taiw%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4cadfe996dc2-MIA
expires: Sun, 21 Jan 2024 00:04:22 GMT

GET
H2 200 / Show response
dtsedge.com/ping/ Frame 8410 0
308 B 83ms
82ms Script
application/javascript 2606:4700:3033::6815:e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dtsedge.com/ping/?t=300&d=kaptenoleng.com
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
x-t: 0.58
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=482YwkGQwXiE09Cl4k2Z7L5v5ms5Cwl9FfGA7fk0VU0re%2BkKkrpkIHN3UqmynZ2A06OqCe2veN%2FxLl4%2BllyGkkY7E0yliKBMyWnnMPQvHIX2qdqaRyCsVDcDXQeUrC0%2FLqgqdb3gnjnVCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 848b4cadf8f5da87-MIA
alt-svc: h3=":443"; ma=86400

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame E2ED
Redirect Chain

https://um.simpli.fi/lj_match?r=89416
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

67ms
67ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:23 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:23 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:23 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 4693 0
72 B 70ms
69ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zona-bermain.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:23 GMT
content-length: 0
vary: Origin

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame 6776 437 B
572 B 205ms
66ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mKALENDER%20TOGEL%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-152731529&@b3:1705795463&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fkalender-togel%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 04a3d1e42bc1dc4e5275763df433d5fb32777368a1efabdb654b55a35102c7f7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:23 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 8410 5 KB
2 KB 72ms
62ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2458
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: i7wdhoQD2WNajJP8RCGKcGdrACYzMkF8RYZP8CDsRbWL6ZCA6EYzHg==

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 8410 167 B
580 B 74ms
66ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 6776 18 KB
5 KB 262ms
257ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/kalender-togel/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Sun, 28 Jan 2024 00:04:23 GMT

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame AF1E 43 B
748 B 67ms
66ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=78864

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:23 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 6
Content-Type: image/gif

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 4A3A 43 B
177 B 72ms
72ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:23 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 7F9B 0
141 B 77ms
77ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=46807&pu=https://zona-bermain.com/paito-warna-hongkong/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:22 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A5634F56E3974A5F91836C52CD772703 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXSth38NdAb4wp0g8w==

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame C4BD 15 KB
3 KB 287ms
287ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Sun, 28 Jan 2024 00:04:23 GMT

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 6776 13 KB
4 KB 51ms
49ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 40144
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4cb0fe27d9d5-MIA
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 6776 6 KB
3 KB 262ms
261ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fkalender-togel%2F&j=https%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mKALENDER%20TOGEL%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-152731529&@b3:1705795463&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fkalender-togel%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 045eab8b5112ec3f5ea5aaee26f98fae232ccd3cd5e2d07ef75b45375b085604

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:24 GMT
x-t: 0.206
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWg5npVSQnDG8zpwPhEMIJMk5VIfRPUcHWZCfpnAz8RuldlaPYzcmH8TeleFBBEeiVkuJts4EkPwH8sPv%2Fu%2Bo0nvh97z6q8jIVVrW5jjZzpTD315x5okGcbJ0TzomHf%2FhFSu6Ue32oBTNHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4cb0fa886dc2-MIA
expires: Sun, 21 Jan 2024 00:04:23 GMT

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame E2ED 43 B
748 B 63ms
63ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=29598

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:23 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 3
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 83B4 85 B
483 B 61ms
60ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134913
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: 8zNyyPQP8hT2fMfciJ-EVGyfXWU74zl-FSqGIItYEGInkv0jIKehNw==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 6776 230 B
529 B 33ms
33ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 204 sync
thrtle.com/ Frame 03A8 0
474 B 61ms
60ms Image
text/plain 54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:24 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame C491 0
72 B 69ms
68ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaptenoleng.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:24 GMT
content-length: 0
vary: Origin

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame C4BD 11 KB
5 KB 45ms
44ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39499
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4cb2f8a9d9d5-MIA
content-length: 4547

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 83B4 766 B
1 KB 63ms
61ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401269
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: brJCRGGkroYLoVsk4EaszDPZKzqoADN-CzxwiJ8SKpVq2lZBIXHlXw==

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame AF1E 0
142 B 92ms
92ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=2090&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:23 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: D67294E2727C45E8A84D1390A122E2C9 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:24Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXS1VKVxgj+5FE9pxw==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 6776 0
469 B 90ms
90ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2Fkalender-togel%2F&r=https%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fkalender-togel%2F&j=https%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:24 GMT
x-t: 4.46
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWJIXGfYydlExUpm4DcN9EDqouJK2eFeNz6ddD%2B%2BDeu79bVSRS%2BVW%2FQqSkJvGsmN%2FdJGdBFNYRmroxRrbG%2FGySUQpNi5AOD%2B5BVHEnzTE%2BT3CRBFcVPY55GKRwZJOCnU8v1nmQANXoGUng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 848b4cb3b9de287a-MIA
expires: Sun, 21 Jan 2024 00:04:55 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 6776 33 KB
11 KB 66ms
66ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fkalender-togel%2F&j=https%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38465
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: YKAXdX9twNJM8Ydljky0C3NFSXOQHuKY3c2DBfWqZWRrZJNd5EA9GA==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 6776 0
288 B 256ms
256ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=1actuvzbj4&_pv=13&_ls=19&_cc=us&_pl=d&_b=chrome%40120&_cbid=2vh4&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fkalender-togel%2F&j=https%3A%2F%2Fzona-bermain.com%2Fgenerator-line-angka%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:24 GMT
x-t: 0.104
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHHW8lBdRF7mrFM0%2FI41xRbAu0ahviOQb7yAjFTDqBwMA5UtmFv%2ByJalF2wVZ8%2FNMSzMWInXEw4%2FH3t9FWPfaiNMIDM4JzmmldybOWOBmaCfpKevW6RTvN6oMcpxcPGgE%2FXZ3KATUoh8yOw%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4cb3ce646dc2-MIA
expires: Sun, 21 Jan 2024 00:04:23 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame C2AB 0
0 73ms
72ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=38280
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:24 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: ZmcEeHboTW-YwQN7oVt14Xw44Rg7fMfqgsmsAi2yySpIl6iWgxMXkQ==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 8410 43 B
177 B 78ms
78ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:24 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 7F9B
Redirect Chain

https://um.simpli.fi/lj_match?r=46290
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

71ms
70ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:24 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:24 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:24 GMT

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame C4BD 435 B
570 B 202ms
67ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-155599773&@b3:1705795464&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 5a300278c9b15294d6a4e0a354c1d766fa1482ea44899238d9bbb55c533013d8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:24 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 6776 5 KB
2 KB 66ms
65ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2459
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: t32NeJdzTUDJI2SwlOH10ZE0K86_HRVvuvj5sWes8qb2yhaMauznkw==

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame C4BD 22 KB
12 KB 52ms
47ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 33307
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4cb62d66d9d5-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame C4BD 6 KB
3 KB 259ms
256ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-155599773&@b3:1705795464&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5d1987f6cb1c813254f9986d2b0674990cb6696dfb325187220545f67579afd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:24 GMT
x-t: 0.212
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYS4r4SGhDgbYvsiQDjhIhrofuDsUGCZFVoMy0NHoEpK4euhCFYxRdpXMfodbUIhxt67PfYmxipVoyc1RVyMGTRJxxK2bvOOqQynuLCeB6Vehbe90gyrZ3%2FuqfA8KZOC092t5hZAaBsQwUA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4cb629616dc2-MIA
expires: Sun, 21 Jan 2024 00:04:23 GMT

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame 6014 107 KB
13 KB 258ms
256ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:24 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Sun, 28 Jan 2024 00:04:24 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 6014 227 B
271 B 263ms
260ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:24 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Sun, 28 Jan 2024 00:04:24 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 6014 2 KB
374 B 264ms
261ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:24 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Sun, 28 Jan 2024 00:04:24 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 6014 28 KB
8 KB 264ms
261ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:24 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Sun, 28 Jan 2024 00:04:24 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 6014 3 KB
827 B 273ms
270ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:24 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Sun, 28 Jan 2024 00:04:24 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 6014 86 KB
29 KB 273ms
271ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:24 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Sun, 28 Jan 2024 00:04:24 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 6014 13 KB
5 KB 274ms
272ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:24 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Sun, 28 Jan 2024 00:04:24 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 6014 157 KB
26 KB 36ms
34ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6370206
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 6014 30 KB
7 KB 44ms
42ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 4465861
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4cb6396721d9-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 6014 21 KB
8 KB 38ms
36ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4041589
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 6014 62 KB
16 KB 38ms
37ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4489654
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 6776 167 B
581 B 66ms
65ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:24 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-content/themes/asteroid/assets/js/ Frame 6014 95 KB
32 KB 268ms
261ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/assets/js/jquery.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:24 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 32851
expires: Sun, 28 Jan 2024 00:04:24 GMT

GET
H3 200 table.js Show response
zona-bermain.com/wp-content/themes/asteroid/assets/js/ Frame 6014 2 KB
778 B 271ms
267ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/assets/js/table.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

b51bfeff329c0195ee3437eb0cad7a24cecc800620b4e4c847fba2dd44cddc59

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:24 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 755
expires: Sun, 28 Jan 2024 00:04:24 GMT

GET
H3 200 warna.js Show response
zona-bermain.com/wp-content/themes/asteroid/assets/js/ Frame 6014 13 KB
3 KB 271ms
268ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/assets/js/warna.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

60e20b6d9d14fa44ca8ca91b46f8650c695793e879be3cf1fa6f8e2ba0561045

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:24 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3215
expires: Sun, 28 Jan 2024 00:04:24 GMT

GET
H3 200 7.png
zona-bermain.com/script/ Frame 6014 24 KB
24 KB 277ms
274ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:24 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Sun, 28 Jan 2024 00:04:24 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame 6014 25 KB
25 KB 279ms
277ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:24 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Sun, 28 Jan 2024 00:04:24 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame 6014 25 KB
25 KB 263ms
256ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:25 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Sun, 28 Jan 2024 00:04:25 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame 6014 25 KB
25 KB 273ms
267ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:25 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Sun, 28 Jan 2024 00:04:25 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame 6014 25 KB
25 KB 277ms
270ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:25 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Sun, 28 Jan 2024 00:04:25 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame 6014 25 KB
25 KB 293ms
288ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:25 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Sun, 28 Jan 2024 00:04:25 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame 6014 24 KB
24 KB 301ms
296ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:25 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Sun, 28 Jan 2024 00:04:25 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame 6014 25 KB
25 KB 306ms
302ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:25 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Sun, 28 Jan 2024 00:04:25 GMT

GET
H3 200 5.png
zona-bermain.com/script/ Frame 6014 25 KB
25 KB 314ms
309ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/5.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5f535c3b2a3e766186afdfcdcc69c61bdabd63853a8a22b30795fa317b28c453

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:25 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25302
expires: Sun, 28 Jan 2024 00:04:25 GMT

GET
H3 200 0.png
zona-bermain.com/script/ Frame 6014 25 KB
25 KB 318ms
314ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:25 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Sun, 28 Jan 2024 00:04:25 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame AF1E
Redirect Chain

https://um.simpli.fi/lj_match?r=40868
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

66ms
66ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:24 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:24 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:24 GMT

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame 6014 43 B
182 B 203ms
67ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:25 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 6014 3 KB
1 KB 325ms
322ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:25 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Sun, 28 Jan 2024 00:04:25 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 6014 8 KB
2 KB 287ms
280ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:25 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Sun, 28 Jan 2024 00:04:25 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 6014 6 KB
2 KB 289ms
283ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:25 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Sun, 28 Jan 2024 00:04:25 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 6014 112 KB
34 KB 289ms
283ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:25 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Sun, 28 Jan 2024 00:04:25 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 6014 4 KB
2 KB 292ms
287ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:25 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Sun, 28 Jan 2024 00:04:25 GMT

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 4A3A 43 B
748 B 69ms
65ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=42562

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:24 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 3
Content-Type: image/gif

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 998B 0
0 73ms
69ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=93542
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:24 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: -Mt-N2P5PkddPqvy1a8riJ9hNIzY4Ax_n8GuoIMXlVHQxLKnUDIvMA==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 7F9B 43 B
748 B 66ms
63ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=99906

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:24 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame B331 85 B
481 B 64ms
60ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134913
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: cL9BphHLN8rcGWkDbdnjD16Yeh31svib20faodhrb_BR3G3JbyHzKg==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame B331 766 B
1 KB 64ms
62ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401269
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: 23Y608CryT4kzbol5CTWuR4ltC6If6whRLDFqKYYvhfHhp5kIEujVQ==

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 5945 0
72 B 68ms
68ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zona-bermain.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:24 GMT
content-length: 0
vary: Origin

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame C4BD 0
440 B 82ms
81ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:25 GMT
x-t: 0.94
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLNQBiYP8gWWEQTx7lkr1uHdjYHG1tjKKgQpItGyCkmqV4kOL7l%2Fjf%2FYErN9ZxDCduJWEkSxFQazxA3co9t3LLB56TR9k35Xr3ZuCU0d0NF2O9%2FIDCGHa5h80VSOum2GeGiA6a4GRP2TeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 848b4cb82abf287a-MIA
expires: Sat, 20 Jan 2024 23:40:42 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame C4BD 33 KB
11 KB 66ms
66ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38466
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: qH5uA1mHLp7F3VwF13H3URt_QdwRMZR5dvXwaR7gNH6Pdf8reoibKg==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame C4BD 0
324 B 267ms
267ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=3qzb7utbz4&_pv=13&_ls=18&_cc=us&_pl=d&_b=chrome%40120&_cbid=1tv2&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:25 GMT
x-t: 0.09
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7IV8jfsaVo4LIgca%2Buk0YeM21ynvHsq58bKEGlug2amZiJBCN0PVTVgzYCuafkUBDe88aVTMgChJSKjTtptMEfmLOQp6SQLyIfRwvj9jPhI3XkDyfCz8BLt%2F68%2FglnGDTuQEEvHhK34tNQ%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4cb83c576dc2-MIA
expires: Sun, 21 Jan 2024 00:04:24 GMT

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame C4BD 5 KB
2 KB 62ms
61ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2460
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 9-mjA41vn_9i_IaB-EVeLPuRoTx-Ej-iI6vt8Ej_P5_lFI56VJ1WvQ==

GET
H2 204 sync
thrtle.com/ Frame E2ED 0
473 B 63ms
61ms Image
text/plain 54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-hongkong/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:25 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 6014 75 KB
76 KB 42ms
41ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 52957
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0169a029d86cd905494d0223eb6c0fce
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4cb958b9497c-MIA
cdn-requestpullsuccess: True

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 6014 11 KB
5 KB 47ms
45ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:25 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39500
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4cb979bad9d5-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
kaptenoleng.com/ Frame 5F0E 10 KB
2 KB 281ms
280ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:25 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3

200

/ Show response
zona-bermain.com/paito-warna-japan/ Frame 9B99
Redirect Chain

https://zona-bermain.com/paito-warna-japan
https://zona-bermain.com/paito-warna-japan/

266 KB
34 KB

518ms
518ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/paito-warna-japan/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

01b6b65c35701f5ef935db0bb1b78b61f26b0b2bace232c1d340949b032daf76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/paito-warna-taiwan/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:26 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/101>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=101>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:25 GMT
location: https://zona-bermain.com/paito-warna-japan/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame C4BD 167 B
580 B 70ms
69ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame AF1E 43 B
748 B 64ms
61ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=61403

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:25 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 96DF 85 B
482 B 61ms
60ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134914
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: -GFALI2z8QushnSu5z153GqmP12Qc-2ZXTFjiu0Ksq0GURjbEizRSQ==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 4A3A 0
141 B 88ms
86ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=85364&pu=https://zona-bermain.com/generate-bbfs/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:24 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: B861F4930DF341F6830A20484E361A27 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXTHhBjzwPIQUSedNw==

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 8410 43 B
749 B 76ms
75ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=98742

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:25 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 10
Content-Type: image/gif

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 6776 43 B
177 B 69ms
68ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:25 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 6014 18 KB
5 KB 256ms
255ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-taiwan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:25 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Sun, 28 Jan 2024 00:04:25 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 96DF 766 B
1 KB 63ms
62ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401270
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: Zgk6mn8yIQ9QEsZJgxkvrqpjzM57AoVGGVhW1OmrPfeT8oqQbDdUqQ==

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 1D26 0
72 B 69ms
69ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaptenoleng.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:25 GMT
content-length: 0
vary: Origin

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame 6014 437 B
572 B 207ms
68ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20TAIWAN%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fkalender-togel%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:34620078&@b3:1705795466&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 04a3d1e42bc1dc4e5275763df433d5fb32777368a1efabdb654b55a35102c7f7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:25 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 5F0E 15 KB
3 KB 288ms
287ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:25 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Sun, 28 Jan 2024 00:04:25 GMT

GET
H2 204 sync
thrtle.com/ Frame 7F9B 0
473 B 60ms
60ms Image
text/plain 54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:25 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 6014 230 B
529 B 35ms
34ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 6014 231 B
530 B 35ms
34ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 4A3A
Redirect Chain

https://um.simpli.fi/lj_match?r=82778
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

74ms
73ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:26 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:25 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:25 GMT

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 8410 0
141 B 76ms
75ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=79682&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:25 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: F1E096DF06664EE6A9EA025C4F004291 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXTPfNPyc6wfhB6J/Q==

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame FC58 0
0 119ms
119ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=36268
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:26 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: SY7ZmFJd0ohNLnQEo0yUkFvRS2QGx9TWN4OdLSaVlh3Iimc2GTwykQ==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 6014 13 KB
4 KB 68ms
67ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 40147
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4cbea991d9d5-MIA
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 6014 6 KB
3 KB 264ms
263ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fkalender-togel%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20TAIWAN%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fkalender-togel%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:34620078&@b3:1705795466&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12332e20f7248d86b09484f91fb5f0d559e8be666af936a6083c60c570af6401

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
x-t: 0.236
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6DSkJ1PuvTmBGkfN%2BEuWEYCmPlOKGdwvZs4hMemEayujZ3ZD%2BQExnnLRavmH2rodfYfUkDB2wUVhByVDC9aRUlNfQLgTOH7GQftsfNlfya5%2FiMmCpK771WG%2F%2FIib6vyZGb4Fca8M55nerQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4cbeaca06dc2-MIA
expires: Sun, 21 Jan 2024 00:04:25 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 5F0E 11 KB
5 KB 44ms
44ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39501
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4cbf5ad6d9d5-MIA
content-length: 4547

GET
H2 200 livesydney2.php Show response
opesia.vip/iframe-live/livesydney2.php/ Frame 5162 3 KB
1 KB 442ms
441ms XHR
text/html 2606:4700:3036::6815:5f47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://opesia.vip/iframe-live/livesydney2.php/livesydney2.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:5f47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28dbb8fadd06f596bb80ad03c70f1c80f2b16a9fd0b2ad17414335a16b525cd7

Request headers

Accept: text/html, */*; q=0.01
Referer: https://opesia.vip/iframe-live/livesydney2.php/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsVjTLHvA3r5CWIrF3KEIi6lp4qXzJQ%2BsACvY%2FOCaU3RyRl2NxWMIOHi8aP41gfOpwLGplo0XHvCkPC5y8AiG1kaLLarISfZgBZSFFGDZN6GybNMnGm%2BtUrDf1QtMRwnEnmXaZ%2Fbo29T"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-turbo-charged-by: LiteSpeed
cf-ray: 848b4cc01d66daa3-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame C4BD 43 B
177 B 67ms
66ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:26 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 6014 0
455 B 86ms
83ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F&r=https%3A%2F%2Fzona-bermain.com%2Fkalender-togel%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fkalender-togel%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
x-t: 0.89
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDn9AH1tCHUp119yvUZbnIcvw6IFJw%2FSjTKbhA4ndjNe0ORMiIqjvdWAr1Omfha7ZYdb4iRu5K9thAkLU7fGA1ZRwz54FcbsOQK%2BAG7WhjE29DklbnIRDirwFsWl5wMD2bgUgEa2xVSVaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 848b4cc1395f287a-MIA
expires: Sat, 20 Jan 2024 21:44:16 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 6014 33 KB
11 KB 70ms
68ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fkalender-togel%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38467
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: xtB3OGFZXZxvlwpNPPvL4fKAV43ciYXH5vK49injbvA6-M4BE1cEYA==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 6014 0
308 B 261ms
260ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=1actuvzbj4&_pv=14&_ls=22&_cc=us&_pl=d&_b=chrome%40120&_cbid=78rc&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fkalender-togel%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
x-t: 0.087
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGEBWL%2BhIkPeP2GnS1B2jSdUI61olOTGhULqpkegfrHenha%2BSDtKQK2vCN8P2xBeYKzwM7Cq25L44A0A%2BU1rX18Ig3eONAl4s8stO8DhU5Z%2B9skP2PLTcBWe3Fl%2Bb4O7T1Mtug6IsUfWbWg%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4cc138116dc2-MIA
expires: Sun, 21 Jan 2024 00:04:25 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame D4AA 0
72 B 71ms
70ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zona-bermain.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:26 GMT
content-length: 0
vary: Origin

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame 5F0E 435 B
570 B 213ms
69ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-182745020&@b3:1705795466&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 5a300278c9b15294d6a4e0a354c1d766fa1482ea44899238d9bbb55c533013d8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:26 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 830B 0
72 B 68ms
68ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://w1.bungaprediction.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:26 GMT
content-length: 0
vary: Origin

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame 9B99 107 KB
13 KB 260ms
259ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 9B99 227 B
271 B 262ms
260ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 9B99 2 KB
374 B 263ms
260ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 9B99 28 KB
8 KB 263ms
261ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 9B99 3 KB
827 B 265ms
263ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 9B99 86 KB
29 KB 265ms
263ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 9B99 13 KB
5 KB 280ms
278ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 9B99 157 KB
26 KB 38ms
36ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6370208
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 9B99 30 KB
7 KB 42ms
41ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 4465863
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4cc1c92a21d9-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 9B99 21 KB
8 KB 40ms
39ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4041591
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 9B99 62 KB
16 KB 38ms
37ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:26 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4489656
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 4A3A 43 B
748 B 64ms
64ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=95093

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:26 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame B1CC 85 B
482 B 63ms
62ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134915
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: kd-uGhMkeEm8XNfun2uX0mSWMHmPgO2J60OCokktn7r5vrbTofEHBw==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 8410
Redirect Chain

https://um.simpli.fi/lj_match?r=55239
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

67ms
67ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:26 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:26 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:26 GMT

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 6776 43 B
748 B 68ms
67ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=15559

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:26 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 8
Content-Type: image/gif

GET
H2 204 sync
thrtle.com/ Frame AF1E 0
473 B 61ms
59ms Image
text/plain 54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generate-bbfs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 6014 5 KB
2 KB 62ms
61ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2461
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: lclfvDyZ6zt9bqo1DYWi_EQbOMspckQgVn41xdLQZQGSXKEYYb2Inw==

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-content/themes/asteroid/assets/js/ Frame 9B99 95 KB
32 KB 260ms
258ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/assets/js/jquery.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 32851
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H3 200 table.js Show response
zona-bermain.com/wp-content/themes/asteroid/assets/js/ Frame 9B99 2 KB
778 B 267ms
265ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/assets/js/table.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

b51bfeff329c0195ee3437eb0cad7a24cecc800620b4e4c847fba2dd44cddc59

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 755
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H3 200 warna.js Show response
zona-bermain.com/wp-content/themes/asteroid/assets/js/ Frame 9B99 13 KB
3 KB 268ms
266ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/assets/js/warna.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

60e20b6d9d14fa44ca8ca91b46f8650c695793e879be3cf1fa6f8e2ba0561045

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 12:38:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3215
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H3 200 7.png
zona-bermain.com/script/ Frame 9B99 24 KB
24 KB 271ms
269ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame 9B99 25 KB
25 KB 274ms
273ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame 9B99 25 KB
25 KB 257ms
255ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame 9B99 25 KB
25 KB 265ms
261ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame 9B99 25 KB
25 KB 273ms
269ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame 9B99 25 KB
25 KB 302ms
298ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame 9B99 24 KB
24 KB 302ms
299ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame 9B99 25 KB
25 KB 304ms
301ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H3 200 5.png
zona-bermain.com/script/ Frame 9B99 25 KB
25 KB 308ms
305ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/5.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5f535c3b2a3e766186afdfcdcc69c61bdabd63853a8a22b30795fa317b28c453

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25302
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H3 200 0.png
zona-bermain.com/script/ Frame 9B99 25 KB
25 KB 314ms
312ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame 9B99 43 B
182 B 207ms
68ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:27 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 9B99 3 KB
1 KB 321ms
319ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 9B99 8 KB
2 KB 279ms
275ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 9B99 6 KB
2 KB 289ms
285ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 9B99 112 KB
34 KB 301ms
297ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 9B99 4 KB
2 KB 302ms
298ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Sun, 28 Jan 2024 00:04:26 GMT

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame B1CC 766 B
1 KB 64ms
63ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401271
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: 6j8UYNHnK14mlOIMOIBAyUWVr8XWZHMNku11U19g2_-HK6eAotj9CA==

GET
H2 200 jquery-3.1.1.js Show response
code.jquery.com/ Frame 5162 261 KB
77 KB 39ms
36ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.1.js
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d7a71d3dd740e95755227ba6446a3a21b8af6c4444f29ec2411dc7cd306e10b0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://opesia.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1523693
x-cache: HIT, HIT
content-length: 78665
x-served-by: cache-lga21952-LGA, cache-mia-kmia1760043-MIA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1705795467.723484,VS0,VE0
etag: W/"28feccc0-413ba"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 11, 2

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 6014 167 B
581 B 69ms
68ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:26 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 5F0E 22 KB
12 KB 49ms
45ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 33309
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4cc3686dd9d5-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 5F0E 6 KB
3 KB 259ms
254ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:-182745020&@b3:1705795466&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c9167e826f66ca8b7d386d5769af94766c105a165c2ac2b2eb1a9f6161ae7c5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:27 GMT
x-t: 0.204
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVBtRZ8mga5gFTLILZrDN2X7NkotD6TFdGtjFNe7Or1mJSjM6iT8vbHuj%2BJ1KI2hNiNx9l9SVuowWImcjcksLS7o2ggmVTRe3HaENIWfHJaoK%2FdeBg4JBovbh49JoU2NPNjj4JOOPoqBIG8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4cc36af46dc2-MIA
expires: Sun, 21 Jan 2024 00:04:25 GMT

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 2C43 0
0 69ms
68ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=14099
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:26 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: wryMwrJ7EljGsM9oI26jTOAI80HrFQYtFcERSIJtaxY0lNTDfti2Zg==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 7D6E 0
72 B 69ms
68ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://w1.bungaprediction.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:26 GMT
content-length: 0
vary: Origin

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 9B99 11 KB
5 KB 45ms
44ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39502
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4cc52accd9d5-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
kaptenoleng.com/ Frame 4036 10 KB
2 KB 281ms
281ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:27 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 9B99 75 KB
76 KB 65ms
64ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 52959
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0169a029d86cd905494d0223eb6c0fce
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4cc558f0497c-MIA
cdn-requestpullsuccess: True

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 8410 43 B
748 B 76ms
60ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=9845

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:27 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 2
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 0A2F 85 B
482 B 86ms
63ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134916
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: 9GfQmyWvhXOojbDEiUrqn53_qf4D_MCsj7tTqQ0Ap2IOvW97qD7K_Q==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 6776 0
142 B 97ms
73ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=68986&pu=https://zona-bermain.com/generator-line-angka/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:26 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: C9CB59A972084791A9B54BCD92DBAAF8 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:27Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXThhJyIOSIcyvcTSw==

GET
H3

200

/ Show response
zona-bermain.com/rekap-angka-ct/ Frame 9759
Redirect Chain

https://zona-bermain.com/rekap-angka-ct
https://zona-bermain.com/rekap-angka-ct/

96 KB
20 KB

522ms
521ms

Document
text/html

172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/rekap-angka-ct/

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed / PHP/8.2.14

Resource Hash

1c1192232e4efa5b830ac6bf61c5e57575c5135e40185aea78a2b0354e0323fc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

Referer: https://zona-bermain.com/paito-warna-japan/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:28 GMT
link: <https://zona-bermain.com/wp-json/>; rel="https://api.w.org/" <https://zona-bermain.com/wp-json/wp/v2/posts/189>; rel="alternate"; type="application/json" <https://zona-bermain.com/?p=189>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14

Redirect headers

content-encoding: br
content-length: 11
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:27 GMT
location: https://zona-bermain.com/rekap-angka-ct/
server: LiteSpeed
vary: Accept-Encoding
x-pingback: https://zona-bermain.com/xmlrpc.php
x-powered-by: PHP/8.2.14
x-redirect-by: WordPress

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 5F0E 0
576 B 83ms
81ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:27 GMT
x-t: 1.19
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SJF1IZxDdORXejbkpfNegVplUBRez%2FzxgE4%2BSp6gCiCedSu5oPvDHuPUBJMgx4wxvUAoJ1yZ3lnoppvewOeL2tXuaMkV466%2BXSl%2FQ58ggl5gxL9mp6qBTYpXNQm18v7Ahfy1uHR6NBpoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web13.ny1.dtscdn.com
cf-ray: 848b4cc61a5c287a-MIA
expires: Sat, 20 Jan 2024 23:40:44 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 5F0E 33 KB
11 KB 71ms
69ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38468
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: AwO_ynQ0c6s8BoGq8HGUZNUNSDuz1xo_g2o3_mcn_uXy7kkCwV7YFA==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 5F0E 0
310 B 260ms
259ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=3qzb7utbz4&_pv=14&_ls=20&_cc=us&_pl=d&_b=chrome%40120&_cbid=6u2p&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:27 GMT
x-t: 0.112
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhjFVIaGA7QMEV%2Bqn%2F27Jbf0vebeTgqztuXvEnTzZjDyia5cNv2utfHW%2FFcv%2BllW%2FerFj9D4DgeWiHnx5TdDheX6Ce5A7a6gLZV9UfUPsPzWjFHI8HKFg06seLV8ZTxLAgyeW2QTFHNUJHA%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4cc61e406dc2-MIA
expires: Sun, 21 Jan 2024 00:04:26 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame F1D5 0
72 B 70ms
69ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaptenoleng.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:27 GMT
content-length: 0
vary: Origin

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame 9B99 437 B
572 B 203ms
68ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20JAPAN%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-149797139&@b3:1705795467&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fpaito-warna-japan%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: 04a3d1e42bc1dc4e5275763df433d5fb32777368a1efabdb654b55a35102c7f7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:27 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 0A2F 766 B
1 KB 66ms
65ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401272
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: sXm04PtBueUObA-yCtQw1n5Bky_7Zo-TPNldctxPuTns1wRGvmG3Sg==

GET
H3 200 wp-emoji-release.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 9B99 18 KB
5 KB 256ms
256ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/paito-warna-japan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:27 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 01 Feb 2023 22:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Sun, 28 Jan 2024 00:04:27 GMT

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame C4BD 43 B
748 B 70ms
69ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=37434

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:27 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 9
Content-Type: image/gif

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 6014 43 B
177 B 69ms
68ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:27 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 5F0E 5 KB
2 KB 61ms
61ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2462
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 1Bhr0jnowv1n6hw0QIxU8PN4uNQ0NvOWbOSn2wwM0QUpIDY5Dsnkxg==

GET
H3 200 bbjs.js Show response
bungaprediction.top/ Frame 4036 15 KB
3 KB 288ms
286ms Script
application/javascript 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://bungaprediction.top/bbjs.js

Requested by

Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed /

Resource Hash

4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 16:00:46 GMT
server: LiteSpeed
content-security-policy: frame-ancestors 'self' *
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 3247
expires: Sun, 28 Jan 2024 00:04:27 GMT

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 6776
Redirect Chain

https://um.simpli.fi/lj_match?r=92049
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

69ms
66ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:27 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:27 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:27 GMT

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 9B99 13 KB
4 KB 64ms
63ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 40148
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4cc92fbdd9d5-MIA
content-length: 4509

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 9B99 6 KB
3 KB 260ms
260ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-japan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mPAITO%20WARNA%20JAPAN%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-149797139&@b3:1705795467&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Fpaito-warna-japan%2F&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a4053bc97fcac5baff9a36621288588cdfe90c71851b5ddadc695d8f2e134b0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:27 GMT
x-t: 0.201
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUrDlUMegXLBiAjXrV59zRN4kQSPqk7vRfr%2FJWZ%2FhpB%2FWYXsyb3hjx5heSXsZSm6HvQpk5KK%2BXvuTzhqLm0%2B7fTnyvDljpXaBlw498yu16YPQfy7pskrGoas0e8V1gROmp0MAIgbxz%2BhOs8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4cc92aa96dc2-MIA
expires: Sun, 21 Jan 2024 00:04:26 GMT

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 5F0E 167 B
580 B 73ms
72ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H2 204 sync
thrtle.com/ Frame 4A3A 0
473 B 62ms
61ms Image
text/plain 54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:27 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H3 200 25c0.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 9B99 230 B
529 B 43ms
32ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25c0.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 230
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 25b6.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 9B99 231 B
530 B 44ms
33ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/25b6.svg

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-japan/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc: HIT mia 1
date: Sun, 21 Jan 2024 00:04:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 231
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 4036 11 KB
4 KB 46ms
46ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: kaptenoleng.com
URL: https://kaptenoleng.com/poltar.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39502
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4ccaa9c4d9d5-MIA
content-length: 4547

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 9B99 0
440 B 93ms
92ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-japan%2F&r=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-japan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
x-t: 12.36
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hb96YM7vJLpE4fySaRSzTnA8V9uM1TaNJQZOy9wGwvYe%2B7yEqIQFlpJkUdVyPqzEEVCyvsW3ZSjsRySze6Og1jGrteJ0GmOmTpcuGxZ3jkkG8hXDSWSLUg5u1JmcKVdezf4Q7j58rqkA8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web15.ny1.dtscdn.com
cf-ray: 848b4ccb2a69287a-MIA
expires: Sun, 21 Jan 2024 00:04:59 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 9B99 33 KB
11 KB 68ms
67ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-japan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38469
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: 7U74snVUtXwZ-Fmv-XdiYjqOBXPTcDw0rLd2hJdfy69_Gk_Gv7w7qA==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 9B99 0
332 B 259ms
258ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=zona-bermain.com&_ss=1actuvzbj4&_pv=15&_ls=23&_cc=us&_pl=d&_b=chrome%40120&_cbid=36x5&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-japan%2F&j=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-taiwan%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
x-t: 0.101
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyYA4q%2Fw6fAXg2xbyc6GhJnygglKAtrrVSOlZGe8pW25jSNkntyuybmZ1O5GFnBd0rdM8FsEfyZlD88jq4HXkQhru1SlF52U%2Fa1uG03QfoKnoU%2FcgL%2FqlQhowXhQ2888zXf%2BgK2CPy62nlw%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4ccb2d576dc2-MIA
expires: Sun, 21 Jan 2024 00:04:27 GMT

GET
H/1.1 200
OK 4763539.php Show response
s4.histats.com/stats/ Frame 4036 435 B
570 B 225ms
69ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:148105957&@b3:1705795468&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: d8a6e54eab1ed2e755b766031501397232bece4e068ce99e55778fa44b98e480

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:28 GMT
Connection: close
Content-Length: 435
Content-Type: text/html;charset=UTF-8

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame C4BD 0
142 B 113ms
113ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=54331&pu=https://zona-bermain.com/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 3C5E316952FC40998533C61E9F2B9487 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:28Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXTvt6RQSwCOzT9U1w==

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 1DCD 0
0 75ms
74ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=22612
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:28 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: iPI16g8DFLFDtM9_5EnTJJN346D1O1ZxD_8K4e3JNjDSf7fcbV7fgA==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 6776 43 B
748 B 69ms
66ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=49706

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:28 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 3
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 89E7 85 B
482 B 68ms
67ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134917
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: SnKQ1O3jVcmbivZJn0KBcjhhbZq-6-BwEjwiMUmbIlPvhelZbj3bBw==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 9B99 5 KB
2 KB 67ms
62ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2463
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: pAtGIt-YLjUpoIF2QImRrbLdcICxyRLMMHCic9Ccf0qunVnzougMfg==

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 36DE 0
72 B 70ms
68ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zona-bermain.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:28 GMT
content-length: 0
vary: Origin

GET
H3 200 style.min.css
zona-bermain.com/wp-includes/css/dist/block-library/ Frame 9759 107 KB
13 KB 263ms
259ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13607
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 cwp.css
zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/ Frame 9759 227 B
271 B 264ms
254ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=1.3

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:45 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 227
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 sidebar-login.css
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 9759 2 KB
374 B 266ms
256ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/sidebar-login.css?ver=1699375631

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 328
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 style.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 9759 28 KB
8 KB 266ms
256ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/style.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7810
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 responsive.css
zona-bermain.com/wp-content/themes/asteroid/ Frame 9759 3 KB
827 B 268ms
259ms Stylesheet
text/css 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/themes/asteroid/responsive.css?ver=1.2.9

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Mon, 13 Nov 2023 11:35:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 804
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 jquery.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 9759 86 KB
29 KB 269ms
260ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29744
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 jquery-migrate.min.js Show response
zona-bermain.com/wp-includes/js/jquery/ Frame 9759 13 KB
5 KB 289ms
281ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 09 Jun 2023 03:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4678
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ Frame 9759 157 KB
26 KB 42ms
34ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:28 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6370209
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26099
x-served-by: cache-fra-eddf8230071-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 9759 30 KB
7 KB 51ms
43ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625
age: 4465865
cdn-cachedat: 10/31/2023 18:49:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7facf301d23e7656c984df3815ba6e0a
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4ccd3b2e21d9-MIA
cdn-requestpullsuccess: True

GET
H3 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ Frame 9759 21 KB
8 KB 47ms
39ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:28 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4041593
x-jsd-version: 1.16.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7831
x-served-by: cache-fra-eddf8230124-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ Frame 9759 62 KB
16 KB 47ms
39ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.min.js

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zona-bermain.com/
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 21 Jan 2024 00:04:28 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4489658
x-jsd-version: 4.5.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16162
x-served-by: cache-fra-eddf8230066-FRA, cache-mia-kmia1760040-MIA
x-jsd-version-type: version
etag: W/"f708-DE6ERfbwyWEdwcE9xvCF60vKygs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 7.png
zona-bermain.com/script/ Frame 9759 24 KB
24 KB 287ms
279ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame 9759 25 KB
25 KB 288ms
280ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame 9759 25 KB
25 KB 259ms
258ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame 9759 25 KB
25 KB 256ms
256ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame 9759 25 KB
25 KB 257ms
255ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame 9759 25 KB
25 KB 275ms
270ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame 9759 24 KB
24 KB 277ms
273ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 4.png
zona-bermain.com/script/ Frame 9759 25 KB
25 KB 286ms
282ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/4.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25127
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 5.png
zona-bermain.com/script/ Frame 9759 25 KB
25 KB 290ms
287ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/5.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5f535c3b2a3e766186afdfcdcc69c61bdabd63853a8a22b30795fa317b28c453

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25302
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 0.png
zona-bermain.com/script/ Frame 9759 25 KB
25 KB 301ms
298ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H/1.1 200
OK 4612381&101.gif
s4is.histats.com/stats/i/ Frame 9759 43 B
182 B 197ms
66ms Image
image/gif 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4is.histats.com/stats/i/4612381&101.gif?4612381&101
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:28 GMT
Connection: close
ETag: -1036509640
Content-Length: 43
Content-Type: image/gif

GET
H3 200 comment-reply.min.js Show response
zona-bermain.com/wp-includes/js/ Frame 9759 3 KB
1 KB 304ms
302ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/comment-reply.min.js?ver=6.4.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Fri, 08 Apr 2022 17:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 wp-polyfill-inert.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 9759 8 KB
2 KB 261ms
255ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 18 Jan 2023 08:46:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2320
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 regenerator-runtime.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 9759 6 KB
2 KB 261ms
256ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2402
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 wp-polyfill.min.js Show response
zona-bermain.com/wp-includes/js/dist/vendor/ Frame 9759 112 KB
34 KB 262ms
257ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Wed, 08 Nov 2023 04:46:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34605
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 frontend.js Show response
zona-bermain.com/wp-content/plugins/sidebar-login/build/ Frame 9759 4 KB
2 KB 274ms
269ms Script
application/javascript 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL

https://zona-bermain.com/wp-content/plugins/sidebar-login/build/frontend.js?ver=39f7653913319f945fb39a83c9a25003

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-encoding: br
content-security-policy: frame-ancestors 'self' *
last-modified: Tue, 07 Nov 2023 16:47:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1524
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H2 200 cc_302.js Show response
s10.histats.com/counters/ Frame 4036 22 KB
12 KB 46ms
45ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_302.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 33311
etag: "500332889"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4ccd5d4dd9d5-MIA
content-length: 12201

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 4036 6 KB
3 KB 258ms
257ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/4763539.php?4763539&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2F&@q0&@r0&@s302&@ten-US&@u1600&@b1:148105957&@b3:1705795468&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3417c3980ab5a6bf90f967b5e905f14eda0c2278213fdef08cf8fb0cf88d1d92

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
x-t: 0.221
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V84P9ccank%2BLGjXfliU39JiDF%2F%2FZwljBqLAp2eC%2F08FU9KJ7MEokRPYTlXOjUKMZeKEOKleBD50ygDEebGIPXjtnDsMJzM9%2BggEhF0iL%2BUtG7QH%2BoO6uTbYfqds6nYQmrC1nnerhI9JwRL4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 848b4ccd58066dc2-MIA
expires: Sun, 21 Jan 2024 00:04:27 GMT

GET
H2 204 sync
thrtle.com/ Frame 8410 0
473 B 68ms
58ms Image
text/plain 54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/generator-line-angka/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 5F0E 43 B
177 B 77ms
68ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:28 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 89E7 766 B
1 KB 68ms
60ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401273
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: a-xJM7VXbhZjARDI5JKVSx6Otu6V84Dn3_d1NrRCzODg8HZFrJvjEA==

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 9B99 167 B
581 B 68ms
66ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://zona-bermain.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame C4BD
Redirect Chain

https://um.simpli.fi/lj_match?r=61016
https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910

43 B
1 KB

70ms
69ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Jan 2024 00:04:28 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Sun, 21 Jan 2024 00:04:28 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=35C9E24B9EA14733BA7B5A9A63BB1910
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 20 Jan 2024 00:04:28 GMT

GET
H/1.1 200
OK 76929
i.liadm.com/s/ Frame 6014 43 B
748 B 64ms
61ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=29632

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:28 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 3
Content-Type: image/gif

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 4036 0
415 B 86ms
85ms Script
application/javascript 2606:4700:20::681a:d3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01705795437671B15BDFA0C3AC9B3&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&r=https%3A%2F%2Fzona-bermain.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
x-t: 0.89
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZwHu3Xey%2BeZlCO%2Fovh%2BYAMq2MtR4KOM9XEj74ZaPf%2BwXfd87TLyFoX39tn2Ha7PERUMyR%2BEhTzovg4AeAeq1C9uKA2bI2Xu2lmMbr6xaxr6ROuBxBsRxF56bMP9UhjB2RB1heQ9LgpToQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web14.ny1.dtscdn.com
cf-ray: 848b4ccfba39287a-MIA
expires: Sat, 20 Jan 2024 21:44:18 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 4036 33 KB
11 KB 66ms
66ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 13:23:20 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 38469
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: G4bmvZXBRC7_3DnCz3ImCghxwH86mlw0i1H2xV4IfrIM6hY6htwEFw==

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 4036 0
285 B 256ms
256ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=kaptenoleng.com&_ss=3qzb7utbz4&_pv=15&_ls=22&_cc=us&_pl=d&_b=chrome%40120&_cbid=68qt&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fkaptenoleng.com%2Fpoltar.php&j=https%3A%2F%2Fzona-bermain.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
x-t: 0.104
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omlQlLviw5tNvz1Ozo1rprTdERYjFCntEs8wvyzEgLcGg1%2FxX1gRrN0vxzMx47JTKpFai8jHgD0izNPWFJT%2BumKMOPHSa2c8oR%2BjtV2bIRdGBZ%2BaSGi5t6%2Fu75HeYGcmeQirdHpy1bN852M%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 848b4ccfbb8d6dc2-MIA
expires: Sun, 21 Jan 2024 00:04:27 GMT

GET
H3 200 3.png
zona-bermain.com/script/ Frame 9759 25 KB
25 KB 256ms
255ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/3.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 2.png
zona-bermain.com/script/ Frame 9759 25 KB
25 KB 264ms
260ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/2.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25388
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 6.png
zona-bermain.com/script/ Frame 9759 25 KB
25 KB 270ms
266ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/6.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25505
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 8.png
zona-bermain.com/script/ Frame 9759 25 KB
25 KB 277ms
273ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/8.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25374
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 1.png
zona-bermain.com/script/ Frame 9759 24 KB
24 KB 289ms
285ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/1.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25024
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 5.png
zona-bermain.com/script/ Frame 9759 25 KB
25 KB 292ms
288ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/5.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

5f535c3b2a3e766186afdfcdcc69c61bdabd63853a8a22b30795fa317b28c453

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25302
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 0.png
zona-bermain.com/script/ Frame 9759 25 KB
25 KB 298ms
294ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/0.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25549
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 9.png
zona-bermain.com/script/ Frame 9759 25 KB
25 KB 305ms
301ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/9.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25407
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H3 200 7.png
zona-bermain.com/script/ Frame 9759 24 KB
24 KB 311ms
309ms Image
image/png 172.96.191.134
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zona-bermain.com/script/7.png

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.96.191.134 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),

Reverse DNS

172.96.191.134-static.reverse.arandomserver.com

Software

LiteSpeed /

Resource Hash

0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/rekap-angka-ct/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-security-policy: frame-ancestors 'self' *
last-modified: Sat, 28 May 2022 15:24:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25038
expires: Sun, 28 Jan 2024 00:04:28 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 9759 11 KB
5 KB 46ms
43ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 39503
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4cd029f7d9d5-MIA
content-length: 4547

GET
H3 200 poltar.php Show response
kaptenoleng.com/ Frame 42B3 10 KB
2 KB 284ms
282ms Document
text/html 85.187.128.38
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://kaptenoleng.com/poltar.php

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/rekap-angka-ct/

Protocol

Security

QUIC, , AES_128_GCM

Server

85.187.128.38 Singapore, Singapore, ASN55293 (A2HOSTING, US),

Reverse DNS

sg1-tr1.supercp.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL

Request headers

Referer: https://zona-bermain.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 00:04:28 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: ALLOWALL
x-powered-by: PHP/7.4.33

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 9759 75 KB
76 KB 39ms
39ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://zona-bermain.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 975
age: 52960
cdn-cachedat: 10/31/2023 18:55:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0169a029d86cd905494d0223eb6c0fce
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 848b4cd04f50497c-MIA
cdn-requestpullsuccess: True

GET

/
zona-bermain.com/live-sydney/ Frame 09C1
Redirect Chain

https://zona-bermain.com/live-sydney
https://zona-bermain.com/live-sydney/

0
0

GET
H3 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 87A3 0
0 70ms
69ms Document
text/plain 13.226.34.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=43953
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.226.34.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-62.ewr53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Sun, 21 Jan 2024 00:04:28 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 968753ca270b3abbf31cdfc00e23b162.cloudfront.net (CloudFront)
x-amz-cf-id: D55CxuEFCcOLhHb8XIQxjV0DrccHJRocM1R5nJT10JvS5Lwcfmkh2w==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 4036 5 KB
2 KB 63ms
61ms Script
text/javascript 108.139.29.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-87.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
date: Sat, 20 Jan 2024 23:23:26 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 2463
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: rTtEcbeI4sbuQEYLKz6yjxGyWGHIKGx6zzzBh8JSzAMDiNFJxsKDFw==

GET
H/1.1 200
OK 4612381.php Show response
s4.histats.com/stats/ Frame 9759 437 B
572 B 205ms
68ms Script
text/html 149.56.240.128
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4612381.php?4612381&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mREKAP%20ANGKA%20CT%20%E2%80%93%20ZONA%20BERMAIN&@n0&@ohttps%3A%2F%2Fzona-bermain.com%2Fpaito-warna-japan%2F&@q0&@r0&@s604&@ten-US&@u1600&@b1:-92417789&@b3:1705795469&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fzona-bermain.com%2Frekap-angka-ct%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534296.ip-149-56-240.net
Software: /
Resource Hash: f5487f82fbf666841454f849de133a2e4e95e2cb52e773b466cb2550f372b8ed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:29 GMT
Connection: close
Content-Length: 437
Content-Type: text/html;charset=UTF-8

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ Frame 00AF 0
72 B 69ms
68ms Ping
text/plain 99.83.181.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0cb5afe0ce76779e.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kaptenoleng.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 Jan 2024 00:04:29 GMT
content-length: 0
vary: Origin

GET bbjs.js
bungaprediction.top/ Frame 42B3 0
0

GET
H/1.1 200
OK v2 Show response
ap.lijit.com/readerinfo/ Frame 4036 167 B
580 B 68ms
67ms Fetch
application/json 63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://kaptenoleng.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 177

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame C4BD 43 B
748 B 62ms
62ms Image
image/gif 107.21.138.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=70569

Requested by

Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.138.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-21-138-225.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kaptenoleng.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 00:04:29 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 3
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame F544 85 B
483 B 66ms
65ms Document
text/html 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://kaptenoleng.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 134918
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Fri, 19 Jan 2024 10:35:51 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
x-amz-cf-id: 4RS9DJwGsXy_3QO9532y0OmGAQlfjSUG6Z1ZGFz5LW-dcTeL3lYV-Q==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 6014 0
141 B 132ms
132ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=IBojjSZHx2VQz486REa1YP5c&rand=35002&pu=https://zona-bermain.com/kalender-togel/
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/paito-warna-taiwan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:29 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 64A6C9F1AF2E465D93505E6D9A7B1C22 Ref B: MIAEDGE1808 Ref C: 2024-01-21T00:04:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPaXUBdeYytjB2irYx5g==

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 9B99 43 B
177 B 70ms
69ms Script
image/gif 34.193.241.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.241.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-241-34.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 00:04:29 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET wp-emoji-release.min.js
zona-bermain.com/wp-includes/js/ Frame 9759 0
0

GET
H2 204 sync
thrtle.com/ Frame 6776 0
474 B 66ms
65ms Image
text/plain 54.85.120.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=IBojjSZHx2VQz486REa1YP5c
Requested by: Host: zona-bermain.com
URL: https://zona-bermain.com/kalender-togel/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.120.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-120-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:29 GMT
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame F544 766 B
1 KB 68ms
67ms Script
text/javascript 18.238.55.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-108.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Tue, 16 Jan 2024 12:50:51 GMT
via: 1.1 1466638cc0a1aa93138e5454e3ed52fa.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 401274
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: 6bIBzT0e4bcaFv5g81zXyUKKCHCsb18vvSZZaai1q-nfDUtG0YkE2A==

GET
H2 200 cc_604.js Show response
s10.histats.com/counters/ Frame 9759 13 KB
4 KB 45ms
44ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_604.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zona-bermain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 00:04:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
server: cloudflare
age: 40150
etag: "1135266286"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 848b4cd34f0bd9d5-MIA
content-length: 4509

GET /
e.dtscout.com/e/ Frame 9759 0
0

GET 76929
i.liadm.com/s/ Frame 5F0E 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/audience_sync/7?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16299%26tp%3DSPXC%26tpid%3D%24SPOTX_AUDIENCE_ID%26gdpr%3D0

Domain: s.thebrighttag.com
URL: https://s.thebrighttag.com/csx?tp=1YJNAYe

Domain: s.thebrighttag.com
URL: https://s.thebrighttag.com/csx?tp=1YJNAYe

Domain: zona-bermain.com
URL: https://zona-bermain.com/live-sydney/

Domain: bungaprediction.top
URL: https://bungaprediction.top/bbjs.js

Domain: zona-bermain.com
URL: https://zona-bermain.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2

Domain: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fzona-bermain.com%2Frekap-angka-ct%2F&j=https%3A%2F%2Fzona-bermain.com%2Fpaito-warna-japan%2F

Domain: i.liadm.com
URL: https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=IBojjSZHx2VQz486REa1YP5c&rnd=28397

Verdicts & Comments Add Verdict or Comment

235 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

161 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
map.go.affec.tv/map/ttd	1969-12-31 23:59:59	Name: oo Value: 1
map.go.affec.tv/map/an	1969-12-31 23:59:59	Name: oo Value: 1
i6.liadm.com/s	1970-01-20 18:33:07	Name: _li_ss Value: CgA
i.liadm.com/s	1970-01-20 18:33:07	Name: _li_ss Value: CpUBCgUIChCDFwoGCN0BEIMXCgUIBhCDFwoFCAkQgxcKBgjhARCDFwoGCIEBEIMXCgUIDBCNFwoGCKIBEIMXCgkI_____wcQjRcKBQgLEIMXCgYIiwEQgxcKBgjjARCDFwoGCKQBEIMXCgYIswEQgxcKBgiJARCDFwoGCKUBEIMXCgYI0gEQgxcKBQh-EIMXCgYIiAEQgxc
sky.pasukanantidepo.shop/	1970-01-21 02:35:31	Name: HstCfa4660281 Value: 1705795436621
sky.pasukanantidepo.shop/	1970-01-21 02:35:31	Name: HstCla4660281 Value: 1705795436621
sky.pasukanantidepo.shop/	1970-01-21 02:35:31	Name: HstCmu4660281 Value: 1705795436621
sky.pasukanantidepo.shop/	1970-01-21 02:35:31	Name: HstPn4660281 Value: 1
sky.pasukanantidepo.shop/	1970-01-21 02:35:31	Name: HstPt4660281 Value: 1
sky.pasukanantidepo.shop/	1970-01-21 02:35:31	Name: HstCnv4660281 Value: 1
sky.pasukanantidepo.shop/	1970-01-21 02:35:31	Name: HstCns4660281 Value: 1
.dtscout.com/	1970-01-20 20:13:55	Name: df Value: 1705795437
.dtscout.com/	1970-01-20 19:56:38	Name: l Value: 51A01705795437671B15BDFA0C3AC9B3
.sharethis.com/	1970-01-21 02:36:57	Name: __stid Value: ZGgABWWsX20AAAAIA2FBAw==
.sharethis.com/	1970-01-21 02:36:57	Name: __stidv Value: 2
.tynt.com/	1970-01-21 02:35:31	Name: uid Value: CoIKR2WsX20CDhmSI60PAg==
.pasukanantidepo.shop/	1970-01-20 19:55:12	Name: __dtsu Value: 51A01705795437671B15BDFA0C3AC9B3
.tynt.com/	1970-01-20 19:59:31	Name: pids Value: %5B%7B%22p%22%3A%22fcb82aaae3%22%2C%22f%22%3A1%2C%22ts%22%3A1705795438046%7D%2C%7B%22p%22%3A%22607295b4a4%22%2C%22f%22%3A1%2C%22ts%22%3A1705795438046%7D%2C%7B%22p%22%3A%22b32ef6f991%22%2C%22f%22%3A1%2C%22ts%22%3A1705795438046%7D%2C%7B%22p%22%3A%22002f98d420%22%2C%22f%22%3A1%2C%22ts%22%3A1705795438046%7D%2C%7B%22p%22%3A%22d9fe068602%22%2C%22f%22%3A1%2C%22ts%22%3A1705795438046%7D%2C%7B%22p%22%3A%22e32a9fc66e%22%2C%22f%22%3A1%2C%22ts%22%3A1705795438046%7D%2C%7B%22p%22%3A%227361b0e8e4%22%2C%22f%22%3A1%2C%22ts%22%3A1705795438046%7D%5D
.dtscdn.com/	1970-01-20 22:07:41	Name: uid Value: 51A01705795437671B15BDFA0C3AC9B3
.tapad.com/	1970-01-20 19:16:19	Name: TapAd_TS Value: 1705795438336
.tapad.com/	1970-01-20 19:16:19	Name: TapAd_DID Value: 3f0e3619-356c-4f14-80e4-391e99eb1d58
.go.affec.tv/	1970-01-21 02:35:31	Name: ck Value: 65ac5f6e866d6f0001848480
.go.affec.tv/	1970-01-21 02:35:31	Name: oo Value: 1
.linkedin.com/	1970-01-20 19:59:31	Name: li_sugr Value: aa96b5c7-04c0-42e0-a9e5-b6a11f0edf61
.linkedin.com/	1970-01-21 02:35:31	Name: bcookie Value: "v=2&94e07117-da59-41f5-8b0d-08baa894fb26"
.linkedin.com/	1970-01-20 17:51:21	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2790:u=1:x=1:i=1705795438:t=1705881838:v=2:sig=AQFbqfIagfrN-ynONbdP8d8EWLqhSttI"
.33across.com/	1970-01-21 02:35:31	Name: 33x_ps Value: u%3D212429212096049%3As1%3D1705795438416%3Ats%3D1705795438416
.eyeota.net/	1970-01-21 02:36:57	Name: mako_uid Value: 18d2954c773-487e0000010a4732
.eyeota.net/	1970-01-20 17:49:56	Name: SERVERID Value: 18226~DM
.adnxs.com/	1970-01-20 19:59:31	Name: uuid2 Value: 2907085194688289057
.adsrvr.org/	1970-01-21 02:36:57	Name: TDID Value: fa46c0a5-b18e-4497-af0b-ad4dc5823d79
.onaudience.com/	1970-01-21 02:35:31	Name: cookie Value: b426b577e76f6dfa
.onaudience.com/	1970-01-20 17:51:21	Name: done_redirects219 Value: 1
.lijit.com/	1970-01-21 02:35:31	Name: ljt_reader Value: IBojjSZHx2VQz486REa1YP5c
.ml314.com/	1970-01-21 02:36:57	Name: pi Value: 3641495816933212221
.go.affec.tv/	1970-01-21 02:35:31	Name: pt Value: eyJhbiI6eyJkdCI6MTcwNTc5NTQzOCwiaWQiOiIyOTA3MDg1MTk0Njg4Mjg5MDU3IiwibHMiOjE3MDU3OTU0Mzh9LCJ0dCI6eyJkdCI6MTcwNTc5NTQzOCwiaWQiOiJDb0lLUjJXc1gyMENEaG1TSTYwUEFnPT0iLCJscyI6MTcwNTc5NTQzOH0sInRkIjp7ImR0IjoxNzA1Nzk1NDM5LCJpZCI6ImZhNDZjMGE1LWIxOGUtNDQ5Ny1hZjBiLWFkNGRjNTgyM2Q3OSIsImxzIjoxNzA1Nzk1NDM5fSwidiI6MH0=\|1705795439\|59058fa1650a24e90b35949b9c6ad51baa4c4f5c
.zeotap.com/	1970-01-21 02:35:31	Name: zc Value: 1ea13d09-573d-4e12-579b-a77ce727c548
.zeotap.com/	1970-01-20 17:51:21	Name: zsc Value: %B4%83%00S%BF%FB%C6E%C1%25%F5%FD%D6i%05%7B%5Cc%83v%5C%0A%DF%A0%ED%D3%97%A4%15%FDc%8C%11%07%92p%EC%A6%C6%7F%AC%C5%82%9D%40%3E%DDFb%14%80%5Bbe%D4%D8%AF%BE%B3%8A%3A%CC%A1%96%3Fv%EC%EAc%00%F2D%B3%A2c%C3%E1%B7%18%06%FC%98%13
.pippio.com/	1970-01-21 02:35:31	Name: did Value: HFLjULV7Z0WGCnOW
.pippio.com/	1970-01-21 02:35:31	Name: didts Value: 1705795439
.pippio.com/	1970-01-20 19:16:19	Name: nnls Value:
.pippio.com/	1970-01-20 19:16:19	Name: pxrc Value: CO++sa0GEgYIgr0rEAA=
.onaudience.com/	1970-01-20 17:51:21	Name: done_redirects109 Value: 1
.bluekai.com/	1970-01-20 22:09:07	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 22:12:00	Name: bku Value: 4tL99s24gsV9wPDf
.krxd.net/	1970-01-20 22:09:07	Name: _kuid_ Value: QDEUpO6t
.doubleclick.net/	1970-01-21 03:25:55	Name: IDE Value: AHWqTUklY3sfkWk59S44UqNfYDh6RVA0kyyr1iSrQLq6mFKq5vJDUAt9_9VRr0gpNa8
.onaudience.com/	1970-01-20 17:51:21	Name: done_redirects147 Value: 1
.onaudience.com/	1970-01-20 17:51:21	Name: done_redirects236 Value: 1
.intentiq.com/	1970-01-21 03:25:55	Name: IQver Value: 1.9
.liadm.com/	1970-01-21 03:25:55	Name: lidid Value: 8fa0be99-2128-4576-ba8e-19bd665ac5d9
.rezync.com/	1970-01-21 03:11:31	Name: zync-uuid Value: 4f775705-db8e-4490-97cd-6380b73a6a7a:1705795441.637368
.rfihub.com/	1970-01-21 03:11:31	Name: eud Value: H4sIAAAAAAAA_1XKuQ2AQAwF0QqItg4jr3x8m272gIIICakUMkQ4T3MW1wMwsNHssZNqMiXGJJfgDmne0Lb6DkhTrasLxOMqy2cRev_bHly4xCFZAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNrQwNDYwNTA3srAwMDKysDQ1MBbiM9QNtSjMMi1x9Eky9XABALmu_1AlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_w3KwRGAMAgEwI_t4JDh4MBuSKKFWLnue98j8JBOddkzbwFKpbi2hKVOWkezr_EHlgPjDKNFfkfaWxY5AAAA
.rfihub.com/	1970-01-21 03:11:31	Name: rud Value: H4sIAAAAAAAA_-MSNrQwNDYwNTA3srAwMDKysDQ1MBbiM9QNtSjMMi1x9Eky9XABALmu_1AlAAAA
.simpli.fi/	1970-01-21 02:36:57	Name: suid Value: 35C9E24B9EA14733BA7B5A9A63BB1910
live.rezync.com/	1970-01-21 03:11:31	Name: sd-session-id Value: .eJwNykEOgyAQAMC_7FmahQV24TMGhSaklTailxr_Xo6TzAXzt-xbaqUdEI_9LBOs7zrUIV7Q628rL4igRRM6ZCOCxkhwSHBP0Evv9dPmmsexT2bH6FRepChrA6rAa1aeBBem5BOnqEfg4KzVD09MXuD-A3m1JRg.Zaxfcg.MWGSWwRuB8LIEcNhZYkJUcUr4M0
.lijit.com/	1970-01-21 02:35:31	Name: _ljtrtb_2 Value: 35C9E24B9EA14733BA7B5A9A63BB1910
.dtscout.com/	1970-01-20 17:50:00	Name: m Value: 5
.dtscout.com/	1970-01-20 17:50:09	Name: oa Value: 5
.turn.com/	1970-01-20 22:09:07	Name: uid Value: 7169882469513063975
.crwdcntrl.net/	1970-01-21 00:18:43	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-21 00:18:43	Name: _cc_id Value: ab64fa0e90b9b1997c07960e3f815611
.lijit.com/	1970-01-21 02:35:31	Name: _ljtrtb_5001 Value: ab64fa0e90b9b1997c07960e3f815611
.addthis.com/	1970-01-21 03:20:09	Name: na_id Value: 2024012100040300079447566945
.addthis.com/	1970-01-21 03:20:09	Name: na_tc Value: Y
.addthis.com/	1970-01-21 03:20:09	Name: uid Value: 65ac5f7310819709
.addthis.com/	1970-01-21 03:20:09	Name: ouid Value: 65ac5f7300016330dfa136d9c33b831b9ebfa3fa26a53d059025
.dlx.addthis.com/	1970-01-20 18:33:07	Name: na_sc_x Value: 2
.everesttech.net/	1970-01-21 02:35:31	Name: everest_g_v2 Value: g_surferid~ZaxfdAAQBIdxCQBH
.yahoo.com/	1970-01-21 02:35:53	Name: A3 Value: d=AQABBHRfrGUCENUM4l-4kp98bKm90AsnkboFEgEBAQGwrWW2ZdxH0iMA_eMAAA&S=AQAAAqsXfRjHAcl3vVrrc1V1q3U
.adentifi.com/	1969-12-31 23:59:59	Name: adtheorent[cuid] Value: cuid_972b5ea1-b7f0-11ee-a7af-125335d52042
.lijit.com/	1970-01-21 02:35:31	Name: ljtrtb Value: eJwNyrERgDAIBdBdqC1AAvjtgpdBEi9ZwnN3ffV7aKeT1C60vSRalRKqWSOtorpmCoRpI2OWf%2FbhZXWe4IEhQNwccJ66DjEXofcDBnYTPQ%3D%3D
.bidswitch.net/	1970-01-21 02:35:31	Name: tuuid Value: 6b5464a1-2869-4888-acd3-3d2426159c4f
.bidswitch.net/	1970-01-21 02:35:31	Name: c Value: 1705795445
.bidswitch.net/	1970-01-21 02:35:31	Name: tuuid_lu Value: 1705795445
.quantserve.com/	1970-01-20 19:59:31	Name: d Value: EDgBDQH6Kv7KwQA
.quantserve.com/	1970-01-21 03:20:09	Name: mc Value: 65ac5f75-bd02c-3ff11-d9971
.demdex.net/	1970-01-20 22:09:07	Name: demdex Value: 64917888334711539793672568481142206626
.dpm.demdex.net/	1970-01-20 22:09:07	Name: dpm Value: 64917888334711539793672568481142206626
.crwdcntrl.net/	1970-01-21 00:18:43	Name: _cc_cc Value: "ACZ4XmNQSEwyM0lLNEi1NEiyTDK0tDRPNjC3NDNINU6zMDQ1MzRkAILUNfHlD%2F%2F%2F%2F88P4oAB7%2FXDrUbMf9wY%2FjMy7tECkR9lQSTDvQ%2BW2ITPHT3EjE3858YpLNjEL516xIZNfPe%2BywLYxD803McqfnjxHKzm3137lBubOe%2BWYFff8F8Tm%2FKFMw4wYRP%2F16WFTRgAtJZ7rA%3D%3D"
.crwdcntrl.net/	1970-01-21 00:18:43	Name: _cc_aud Value: "ABR4XmNgYGBIXRNfDqQggIuBgWsGiMnUNx0ssqgVRDI%2BrAdTWrNAFJ%2B7A4Q3G0QxRZwH86b%2FBVH8OvuBJAD%2Begwb"
.zemanta.com/	1970-01-21 02:35:31	Name: zuid Value: 1Bu4xf2XPXxbxgMBfx1h
.mathtag.com/	1970-01-21 03:15:50	Name: uuid Value: 6e6865ac-5f78-4c00-be58-7a4a6eac6487
.mgid.com/	1970-01-21 02:35:31	Name: muidn Value: o0k7pMEciC4g
.mgid.com/	1970-01-20 17:49:57	Name: __cf_bm Value: 8zsxhsR63TRBd_oTsbN10eJoL0UNm2BUqIWOC__dgXI-1705795447-1-ARUiI/dUVBtasAGZZWC/U5wkDZKkQZcxkCk/TVn0g2rNS/0gr8h5aGlzPGHjmPK4OIIZMH1OTzZuy9dExeq/DcQ=
.truoptik.com/	1970-01-21 02:35:31	Name: to_master_s Value: ac03efbe7dcc36e3406ab8835edc0195
.truoptik.com/	1970-01-21 02:35:31	Name: to_version_s Value: b2
.pubmatic.com/	1970-01-20 17:51:21	Name: KTPCACOOKIE Value: YES
cm.mgid.com/	1970-01-20 18:33:07	Name: mg_sync Value: {}
.tapad.com/	1970-01-20 19:16:19	Name: TapAd_3WAY_SYNCS Value: 1!504-2!504
.agkn.com/	1970-01-21 02:35:31	Name: ab Value: 0001%3A3tAscqTxmkrI%2F36su%2BDfcW0L8Jm6JC87
.mediawallahscript.com/	1970-01-21 03:25:55	Name: mCookie Value: 98c73450-b7f0-11ee-935c-cb27d312f951
.mediawallahscript.com/	1970-01-21 03:25:55	Name: mUserCookie Value: %7B%7D
.rkdms.com/	1970-01-21 02:35:31	Name: sc Value: 13%3A114432
.rkdms.com/	1970-01-21 02:35:31	Name: sessionid Value: h-64a46fbb83ad4469ae1ee79e792db410_t-1705795447
.shareaholic.com/	1970-01-21 03:25:55	Name: c_id Value: 4a04df44-9265-4066-9330-e9bc96d5657e
.pubmatic.com/	1970-01-21 02:35:31	Name: KADUSERCOOKIE Value: A0E219F0-02B3-4137-B8CA-48C3BF25EB31
.adform.net/	1970-01-20 18:34:33	Name: C Value: 1
.sitescout.com/	1970-01-21 02:35:31	Name: ssi Value: 49c0b9de-e1d3-49be-9005-72cadc6c3c81#1705795447875
.pro-market.net/	1970-01-20 18:33:07	Name: anHistory Value: "1m3b2jb37hl47+2+!#72-!7#%nP"
sync.srv.stackadapt.com/	1970-01-21 02:35:31	Name: sa-user-id Value: s%3A0-aafc3a0b-9e29-5b97-53d1-4ca8ee376e7d.vfmTdBhjoibbIaoGEGkKpq8PD1sqL%2BBhPsAWpYQwFBo
.srv.stackadapt.com/	1970-01-21 02:35:31	Name: sa-user-id Value: s%3A0-aafc3a0b-9e29-5b97-53d1-4ca8ee376e7d.vfmTdBhjoibbIaoGEGkKpq8PD1sqL%2BBhPsAWpYQwFBo
sync.srv.stackadapt.com/	1970-01-21 02:35:31	Name: sa-user-id-v2 Value: s%3Aqvw6C54pW5dT0Uyo7jdufSaEdkc.OzlUPUcSFwqwcpr%2FKOi1fkCX%2FbLx3ZSrf4UhHUPzK6M
.srv.stackadapt.com/	1970-01-21 02:35:31	Name: sa-user-id-v2 Value: s%3Aqvw6C54pW5dT0Uyo7jdufSaEdkc.OzlUPUcSFwqwcpr%2FKOi1fkCX%2FbLx3ZSrf4UhHUPzK6M
sync.srv.stackadapt.com/	1970-01-21 02:35:31	Name: sa-user-id-v3 Value: s%3AAQAKIHi_SZfaYOMTxebfDRtXV1JlqYhHWvDiqUlKBO8A0wlXEHwYBCD3vrGtBjABOgQ7vvenQgRLhom-.sys8nNQSyjKpMpsfGW47%2BuzqvrSfh%2FeerqQCd1rBaG0
.srv.stackadapt.com/	1970-01-21 02:35:31	Name: sa-user-id-v3 Value: s%3AAQAKIHi_SZfaYOMTxebfDRtXV1JlqYhHWvDiqUlKBO8A0wlXEHwYBCD3vrGtBjABOgQ7vvenQgRLhom-.sys8nNQSyjKpMpsfGW47%2BuzqvrSfh%2FeerqQCd1rBaG0
.ipredictive.com/	1970-01-21 02:35:31	Name: cu Value: b1c31223-06f0-43a1-9eea-2c3680072dd5\|1705795447871
.amazon-adsystem.com/	1970-01-20 23:55:41	Name: ad-id Value: A2xcf2wvp0EKv7_y4wd9REM
.amazon-adsystem.com/	1970-01-21 03:25:55	Name: ad-privacy Value: 0
.smartadserver.com/	1970-01-21 02:36:57	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 02:36:57	Name: pbw Value: %24b%3d16999%3b%24o%3d11100
.adform.net/	1970-01-20 19:16:19	Name: uid Value: 5570425638240000285
.smartadserver.com/	1970-01-21 02:36:57	Name: pid Value: 8344721603808634035
.rubiconproject.com/	1970-01-21 02:35:31	Name: khaos Value: LRMQKFCP-M-EFK1
.rubiconproject.com/	1970-01-21 02:35:31	Name: audit Value: 1\|QGKnFELzHHMnmz9KmCLof4psnKjrAWD2lbGcwG+YXyg8fCYmOTvXg5FkLKY2okxbcEJBKrA91nFCbuL7wqM7W80qs7nZ3hbKs2Qhd25jAP1bnlmp3xAMYmcGIdUNptHMhYXdJvyRRqw6la8EbO2o1X2NFdeBSG8DIMI8Z44gR8I=
global.ib-ibi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: g5titv2dttqlzby1t4couvbe
.pro-market.net/	1970-01-20 22:09:07	Name: anProfile Value: "1m3b2jb37hl47+1+4=2m2+1f=1+1g=1+1j=57:1+rs=s+rt=200105501D0500010000000000000008+s0=(k)+s2=(s7l46v)+vm=19-ab64fa0e90b9b1997c07960e3f815611:53-CAESEHAlbfQ_QkcbxBwQRToPamI"
.postrelease.com/	1970-01-21 02:35:31	Name: visitor Value: 66f09bc1-42b4-43b1-b8b5-76e48d490be3
.postrelease.com/	1970-01-21 02:35:31	Name: status Value: 1
.clickagy.com/	1970-01-21 03:25:55	Name: cb Value: ZaxfeEVKSrjcZqDV_b_SZQN1
.id5-sync.com/	1970-01-20 19:59:31	Name: id5 Value: 9166912b-dd1d-77d8-a328-316a93379f1b#1705795448004#2
.onaudience.com/	1970-01-20 17:51:21	Name: done_redirects252 Value: 1
.rlcdn.com/	1970-01-21 02:35:31	Name: rlas3 Value: 4jX1leNKjrJbyA+BoKnwB48JWkrzxKYFmiiFaTmfQUQ=
.rlcdn.com/	1970-01-20 19:16:19	Name: pxrc Value: CO6+sa0GEgUI6AcQABIFCOhHEAASBQjbThAAEgYI/+oBEAo=
pool.admedo.com/	1970-01-21 02:35:31	Name: tuuid Value: d5fe2fd0-f00b-4636-a65d-dd80f91f0fc9
pool.admedo.com/	1970-01-21 02:35:31	Name: c Value: 1705795448
pool.admedo.com/	1970-01-21 02:35:31	Name: tuuid_lu Value: 1705795448
.c.cintnetworks.com/	1970-01-20 17:49:59	Name: TiPMix Value: 21.20813101851108
.c.cintnetworks.com/	1970-01-20 17:49:59	Name: x-ms-routing-name Value: self
ib.mookie1.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: oy2cdic1dbjltxdsg2yyb0si
.ib.mookie1.com/	1970-01-21 02:36:57	Name: ibkukiuno Value: s=35b86ceb-74fd-4281-a368-938b0c58bcca&h=&v=0&l=-8584958114371250764&op=&hl=0&vlu=0&tcs=1&dcc=-8584958114371250764
.ib.mookie1.com/	1970-01-21 02:36:57	Name: ibkukinet Value: 646215239=-8584958114371250764
.bidr.io/	1970-01-21 03:18:25	Name: bito Value: AAFEr07LWL8AABJZFwI98A
.bidr.io/	1970-01-21 03:18:25	Name: bitoIsSecure Value: ok
.rqtrk.eu/	1970-01-21 02:35:31	Name: browser_id Value: 567b8665-1f46-4481-b3fa-010aad7783dc
.bidr.io/	1970-01-20 17:49:56	Name: checkForPermission Value: ok
.openx.net/	1970-01-21 02:35:31	Name: i Value: 5f4a11d5-43a6-48db-b591-72b4a8ff3f93\|1705795448
.mediawallahscript.com/	1970-01-20 17:51:21	Name: mRemnantVisitedCookie_d41d8cd98f00b204e9800998ecf8427e_01_2024 Value: %7B%221pVtae%22%3A1%7D
.onaudience.com/	1970-01-20 17:51:21	Name: done_redirects104 Value: 1
.aidata.io/	1970-01-21 03:25:55	Name: __upin Value: GV62lj1OwAg5YiOwK8opiw
.aidata.io/	1970-01-21 03:25:55	Name: __upints Value: 1705795448
aorta.clickagy.com/	1970-01-21 03:25:55	Name: chs Value: [{"ch":"120","t":"2024-01-21 00:04:08"},{"ch":"114","t":"2024-01-21 00:04:08"},{"ch":"4","t":"2024-01-21 00:04:08"}]
.onaudience.com/	1970-01-20 17:51:21	Name: done_redirects282 Value: 1
.id5-sync.com/	1970-01-20 19:59:31	Name: 3pi Value: 224#1705795449220#-2101699585#7169882469513063975\|321#1705795449587#-13742124\|2#1705795448641#1378013768#2907085194688289057\|322#1705795449817#-1027644155\|19#1705795448169#-955399394#ab64fa0e90b9b1997c07960e3f815611\|264#1705795448420#-1504176517#fa46c0a5-b18e-4497-af0b-ad4dc5823d79\|136#1705795448985#-1871906799\|121#1705795449817#-1330760660
.reson8.com/	1970-01-21 02:36:57	Name: RCID2 Value: 51F3056B8EF2114EAF42108B90F46397
.adsrvr.org/	1970-01-21 02:36:57	Name: TDCPM Value: CAESFgoHYmx1ZWthaRILCPyfhYbQh808EAUSGQoKbGl2ZWludGVudBILCICquKTQh808EAUYASABKAIyCwjepema54fNPBAFOAFaB2JyZ2V1MjNgAg..
.dtscout.com/	1970-01-20 17:49:59	Name: st Value: 13
.t.sharethis.com/	1970-01-20 18:10:05	Name: pxcelPage_default_c010_C Value: 15_0_1705795438733
.t.sharethis.com/	1969-12-31 23:59:59	Name: pxcelBcnLcy Value: 102
.analytics.yahoo.com/	1970-01-21 02:35:31	Name: IDSYNC Value: "19cl~2gao:19bk~2gao:199z~2gao:19bn~2gao:19ab~2gao"
.sitescout.com/	1970-01-20 18:33:07	Name: _ssuma Value: eyI1OCI6MTcwNTc5NTQ1MjIxOSwiNDkiOjE3MDU3OTU0NDg1OTIsIjciOjE3MDU3OTU0NDc5NDZ9
.exelator.com/	1970-01-20 20:42:43	Name: EE Value: "561b135810ef8614dae49e16cd8ed3c1"
.exelator.com/	1970-01-20 20:42:43	Name: ud Value: "eJxrXxzq6XKLQcHUzDDJ0NjUwtAgNc3CzNAkJTHVxDLV0Cw5xSI1xTjZcHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6otDgxUUpaQyLSopPBR%252BbshoAmy8qtA%253D%253D"
.tribalfusion.com/	1970-01-20 19:59:31	Name: ANON_ID Value: a3nsmAM0ing9PBmSTEpS9BZbVdghZaY8cHgBtr490gnCRWYWjYgfYGmd4Y5NhZaZbBYFu0jcbJwZbenFR
.w55c.net/	1970-01-21 03:21:36	Name: wfivefivec Value: v21ecxEE1RrljV5
.w55c.net/	1970-01-20 18:33:07	Name: matchthrotle Value: 5
.adnxs.com/	1970-01-21 03:25:55	Name: XANDR_PANID Value: K3C8oAmwdYhEzUHEO6DqiQsbOI5sA_QQOXJiKysixIWRv0i8Cb_BVj_0U7cFY84T8RL5zvfG7VYzJcLlVhPBhdzcDgYsRcCQhNPEOL7y1UM.
.thrtle.com/	1970-01-20 22:37:55	Name: sc Value: eyJpIjoiN2RiNGUxZmYtMjliMy00NjU4LTkzZWMtYTU0YWMwZTZjZDQ4Iiwic2lkIjoic2lkLTlmNTAyNGJmLWI3ZjAtMTFlZS04ZmIyLTAyNDIwYWZmMDAwZCIsIm1zIjoxLCJwcyI6MTUsInNwIjo1MDMyLCJwcCI6MTUsInRzZSI6MTUsImx0c2UiOjE3MDU3OTU0NTg2NTV9
.thrtle.com/	1970-01-20 22:37:55	Name: mc Value: eyJpZCI6IjdkYjRlMWZmLTI5YjMtNDY1OC05M2VjLWE1NGFjMGU2Y2Q0OCIsImwiOjE3MDU3OTU0NjUxODAsInQiOjM4fQ==

44 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://momen.tm/ZdO9uN Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://sky.pasukanantidepo.shop/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://king.laskar2d.xyz/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://bolo.treksantuy.xyz/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://rtx.dudasoleh.lol/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://markas-prediktor.info/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://raja.hoki2d.xyz/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://zona-bermain.com/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://zona-bermain.com/prediksi-cambodia/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
network	error	URL: https://sync.search.spotxchange.com/audience_sync/7?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16299%26tp%3DSPXC%26tpid%3D%24SPOTX_AUDIENCE_ID%26gdpr%3D0 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	URL: https://kaptenoleng.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://kaptenoleng.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://zona-bermain.com/paito-warna-china/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://kaptenoleng.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://zona-bermain.com/prediksi-japan/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://kaptenoleng.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
network	error	URL: https://zona-bermain.com/js/jquery-1.10.2.min.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://zona-bermain.com/prediksi-taiwan/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://kaptenoleng.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://zona-bermain.com/generate-bbfs/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://kaptenoleng.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://zona-bermain.com/live-china/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
network	error	URL: https://s.thebrighttag.com/csx?tp=1YJNAYe Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://s.thebrighttag.com/csx?tp=1YJNAYe Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	URL: https://kaptenoleng.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://zona-bermain.com/live-sydney/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://w1.bungaprediction.com/livechina.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://w1.bungaprediction.com/livesydney.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://kaptenoleng.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://zona-bermain.com/jalur-shio/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://kaptenoleng.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
network	error	URL: https://zona-bermain.com/js/jquery-1.10.2.min.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://zona-bermain.com/paito-warna-hongkong/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://kaptenoleng.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
network	error	URL: https://zona-bermain.com/js/jquery-1.10.2.min.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://zona-bermain.com/generate-bbfs/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://kaptenoleng.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://zona-bermain.com/generator-line-angka/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://kaptenoleng.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://zona-bermain.com/kalender-togel/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://kaptenoleng.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://zona-bermain.com/paito-warna-taiwan/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://kaptenoleng.com/poltar.php Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.
security	error	URL: https://zona-bermain.com/paito-warna-japan/ Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=IBojjSZHx2VQz486REa1YP5c' because its MIME type ('image/gif') is not executable.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.bp.blogspot.com
a.dtssrv.com
a.tribalfusion.com
aa.agkn.com
ajax.googleapis.com
antoboomerblog.files.wordpress.com
aorta.clickagy.com
ap.lijit.com
api.intentiq.com
audex.userreport.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
blogger.googleusercontent.com
bolo.treksantuy.xyz
bungaprediction.top
c.cintnetworks.com
c1.adform.net
cdn.jsdelivr.net
cdn.tynt.com
ce.lijit.com
cm.g.doubleclick.net
cm.mgid.com
cms.analytics.yahoo.com
cms.quantserve.com
code.jquery.com
connect-metrics-collector.s-onetag.com
d.turn.com
data-beacons.s-onetag.com
de.tynt.com
dis.criteo.com
dmp.truoptik.com
dp1.33across.com
dp2.33across.com
dpm.demdex.net
dtsedge.com
e.dtscout.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
global.ib-ibi.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
ib.mookie1.com
ic.tynt.com
id5-sync.com
idsync.reson8.com
idsync.rlcdn.com
image6.pubmatic.com
jadserve.postrelease.com
kaptenoleng.com
king.laskar2d.xyz
live.rezync.com
loadm.exelator.com
loadus.exelator.com
m2.treksantuy.xyz
map.go.affec.tv
markas-prediktor.info
match.adsrvr.org
match.prod.bidr.io
maxcdn.bootstrapcdn.com
mid.rkdms.com
ml314.com
momen.tm
mwzeom.zeotap.com
nlsn.thrtle.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
onetag-geo.s-onetag.com
opesia.vip
p.rfihub.com
partner.mediawallahscript.com
pbid.pro-market.net
pd.sharethis.com
pippio.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.shareaholic.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
ps.eyeota.net
px.ads.linkedin.com
raja.hoki2d.xyz
rankcrack.com
rtb.adentifi.com
rtd-tm.everesttech.net
rtx.dudasoleh.lol
s.amazon-adsystem.com
s.thebrighttag.com
s.tribalfusion.com
s.w.org
s10.histats.com
s4.histats.com
s4is.histats.com
secure.adnxs.com
sky.pasukanantidepo.shop
spl.zeotap.com
stags.bluekai.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
sync.sharethis.com
sync.smartadserver.com
sync.srv.stackadapt.com
synchroscript.deliveryengine.adswizz.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
thrtl.redinuid.imrworldwide.com
thrtle.com
token.rubiconproject.com
track2.securedvisit.com
trc.taboola.com
treksantuy.asia
treksantuy.tech
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
w1.bungaprediction.com
wget.angkapaito.net
widget.angkapaito.net
ws.rqtrk.eu
wt.rqtrk.eu
x.bidswitch.net
x.dlx.addthis.com
x01.aidata.io
zona-bermain.com
bungaprediction.top
e.dtscout.com
i.liadm.com
s.thebrighttag.com
sync.search.spotxchange.com
zona-bermain.com
104.126.112.185
104.17.218.204
104.18.20.134
107.178.254.65
107.21.138.225
107.23.44.245
108.138.128.46
108.139.29.87
13.225.214.84
13.225.63.4
13.226.34.16
13.226.34.62
141.94.171.216
141.95.98.65
142.251.32.98
149.56.240.127
149.56.240.128
151.101.2.49
172.64.153.173
172.96.191.134
18.116.4.103
18.173.132.31
18.206.31.226
18.224.111.247
18.238.55.108
18.238.55.69
185.167.164.39
192.0.72.23
192.0.77.48
199.38.167.130
2.19.130.8
207.198.113.86
216.200.232.253
216.22.16.57
23.44.203.90
2600:1901:0:8eee::
2600:1f18:ed:550a:ac77:9c63:d66e:ebeb
2606:4700:10::6814:5063
2606:4700:10::6816:3362
2606:4700:1::6813:854c
2606:4700:20::681a:d3c
2606:4700:21::8d65:780b
2606:4700:3030::ac43:a16f
2606:4700:3031::6815:6083
2606:4700:3031::ac43:b058
2606:4700:3032::ac43:d74f
2606:4700:3033::6815:51c
2606:4700:3033::6815:e31
2606:4700:3033::ac43:c223
2606:4700:3034::ac43:9ed3
2606:4700:3035::6815:5055
2606:4700:3036::6815:5f47
2606:4700:3036::ac43:84f6
2606:4700:3036::ac43:a392
2606:4700:3037::ac43:b044
2606:4700::6812:18ad
2606:4700::6812:bcf
2607:f8b0:4006:807::2001
2607:f8b0:4006:80b::2001
2607:f8b0:4006:80f::200a
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81f::200a
2620:112:f002:bbbb::23
2620:116:800b:21:1456:d0e1:7db4:a56b
2620:1ec:21::14
2a04:4e42:200::300
2a04:4e42:200::649
2a04:4e42:600::485
3.209.115.69
3.213.62.40
3.222.158.117
3.229.214.218
34.111.113.62
34.117.77.79
34.193.241.34
34.199.184.22
34.200.65.202
34.202.221.70
34.234.61.205
34.235.90.44
34.98.64.218
35.210.53.219
35.211.178.172
35.236.220.17
35.244.154.8
35.71.131.137
40.71.11.141
50.16.174.192
50.16.197.56
51.222.241.106
52.21.33.16
52.46.128.147
54.157.70.26
54.164.227.162
54.165.113.212
54.172.238.66
54.204.112.220
54.85.120.53
54.92.184.169
63.251.86.50
63.251.86.51
64.58.232.176
64.74.236.255
67.202.105.21
67.202.105.24
67.202.105.32
68.67.179.153
69.169.85.7
69.173.151.100
74.119.119.150
8.28.7.81
85.187.128.38
89.108.119.43
99.83.181.31
00354e01e1c8d2b9d65adf5bcf4817f3f383194b38ea4b6541b28e2eda0b7d95
004b235c650234e4792b9c09782e766ddf5e7d7e4fa4c0a0fbc17f6458fa49e6
01b6b65c35701f5ef935db0bb1b78b61f26b0b2bace232c1d340949b032daf76
01c528353cc02874658eee5ac334cf854f0122393d1c29c416dffac82aa86ddb
045eab8b5112ec3f5ea5aaee26f98fae232ccd3cd5e2d07ef75b45375b085604
04a3d1e42bc1dc4e5275763df433d5fb32777368a1efabdb654b55a35102c7f7
06710711e7517c22412aa923d472e9cce857b02605e4c0049cdc7edb666a132c
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
08899787e20cfa2d433cbdb660ba1ecdf431044511a2c1cb1ccddeda853130cd
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09afc5355151bd39d2a740f8871cca1fe79addad01529212a73c816136e548c3
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b77c5afb50d41a2b595952704a156262b2ee718b2d7f7c5a57098bccb999c76
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbb9035fbe7e090380c129371a7aaf18ac887fcb030047cd2363198c5836580
0c6a0b7cfcab1c08c8f99861136ed18bb224f13ae8506174dc0a7b892b6dfa2d
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0f1e4f7008ccffa6948dbcc9eb98f7356a0f3e7bbf0d87a77289820eaa8027e7
10086e559bd8f881bfe5ae8ce580dce3e90077ac65ef4dc9a9af9b3ba2afb3ce
1036bb6ff82c07dba47bb98631af0c398a77c0e49ab3a27d958946336c4d5868
11767e2677e127953439c215e06fd9a229dea6affa64d2fd37b67898d7ab7363
12332e20f7248d86b09484f91fb5f0d559e8be666af936a6083c60c570af6401
1381418b1f1f64506dd2a5df168d83b148facfc6a2143a24c8969712bfb9b6e3
13f9dca5894a908d2bedb686143ea27151bb6e0ddb5b47938fb0a9ca30947d9e
194e14a5ee445eff16bf25a7bd34425ccb733ba98acb573d39804bb57748d797
19c6974a19fac60662e0b993d514b287d1ae991abbfad99d6cee5fee7d2a0d1f
19f1c7426b80f7645ee2665683d160a64d5ae115b427112473021d04c2fad3b1
1a122fc5a5f1634ca193e2ca54e24e8a5fa3923815299dd65f1503176eb6919d
1a781450129f4a3dbafcfe62558de75c582c35f1a3f44a6a3603d30175b7b0bf
1aa107e1e77aa0258a32c782575d12d42e91aa392d3c73af25f90ef9ca4d0dd1
1b69e22ea0895d5e852bf5422adfec15e595ef64b3d468c0740b86ab65b1e7be
1c1192232e4efa5b830ac6bf61c5e57575c5135e40185aea78a2b0354e0323fc
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1ddc73e82f33d36d98cf976674cc0cdde63bbaf61a6338ae7ff0739a4c81dac5
1fd5746d2787bac24796cb89d2a7171889ff7f12fc7bbc115f8eb6ce77759329
217bcf44778fff8fe41a593c79e0c86edd524460f7618f12e132566d17fd5b4c
219ea13c5b799ae4cc99cb6f7a00f855e51094dd5e1fb2c4b77510406d74e052
2388f1b8ef95668322254f1ae8523c148beceddccd6e239bd683281835e1180b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689ac2a7453661922762dcd23b84bda4ef74a05c9c3740f817f411af2f6084c
2886e0696f0258ed37ece82a981cc229d024ca5abe47012923a298b60aa8d999
28dbb8fadd06f596bb80ad03c70f1c80f2b16a9fd0b2ad17414335a16b525cd7
28eb771c52635f262d150e0b54111a13ac1cd929187b8697600bc6483b4f1c6c
2a436a8f1d3c3d64e101ccccaf015da14ed19efaa8a4a2b6a45ed6bed6ac92a8
2a985beadac8b7f43837b157e4c219376f272f59ba48584b069f5b4676c53a45
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2
2bf5907894a70b877089c24817fcc65db655cfed28840aa16c8f3810cd412620
2dc8491b13b441cd320da82308ef30093ff25f10727460114c7e841d067504a3
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e3778a72114f13a5b18b9d25df758bfbf0d55bf442ba5c9007b96593d959b90
2ef8819c623f045339c8a2ffe8b442801765e1245b634c5bc8246b4fbd67a395
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
303e9dd043074c40fcb0cfff2f45edc1e217faf0ce1c352b9d31c80c8f19215d
31fbef2d8aa8eb899334230f74c59be161cb7a3fef953d60d698855548e7c825
324ed77cf68cfecc3f1d168b74dd430ff4b9375b4ad7e7b3396e8ae3eefb5064
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
3417c3980ab5a6bf90f967b5e905f14eda0c2278213fdef08cf8fb0cf88d1d92
3485295530761106ba56255187cc1f9a7f7cddb3b54eb1030dbd0c415b76afbc
384cc79b43ec01445fe2a68943ad8da7ef81dfc68bf6457c6c8aa08384b2133a
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414
3c6d44c2474c9e2fe9218a7339fd0ae97de0a3a2cabeb6b09ee1d6bada06590d
3d238a8cb53d07fbd67edb82e84f4e521be981e8860166541be0371be759ee59
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8
3e49e4694bdf447f098cd8e6b36f9cab8c2c5bbe417569800c2a1594653d9b2b
3e6701810a770c2cdb7710c43056f6c2422cf8c30653dd1ab209bcff5a4548e0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fb574ba0087738e2662388a3f51043e2d9010322bc48390a0a34e1ce588fcac
4111d0de448c0dbbb0dc170a0e580da1029ac1fe68de77d330b41ba1cbc4d0c2
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
42e792c4264f30663f715f0019025df6c67066e834c8c36298e9a96fdc8cd038
44e191b3623a90ff15061113e532626f71d71b2833293015d777393da86a630c
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45fa7054f05ab3b5e09ae700719660587e59dc927513afe0c02eca9f813b5e30
478aa38504fb3b61cb2d3e563aa61ca6370e3cc3e951a5002e0d855b0094d628
47a9cd3b880a1d83a59a9df77f8676c1ff4999f2cf4aa76914a7eaabd26ef83f
4d5a255dc0684d673df1af5b7336b70a7903d63a10c245f33ca98e7b3d30558e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e66a629caa876327e13393ac8dad186482bfc4618a919ab5999102bf6ce8c45
4e964e6cf0da19b81fe708d13bd581b653816c31b4d4939f511996fb8aa30d6d
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fe7fde764319b56dc9237348bbcec480c9bc3c29a737d42de0e8062cf2e2013
4ff46e17b9516b26fe15a008eb811379743f70a0dc4e0d205ca3492c6db6112f
514297e1bb55a9f1109a9dd4962e2a4b5e2cbaf6784f19e81d522f76828a569c
51657894d582014e07c19a90007b911b5778078a5838eb727f3656fa438be887
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
574c654adc51059882c66279ee0d42eb585735d5a2bc8cb010f1e91eb04e483f
5759df7d0a6416c5942bf98dc8de853d7caafc1883eac27a412a7f3e882741a6
58627f33bcb7b5ed28675fa89d0a45aa0107bfcbec0b17bd3ffb5ac99b763943
58b0f31c6e17f9dee0063375557d9446636f450ec9587903c0f26d9459d714a3
5978a5462f0cabeddced11d70845ff41cb49fd3aff057822ddedb49991614dde
599e7d24949bab602863af01456e0eee0bccb5ff650a679a4ee74248c59c8209
5a300278c9b15294d6a4e0a354c1d766fa1482ea44899238d9bbb55c533013d8
5c8ac955fbc3331e52a22e67539afec9ce12e9ef32b525b7fb240127af3bddc8
5cdf948f65cf951821da557dc5b8cc9067c64589070285feab8aa6f7c64657e0
5ce581a1bb3ae65bd553d034f9d5973dd8af7f856d2bd5efa095ed41cee7f949
5d310891fe2f1cfd19e14cc4e74f47ae90b95a9f981ff5e8d5d9ad15bd825448
5e38f16daac0a0e91bc5a45172eb85bb00d213e02f69507218cb370ccd109c05
5f535c3b2a3e766186afdfcdcc69c61bdabd63853a8a22b30795fa317b28c453
60753d7fdcfbff1bc5de6cfa1b1d7c4041e32257bebaa6459843f9e6e5dbe302
60e20b6d9d14fa44ca8ca91b46f8650c695793e879be3cf1fa6f8e2ba0561045
6103421bd04418c028aca18be8a8bdcdec1a4adb5ddf55d4df7b1a1b8091cfb2
61ceaf1b60e7aaa0335c98dee14f4ecbf073a35721165d2537a7f28cc847d271
6433b6ec31a00814e966e0371e83878f2d1ef41eaad768ef49bc2b2e978904cc
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
676084882f6d4503b99dd45799c96d842c82125889e0486b94d574bb049d616f
6777037b0e51300c38c4f883d509b4dd21ef11d133a40232d5b20506c19ecf1b
681841eebf9baa61026283e6217a4a9e09aa99c0758a9751d06c7321d95181ba
68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda
68e77da91189046891940034bc11feca9bd84f02ab7596b9e58fe7591e1b7691
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c3e9fd449a2e0ce8cd726df2af78ef10e4e0108f92821be8cf2ba47c02de67b
6da55789d39fc24c0fcef28e6fca1f32988c00cb0aadab8df57a5ee3395f8830
6ee5599420176d6c73cb80505f7d287e527d903336f0cfb2348ace130fb7d6f1
6faef2a9122a84c8ef399b819a303ed612e3aefded8e5dfca6419bc9a2677de3
6fb9b8cebbbfef320e8e27c8fb3e2d2020196dd03d626f45c28209c76fab311a
6fd6a46322d2786146e942182d44a1a1f2764912442c4f56b32d7a01e22d6f96
708c5f09bb1e3e8c8c5ee2cb96b536a1ef77c82a592367a6346f08d718377c47
70fb5e467e6e9b11cdb5b9963383e8baed587e0d142f8fffe27e2276b2028a13
71efc3882e0c113302fd1714b86e2e5337d12adb637094d4dea3b20f1b4f2bf9
7261ac909063abccd2f148d068599ffff4a1b14efaef9d4d6811346195f5fe9c
730412109bc24c266a27e4c2248182c8952c1ec999199851413a1779cd7d0ce7
7380c39ec1fbcf6ff16ff145bd0ed5033c2b84b41270dae4b05a327a19ba9e66
7483ffa917a42f3480fe85cfc28ed788040634e5621a93354600ff233228fdfa
74dec684ec726efc2a8cce698050eb6533b349c81d5a5ca266db974c75178c5c
75bee475e0eb4e9aa841f244bca9cabcf4652cc75ffed66e332173e2d636d379
776bf55e5c196430c0d9bb394fdc8a37ea7a55b6e3044ae8c0815d4a3bcc542f
78665d0ac40194fb3ee33425f3abc78ea27db05f3a7d16e8e4fd20617870fad2
78aa9262f738da06bc20697c43e98ec5be182771a96ef7c1b733b4ad53f42b4c
79980af9382b2ed28478d04a6b7e7119b4a3b4cf055978bf0bcf7fbe74a3136f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a4053bc97fcac5baff9a36621288588cdfe90c71851b5ddadc695d8f2e134b0
7ba47a6e08804b6b721e882e4aa7915db46b7c631f703686ace758dbc6f06ebd
7c0481820b1b3f25fa2ec17081cb573f5eb80b00db8b788c090f1c11b7183168
7d8609b3485504171df5b0db41bd91d15cbc2fcce6872b22967c92d356f3193e
7dbd01c955512768017faf49b10d59e76972ec1149602504f86fde6a7ecfa985
7e22819d3433cfdb5d3f848fee01b7cccc863970901de5efa3e80a7eadbd48c4
7e78ac302ebdef9842d5c628cef762ed1ad4b9650dd4915810cbf3cdaa86010c
7e9bb5e1dd4cc86243a847bd88bc20213c0506815b5e1531f617f63995583ad9
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b
8084ba0a6b770ebad7c2008062cce2addda48238bae32f6b720766072ed2937b
82a61040198394ed6f9e59a3b5131bca0af02f194a690b977ea9b244d9897f27
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6
858be89a3ea783d6bfd45ef5655038de9bb3100db6f7eaf5db736280940b71e1
859fc224dfddea3a5015809ea2d6f46bd8510f039046c3c158f7c018d8f5fbab
87d3abed87820941c3f8f4d8cc01563a8ef74d7886c948b9b0da3e3929bfce92
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
8a02230c43ba29adf90f383a2f20ed218cd7f10aa375284a800d5c9ea517c95d
8a452138116838a9e104da11be6bdd4e677cf95fa2ab2783fd6ff541f4f02bc7
8a68e4e1e0faf5cec1082b25b95f4d820985fda95177b826e7c16a70f5afae19
8aa778d80dc657014fdfefa5ee91700d7661df2064836430d14bc13345108b21
8ac1e08581c5691d74fb1a69b925f400e14db93ddc9451db0b72456e4af3a2f7
8afd8132abd29ec4f4e38e5088bc5cce3b8c65a97439a0f6cacfcf7975b9d144
8be8983ab007df1ba98857245f674b1ea7cebbf9bbb5c24db4962de653093fa4
8c81e09b55cfbf8adbf186cc23186123bfe3616b7166dc76ca0191a256db993e
8c9167e826f66ca8b7d386d5769af94766c105a165c2ac2b2eb1a9f6161ae7c5
8de83d25df5be87934ec0a1091c0ab13aedd0c8d0552cbc2e1e3d14ff147ab33
8ef3b7fb5ce04742cca1decb2b13e9f14c26aef4460c6fbb6d8e5ac66d608788
9037bd2f7fe56ecd899f1cf721a37f5e36e11cfd8a081ea1f8234b3aa721253f
91371ca414f6778247e5105673cd6d83a4a2e46f2eda8a273f88227b61e352bc
93f28a18a1df638b539f6bde99c048a50ad7b8a5643c6966a0546a0c50f7cace
943c6368a5480cf4d817121a274cfee0d86b65414ac092b208bd2f256bfac2d5
95cf5e4b3f56fa2d8aae7f6196f6cadb653b68b19520048c75a91ad12d6203df
97905a741cdb2fabb520b4a74056fbf405a508109b91da2f9fed2b4fdd5664b1
9b692ca9592b55685a6e20cd10f372d689508a42de4f3e84ce70ab2bd1c24a4f
9c5106cfc1835d6213c497eb31fd0b3f034a3630a33fd51ed1f020f370034b2b
9c82a2aef8b99c770c858139cd5eb9bc064f2bae847aed7fda70537fb06536f3
9fa3447a88a3b465eacad9919e18982321999b0a9ded0384b64bab78c59003ba
a056bcd83401b939f90b0b0511849c062c36d5e9b36ae20438b397d5fb33ec0b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a325694ffddd3454d6e0b41929dc8341aefa72d494a04815e7d329a16e1ed639
a5bba028c9f53ca22d5a27d89f290317350a67fba96a1d7a76227c657ca803a2
a6075974a4fc3d410f0ec1281028877e8ed036726a9ce38dbad3e82d7de32ab4
a67688ddcf966aaf218b1f154d3830ad065e23ef063d71b4f96436ab9a717a9a
a6a3283156db24254aec7fe7b93f88ef8193a0b61d31056cb5bb210617dcd626
a81c63aba10e09bcc2d1526b79b06f480439011f2555c274c00e3231e8a7656a
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa7d852a9f889170b269f832803aeb8606d61faef92a09f3002b562a63298952
ab28525af13ce6f2aa74c54d16f533ee08d6df5555277b29093bb98a3df58a90
ab607690fecc69130def53f786be46af206751fdccc1f26092439b03572fb276
ac5f39c25e6abd3fbdae74e502ddd8d26fb91d031d391bae0d8d882217cde5f3
ac6002b55a7bc33de07da0fc1391dbd8b61598823a7768591aed4b0e4a5e421a
acb6e632d4ca2735f6b1d1203b78fd3debe50ca4f23e3b0f3aae38bdad9dcbb7
add3315d7a7bb82510756eb8828798744b2613a242d9388a73acc0b67b9101a9
af4a3949360bc20ee2dfbfb0c1cb8ecf174c1c0a172b7e06b2b7c9ba1d711ade
af7be825134f1bf25725a30ed66a3d9c593ed2e57ac26abaed288bb784fe8a52
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f
b132743c6a2881f37317b4e03c8c64ba93fa2457a77041b846d961ad13f6ac3e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1aa580790c9570b8d2487f59595d9fff842ebd0983e34964185c4173375c67b
b39b662997f28827a3d141e224cd93db44e6251335d0f0a19c5971c5f800aef0
b40c199ebf849324a001963864b6deffaca618617904dd9c99e5dcec4f29be68
b4208c430fb204fc4903653c1c36f9832e2c3bfb742a6828e96878e328d8e26e
b51bfeff329c0195ee3437eb0cad7a24cecc800620b4e4c847fba2dd44cddc59
b8d5b8b3aba83295ca889eb14afa7e71c933440698302f648fb902048559606b
b94669d62b1a08f3e99eeca2a395ddc4b78bb99ea5c4c1c43b7a423c67dc2a37
b9a6fb1bcaf76a6aaaaed347ebb24a475685fd3bb6e07f87b288891347d4667c
ba52bcf8fa2e1fbb1fd3dc05b3c0946fd129ec68d2d5d6c6974801edbd90a1a0
bc92016452821960939643e008d184c29fb703819637a5c120994a15dea25451
bd63e35a02fd66adc12f758a9634a1d0ad407eddf70c0917cff5bd4483320bad
bd79ae07d75cd51ad13e70f96b2c69d2b6c3b5e9fcb91296b9dd7b6694fabaf3
bf970150374baa5cf3025b43b9172d1ef77dbd0f3d9859d72059912cb273f19b
bfcef82755bac56e01032d196dc587e851fcfb9a2a1882c7e283b9ea451a17a0
c1491420260414dc134fe61239a3c7c1716ba8d0f6fc123707722b2f286cca76
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2350603f4fec9abbab75cc906bf3bfd4d1714e104b17dad012dd2407174bfd4
c3b453a5bc1bfb161b03a27a1615250d0c7686db0805d8ef9e5d6a26a098cbcb
c4425bf79d38f326138bacaa3c55d3b01eb90cd641e3e0f56f88ac721b3902b3
c51a8d2c1b69e2c7a62b12ad85ba1b4a6e8dcae7df14e4a917937f47762752d8
c547ad7367130d18536d658e08f345c2379dfebd92035079ed1cd0ebe7a02d91
c578605de69c5848df9c75e27b82578f4800c8f866f4a95ba4f32e55239daece
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f
c85a6709dc39f549e4a522f61e2029a73c42a13c8f7aad181e2a60f57f9574e0
c8711e7fec7fc7124b43cc2cc5f6594852be5ea8548fa99b37ae4d91a1b3d4c5
ca2c8c7ec5f2b6f1be203368ecd6e4b00dfe8fb17b916963fe7ba54868d5e6b6
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cabd6c6e2ce478bc6a9344f5f75f501bbf6b7ba8fd54d7487e7a09279f3a34d7
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc1b61ce9cf9b130f5140227f7715833cee4bc7ffe8b79ae535fceb7bca2e75e
cc2efd0dc47177ffb2cb1b570e930d9953f420857d299c3c05366afc05f87568
cde7706a94ea59cdabf47cefabad4419ecdf0973ab6f66f3857bc54641131ed9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d30f436b9752f07747f2b72cc77985554918de4f9b5e74c65271c89e3b1501b6
d4ba7b41090aabbe09b55d93951cc7f37e685bf5d27fd3283e73d3e8fcf5bab3
d7a71d3dd740e95755227ba6446a3a21b8af6c4444f29ec2411dc7cd306e10b0
d7d7587027d68dc9103d5e5dd4154cad74effffdbacb4bb835d46818756e928e
d7dedb3ae8f4f67b040bd859c01894aa159963843e544b0fe2ceeaacb451d0bb
d80f6523545dad74a52c6afbc2db2210fa1418e86cdf000233c482e199ed8b79
d82baaaba877d809f798318973f863edf4c8a664fce86b796cf7310fc9d90988
d82ebc31b6566cb998481cb1ed1648c2d5d4af40076cb6bc6a8fcca7b738fb25
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
d8a6e54eab1ed2e755b766031501397232bece4e068ce99e55778fa44b98e480
d9a92ee857d641345fcf38d17aca905cc0fc9355d9d13d76ff60e999acee449e
da6d3195e96bfbfe1cecd660de92fe05a71437900b1dff539a9d6f5e45c28277
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
daf9a29faaa9b5a3a465f3f5048a5c4a2737ca8a1af1c4e746fddbc8f9910968
dbd4ea5e26cff619ebe31130ce16126cdcaff265a697139b20c80a960954832f
dc5b5945c7eb323b051de03b7b7a296353523d2d4847b9ed8a948344e59c4728
dc887f124f649e95762713f34c6e7d8ef383571f6a354d916964732b1950664a
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e1069c844742374ce5d55bf288826350c3c5c26c1bcdbde43f76c51c8e2df535
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e1c033fb24dbcdc0dc5d1acf1441bf18771adeea22bc5ad423f1cba47d68b72d
e28e015eeb5054af0819dfc34a2b778dfb1dd67d04d939e431c59c154cd8cd12
e31a5516051e3dcd6be48ada99dbf2d270db37dd3a304fded21e105f6c733bf5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49776ceeb988f46bfaccae155fa7e79b479aa6d7fffd408ddb22ad69e88a4e5
e5d1987f6cb1c813254f9986d2b0674990cb6696dfb325187220545f67579afd
e88766f9257d0fcab42980c1182bbcbdd7ba7ed435aab35b645d9c5a4279ffc7
e8e6b872b065edf8f89bf2e2aefc20554dd74fab1409b2f65a8c1d7401b724d6
ea813d9dbb90e51332aa2c4757dba0947a15420790f4f7a40a65c6f83446da15
eb2c8d425c933e13fc580aeec7793c0b5429044f58bb8e386071dda4a4659945
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ed19f70a06a3cee8f331195df96299b189d40dc2045862f4a5c1383815b725fd
ed583d56011d88ec5fdd34247d6c7690db6712dda088d7907eacabfa1ee60002
ed9521a670946301c25c7a90c7aa632344d496a696f1b788f4e465354ac1c86f
ee053a27a18fa6026d1dd96aee2dc7763176f9ec05090050148aadf2d607dc7f
ee21798eb15eee2aeea72f3d5bb954ba2d2fbb6b98e0b3a6892ad402bfccb60c
ee919d4b7c87e1eb916b03c24e78bc8ec4aa24c90e2d50c4d9b5623127f6bea2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb8d3fc8b90b38cbc75cb3f22e313a370f0eada11e7eba19e8047c6f60943dd
efdb19618ca9d33f08f499bb677f7a56e0b55b6e67582e86586ada7435c4495f
f017d1630a163790465f348b29d4721facb1d4353e695dd730b869e28e4bcd3d
f0b62978ffcb55c15d6d590f4d97462705e353def14ff9d92477be24758eb502
f1d5c63eb538181b48c9875d1c18d64e0e1b54807ed5aedd14bd851f8027c755
f2b97c6c468e6320415b970d6601933c3f6165e0db896fbd6a80ace5d478fb15
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f
f5487f82fbf666841454f849de133a2e4e95e2cb52e773b466cb2550f372b8ed
f564100347e9b3cc6448108ae2837d97eb49d3009154452879c4a146dd482183
f6b8d4bbca386d88e53391cdfbc3bbcbfac8bc9b295de835cfab134044f425ea
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7a268fe54141807077d99c931e63dc4ed814892add35accf4f92fb98b0030d0
f7bc1b794480ca073b0a3ff2bdfdd6d5171458d2828ea18e4b80edb151f2289d
f89f1fe1c86dc63bdd3668f2922215318bc10dc9ade1d22300121b41d541f726
fa7337e4bc30dd3db3861c272a32f98911b0bbf1a60557e0f124ba2713f35fd4
fa8c7373d2f717b45fde2355d085cdc33d70c08d5e5672a67b29a11b2935ad68
fbbe75f7ad2fe6f6a61bb1b59c94e8ff5953e9abd902fa6adeaaae619a4666b9
fd066aed6289ad451e34e57ca5b9ecdaeb91e080ee2ad71cac26e93544a38251
fd8b49558c88f79a4e600399d893e6ade60b8575936810a5c109aa5c69959b4a
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
fffe2bbb1e6c64b3540176029b620af1fcbbc30861c94299b895760b80cd7357

sky.pasukanantidepo.shop Open in urlscan Pro 2606:4700:3034::ac43:9ed3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

1765 Requests

92 %HTTPS

29 %IPv6

105 Domains

135 Subdomains

81 IPs

8 Countries

146074 kBTransfer

160930 kBSize

161 Cookies

30 Outgoing links

Redirected requests

1765 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sky.pasukanantidepo.shop Open in urlscan Pro
2606:4700:3034::ac43:9ed3 Public Scan

Screenshot
Live screenshot

Full Image

1765
Requests

92 %
HTTPS

29 %
IPv6

105
Domains

135
Subdomains

81
IPs

8
Countries

146074 kB
Transfer

160930 kB
Size

161
Cookies

1765 HTTP transactions
11 data transactions