questionw.pages.dev Open in urlscan Pro
172.66.44.174  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request syair-gucci-mas-2022 Show response questionw.pages.dev/	22 KB 6 KB	256ms 198ms	Document text/html	172.66.44.174 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://questionw.pages.dev/syair-gucci-mas-2022 Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.174 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c7e3a64002e67cda849e8e767d0e117b89f58da19d8618e8e8ce0765815f04c Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language it-IT,it;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control public, max-age=0, must-revalidate cf-ray 8732769b7c4b0e5d-MXP content-encoding br content-type text/html; charset=utf-8 date Fri, 12 Apr 2024 10:16:51 GMT etag W/"619c1e18c5db12307a8f8a41796308aa" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7iYkd%2BVaBQde4HYDJMXOwg3DpM2Q2s7siDdWCFGZp04ZLh92UWEWoWmdNYBt%2Bmrlwdc%2BOHWPH4Z52vUn8K87YFAdCSPsuqfiDpkYXL%2FiOAwq4cOJy8LLPBTDfb4Hhd%2BzQdflAP8A"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-content-type-options nosniff
GET		all.css questionw.pages.dev/themes/mundana/assets/css/	0 0
GET H2	200	css fonts.googleapis.com/	13 KB 2 KB	96ms 35ms	Stylesheet text/css	142.250.185.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lora:400,400i,700 Requested by Host: questionw.pages.dev URL: https://questionw.pages.dev/syair-gucci-mas-2022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.138 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f10.1e100.net Software ESF / Resource Hash 5996706ffd9dddf670da74af19bc451d2747dfea798a99621f629f652829646a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Fri, 12 Apr 2024 10:16:52 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 12 Apr 2024 10:16:52 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 12 Apr 2024 10:16:52 GMT
GET H3	200	main.css questionw.pages.dev/themes/mundana/assets/css/	209 KB 27 KB	129ms 128ms	Stylesheet text/css	172.66.44.174 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://questionw.pages.dev/themes/mundana/assets/css/main.css Requested by Host: questionw.pages.dev URL: https://questionw.pages.dev/syair-gucci-mas-2022 Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.174 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2e08fe7de75861e4ca9650eb7e57031585bfcde836ae3f094fbc826a949cb902 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/syair-gucci-mas-2022 Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 12 Apr 2024 10:16:52 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"e36a38648f615c3474683f667876db97" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Npv22xZvEty8gsqH8M0sdYOoO8BSbRqErO6y0fAIp%2BoOfSQvhNHEe2ab5df6fhfxDKH2KhKKpORy4bb5LiMidOTE7hRNAB%2FuVKDQ24EZUuW04Dc0C5vt89dlsfk8NukcHZLrR9hu"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 8732769cae9e0e5d-MXP alt-svc h3=":443"; ma=86400
GET H3	200	theme.css questionw.pages.dev/themes/mundana/assets/css/	14 KB 4 KB	148ms 148ms	Stylesheet text/css	172.66.44.174 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://questionw.pages.dev/themes/mundana/assets/css/theme.css Requested by Host: questionw.pages.dev URL: https://questionw.pages.dev/syair-gucci-mas-2022 Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.174 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a69ce3b692d53219f75ad1667e1f1f8ce197a62ff52a6338807a1fe3f65639d2 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/syair-gucci-mas-2022 Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 12 Apr 2024 10:16:52 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6d867dc01c248b17636deae798115329" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K8fCCEazGVxAJwpZMbdn5a7QgFKobw6vBpXXchuTUQMXu%2BtEQt%2FxSkKzts%2FZ%2Fg4yLni7%2BXqDntouwrOA8OzK2Gojo980cbq4gbZWIV3WGBb97RIRvZhX1zftsWJyu7EPHrJH4CYp"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 8732769caea00e5d-MXP alt-svc h3=":443"; ma=86400
GET H2	404	maxresdefault.jpg i.ytimg.com/vi/S2WOiATdkGc/	1 KB 1 KB	106ms 41ms	Image image/jpeg	142.250.185.214 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi/S2WOiATdkGc/maxresdefault.jpg Requested by Host: questionw.pages.dev URL: https://questionw.pages.dev/syair-gucci-mas-2022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.214 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f22.1e100.net Software sffe / Resource Hash 20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 12 Apr 2024 10:16:52 GMT x-content-type-options nosniff server sffe vary Origin content-type image/jpeg cache-control public, max-age=30 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1097 x-xss-protection 0 expires Fri, 12 Apr 2024 10:17:22 GMT
GET H/1.1	403 Forbidden	239f85d9889fca14d1545b9c850cefca.js pl16385118.highrevenuegate.com/23/9f/85/	0 0	353ms 114ms	Script application/javascript	192.243.59.12 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://pl16385118.highrevenuegate.com/23/9f/85/239f85d9889fca14d1545b9c850cefca.js Requested by Host: questionw.pages.dev URL: https://questionw.pages.dev/syair-gucci-mas-2022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.19.5 / Resource Hash Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 12 Apr 2024 10:16:52 GMT Server nginx/1.19.5 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Content-Type application/javascript Connection keep-alive Content-Length 0
GET H2	200	2f1dd3646c881dd0915fdb3bec000dc8.jpg i.pinimg.com/originals/2f/1d/d3/	93 KB 94 KB	398ms 324ms	Image image/jpeg	104.126.37.177 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.pinimg.com/originals/2f/1d/d3/2f1dd3646c881dd0915fdb3bec000dc8.jpg Requested by Host: questionw.pages.dev URL: https://questionw.pages.dev/syair-gucci-mas-2022 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-177.deploy.static.akamaitechnologies.com Software / Resource Hash 20a1ca5042001203376525459c3ba87fd16ad69e92432cdc4496dd3fb43c5a45 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-cdn akamai akamai-grn 0.ad257e68.1712917012.179265ce etag "bb5eef6b5135450a06ebfbaee288c5be" vary Origin content-type image/jpeg cache-control immutable, max-age=31536000 accept-ranges bytes content-length 95549 x-pinterest-cache-status-v2 Miss
GET H2	200	910991377a896ab56b20691cd97607ee.jpg i.pinimg.com/736x/91/09/91/	102 KB 102 KB	274ms 200ms	Image image/jpeg	104.126.37.177 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.pinimg.com/736x/91/09/91/910991377a896ab56b20691cd97607ee.jpg Requested by Host: questionw.pages.dev URL: https://questionw.pages.dev/syair-gucci-mas-2022 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-177.deploy.static.akamaitechnologies.com Software / Resource Hash de81e0168ce2ac03f49bfa5bbd90b2a45c1f51105c60dd8985583eb79f35ee22 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-cdn akamai akamai-grn 0.ad257e68.1712917012.179265c3 etag "8f3cf402b565d7f7ef2fa516791eee5a" vary Origin content-type image/jpeg cache-control immutable, max-age=31536000 accept-ranges bytes alt-svc h3=":443"; ma=600 content-length 104479 x-pinterest-cache-status-v2 Miss
GET		syair-hk-sgp-sdy-16-08-2022-03-9.jpg syairtogeljos.files.wordpress.com/2022/08/	0 0
GET H2	200	c486e541602ea6bdb08993fec8f6d0ca.jpg i.pinimg.com/736x/c4/86/e5/	51 KB 51 KB	247ms 173ms	Image image/jpeg	104.126.37.177 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://i.pinimg.com/736x/c4/86/e5/c486e541602ea6bdb08993fec8f6d0ca.jpg Requested by Host: questionw.pages.dev URL: https://questionw.pages.dev/syair-gucci-mas-2022 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-126-37-177.deploy.static.akamaitechnologies.com Software / Resource Hash b3a62e400b4f42f82ae66ee666f78d0885a2472a26c4846de6496fed500d6539 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-cdn akamai akamai-grn 0.ad257e68.1712917012.179265cf etag "e0d96e2fef1728389dd9e6e43b7e80fb" vary Origin content-type image/jpeg cache-control immutable, max-age=31536000 accept-ranges bytes content-length 52356 x-pinterest-cache-status-v2 Miss
GET H3	200	placeholder.svg questionw.pages.dev/themes/mundana/assets/	1 KB 1 KB	152ms 152ms	Image image/svg+xml	172.66.44.174 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://questionw.pages.dev/themes/mundana/assets/placeholder.svg Requested by Host: questionw.pages.dev URL: https://questionw.pages.dev/syair-gucci-mas-2022 Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.174 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 476d72696b44e477b6e08be0890d8101b92fda0b66ef41a78bf8c51cff019344 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/syair-gucci-mas-2022 Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 12 Apr 2024 10:16:52 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"d74ce644468c19e8506aa63da7035284" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EdUghD%2Bt0WqW%2FjtXXA7BkT1k4iMhOA38hbUvBeHpIvQrT0ByxrYx3XyYVQvXqnqTIeFllhWMO35fatyhaERm5pAkFZgbAjwLGm%2FDNFfYbbLY8IDNDJl%2FYmih3y8UlEKTcuyW1D7R"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 8732769cbebb0e5d-MXP alt-svc h3=":443"; ma=86400
GET H2	200	jquery-3.3.1.min.js Show response code.jquery.com/	85 KB 30 KB	68ms 17ms	Script application/javascript	151.101.194.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.3.1.min.js Requested by Host: questionw.pages.dev URL: https://questionw.pages.dev/syair-gucci-mas-2022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.194.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/ Origin https://questionw.pages.dev Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 12 Apr 2024 10:16:52 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 18114813 x-cache HIT, HIT content-length 30288 x-served-by cache-lga13622-LGA, cache-lin2290028-LIN last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1712917012.008781,VS0,VE0 etag W/"28feccc0-1538f" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 1, 248342
GET H2	200	bootstrap.min.js Show response stackpath.bootstrapcdn.com/bootstrap/4.2.1/js/	54 KB 16 KB	99ms 51ms	Script application/javascript	104.18.10.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.2.1/js/bootstrap.min.js Requested by Host: questionw.pages.dev URL: https://questionw.pages.dev/syair-gucci-mas-2022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/ Origin https://questionw.pages.dev Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 12 Apr 2024 10:16:52 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS cdn-edgestorageid 864 strict-transport-security max-age=31536000; includeSubDomains; preload cdn-cachedat 03/26/2024 17:26:46 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:07 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"6895e8cd60b62646ce12426015888f58" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid fcbe11822721ac68524c70ebfc86197a timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 8732769d0cb1bab1-MXP cdn-requestpullsuccess True
GET H3	200	theme.js Show response questionw.pages.dev/themes/mundana/assets/js/	4 KB 2 KB	153ms 152ms	Script application/javascript	172.66.44.174 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://questionw.pages.dev/themes/mundana/assets/js/theme.js Requested by Host: questionw.pages.dev URL: https://questionw.pages.dev/syair-gucci-mas-2022 Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.174 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 356a3f976c3013567c4e7c267408f9c3b411ae63b2cd51bc902b6f9f896b8827 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/syair-gucci-mas-2022 Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 12 Apr 2024 10:16:52 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"412ffd7cb92bc41e3424a535caf29ec8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=09FJMYWGUXDlKuKXrvrEHalgWr27HAJvqVWbsvjo%2B2HfeIrt8M7mzln1LjCtIyoWTMGTGACRyNnLMasvCRdBJceVJtZ4naprMssBbxuDrl0WitmQBqE5g06CkeCr4nY36DX3qURC"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 8732769cbec10e5d-MXP alt-svc h3=":443"; ma=86400
GET H3	200	stats.js Show response questionw.pages.dev/themes/mundana/assets/js/	984 B 962 B	153ms 153ms	Script application/javascript	172.66.44.174 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://questionw.pages.dev/themes/mundana/assets/js/stats.js Requested by Host: questionw.pages.dev URL: https://questionw.pages.dev/syair-gucci-mas-2022 Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.174 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f3365558aca9550be3389c4bb54abe4e6ae9d27b228f9e3eb365d0c7be25dfe Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/syair-gucci-mas-2022 Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 12 Apr 2024 10:16:52 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"c93d5bc4186d0b98155dbbd86800d6bc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GtT4iEUcT4t7yla8eObCVncQms9QrA1rfXRm5oWY3ViUTw5HYTXCdQ12Egwe%2FgZbYGdkHP8DlshF0ut4%2BGydOZy52EUTa%2Bcymv9TUJrcRDVEoOYRLe24sc4SjIuoEiKV60tpNiAZ"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 8732769cbec50e5d-MXP alt-svc h3=":443"; ma=86400
GET H/1.1	403 Forbidden	2b89af084ef32e835d1e19152924ccfb.js pl15583704.highrevenuegate.com/2b/89/af/	0 0	353ms 120ms	Script application/javascript	192.243.59.12 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://pl15583704.highrevenuegate.com/2b/89/af/2b89af084ef32e835d1e19152924ccfb.js Requested by Host: questionw.pages.dev URL: https://questionw.pages.dev/syair-gucci-mas-2022 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.19.5 / Resource Hash Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 12 Apr 2024 10:16:52 GMT Server nginx/1.19.5 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Content-Type application/javascript Connection keep-alive Content-Length 0
GET H2	200	0QIvMX1D_JOuMwr7Iw.woff2 fonts.gstatic.com/s/lora/v35/	37 KB 37 KB	85ms 26ms	Font font/woff2	172.217.23.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lora/v35/0QIvMX1D_JOuMwr7Iw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lora:400,400i,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f3.1e100.net Software sffe / Resource Hash 16a2619b4d831694734838f42d825eb871ee5160d241900b780ad523404b1c50 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://fonts.googleapis.com/ Origin https://questionw.pages.dev Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 06 Apr 2024 14:31:37 GMT x-content-type-options nosniff age 503115 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37764 x-xss-protection 0 last-modified Wed, 31 Jan 2024 23:11:20 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 06 Apr 2025 14:31:37 GMT
GET H2	404	th tse2.mm.bing.net/	1 KB 2 KB	206ms 138ms	Image image/jpeg	13.107.21.200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://tse2.mm.bing.net/th?id=OIP.x5Mynsakv-_OCFbs5Jw19AHaJX Requested by Host: questionw.pages.dev URL: https://questionw.pages.dev/syair-gucci-mas-2022 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 36cbc8edf63260b8b3d9a827aee5ac721de768306c5231e22498de2c1232d358 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 12 Apr 2024 10:16:51 GMT nel {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0} accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: F7D4CC6722E145D6B2172BCAD38C5CA3 Ref B: MIL30EDGE0922 Ref C: 2024-04-12T10:16:52Z access-control-allow-methods GET, POST, OPTIONS x-cache TCP_MISS access-control-allow-origin * report-to {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]} cache-control no-cache timing-allow-origin * access-control-allow-headers * content-length 1192 expires -1
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 5 KB	96ms 39ms	Script text/javascript	104.20.66.115 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: questionw.pages.dev URL: https://questionw.pages.dev/syair-gucci-mas-2022 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.66.115 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 12 Apr 2024 10:16:52 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 16 Apr 2020 10:44:16 GMT server cloudflare age 50548 etag "-375139978" vary Accept-Encoding content-type text/javascript cache-control max-age=28800 accept-ranges bytes cf-ray 8732769f5da4baee-MXP content-length 4547
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	49 B 183 B	353ms 116ms	Script text/html	149.56.240.127 OVH
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?4763872&@f16&@g1&@h1&@i1&@j1712917012405&@k0&@l1&@m7%2B%20Syair%20Gucci%20Mas%202022%20%7C%20Questionw&@n0&@o1000&@q0&@r0&@s0&@tit-IT&@u1600&@b1:85909965&@b3:1712917012&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fquestionw.pages.dev%2Fsyair-gucci-mas-2022&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns534295.ip-149-56-240.net Software / Resource Hash 7dd3cd3717b907b8ae5490a923b6c39525b4acf3431a85fe000b804d265778f5 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 12 Apr 2024 10:16:52 GMT Connection close Content-Length 49 Content-Type text/html;charset=UTF-8
GET H2	200	Arti-Mimpi-Selingkuh.jpg rumussoal.com/wp-content/uploads/2021/04/	53 KB 54 KB	560ms 183ms	Image image/jpeg	139.180.147.131 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://rumussoal.com/wp-content/uploads/2021/04/Arti-Mimpi-Selingkuh.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.180.147.131 Singapore, Singapore, ASN20473 (AS-CHOOPA, US), Reverse DNS 139.180.147.131.vultrusercontent.com Software nginx / Resource Hash 5cbd3878a51ee60c933e39d1ba30b7f4953a7864bfabbe50269148d922eb2bc5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 12 Apr 2024 10:16:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff last-modified Fri, 09 Apr 2021 09:28:46 GMT server nginx content-encoding gzip etag W/"60701e4e-d557" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/jpeg cache-control max-age=31536000 x-xss-protection 1; mode=block expires Sat, 12 Apr 2025 10:16:37 GMT
GET H2	200	ERZGTVNXUAArg7-.jpg pbs.twimg.com/media/	76 KB 77 KB	558ms 464ms	Image image/jpeg	146.75.120.159 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/media/ERZGTVNXUAArg7-.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.159 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6b1acf30e56dea81f83f65757aa6767f2db854989815081400b3d93530f96dfa Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=631138519 date Fri, 12 Apr 2024 10:16:53 GMT x-content-type-options nosniff x-cache MISS, MISS server-timing x-cache;desc=MISS, x-tw-cdn;desc=FT content-length 78029 x-served-by cache-lhr7335-LHR, cache-fra-etou8220093-FRA, cache-tw-ZZZ1 last-modified Sat, 22 Feb 2020 16:04:15 GMT x-tw-cdn FT content-type image/jpeg access-control-allow-origin * x-transaction-id f8e4a7f6541679f6 access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate perf 7402827104 accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	Arti-Mimpi-Menangkap-Burung.jpg menurutparaahli.com/wp-content/uploads/2019/12/	19 KB 19 KB	887ms 819ms	Image image/jpeg	3.122.152.250 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://menurutparaahli.com/wp-content/uploads/2019/12/Arti-Mimpi-Menangkap-Burung.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.122.152.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-122-152-250.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash d48ae796dc8fd23b59b12830cb10f477b6208191812a42a9399ce4a320d640a1 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 12 Apr 2024 10:16:53 UTC x-ezoic-excludewebp false response 200 last-modified Wed, 31 May 2023 07:51:33 GMT server nginx display staticcontent_sol etag "6476fc85-4c31-gzip" x-origin-cache-control max-age=315360000 vary Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin x-ezoic-cdn Miss content-type image/jpeg x-middleton-display staticcontent_sol cache-control max-age=315360000 x-middleton-response 200 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	Arti-Mimpi-Anak-Kucing.jpeg i2.wp.com/hewanpedia.com/wp-content/uploads/2021/11/	48 KB 49 KB	180ms 141ms	Image image/webp	192.0.77.2 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://i2.wp.com/hewanpedia.com/wp-content/uploads/2021/11/Arti-Mimpi-Anak-Kucing.jpeg?fit=1500,844&ssl=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS i1.wp.com Software nginx / Resource Hash fa8a1267f13d08f082cbb5aa2cb76e201a705bfebd72d08cd605eab57e41e8d3 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 12 Apr 2024 10:16:52 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=86400 content-length 49612 x-nc MISS mxp 4 last-modified Fri, 12 Apr 2024 10:16:52 GMT server nginx etag "d70d83cdc296c49f" vary Accept access-control-allow-methods GET, HEAD content-type image/webp access-control-allow-origin * cache-control public, max-age=63115200 timing-allow-origin * link <https://hewanpedia.com/wp-content/uploads/2021/11/Arti-Mimpi-Anak-Kucing.jpeg>; rel="canonical" expires Sun, 12 Apr 2026 22:16:52 GMT
GET H2	200	w1tnt6b1ts351.jpg preview.redd.it/	50 KB 51 KB	311ms 258ms	Image image/webp	151.101.1.140 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://preview.redd.it/w1tnt6b1ts351.jpg?auto=webp&s=260716501ef0210033acba459afc80d2ff970fb4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.140 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash fc085e95a95a885f3cb8a0a496727444f291a91184295edcb80682f455c9b945 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-imo-features auto=webp date Fri, 12 Apr 2024 10:16:53 GMT via 1.1 varnish, 1.1 varnish nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2} x-envoy-upstream-service-time 139 content-length 51082 reddit-stats io=1 x-canonical-filename-image-generation 1 server snooserv vary Accept,X-Imo-Features,Origin x-reddit-backend 19c9ef79748590ad9aa38d61e4619c670768a73193aec6424a9f9b913b91 content-type image/webp reddit-io-info ifsz=59077 idim=666x960 ifmt=jpg ofsz=51082 odim=666x960 ofmt=webp report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} cache-control public, max-age=604800 x-reddit-pod-ip 10.104.106.10:8080 accept-ranges bytes
GET H2	200	maxresdefault.jpg i.ytimg.com/vi/IlYkpurbRdg/	131 KB 131 KB	124ms 123ms	Image image/jpeg	142.250.185.214 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi/IlYkpurbRdg/maxresdefault.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.214 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f22.1e100.net Software sffe / Resource Hash 982e616576648281e262c1aee57ddc2ece58e3d6e7f4a1a0c6f86290c0aea93f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 12 Apr 2024 10:16:52 GMT x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 133880 x-xss-protection 0 server sffe etag "1602599323" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/jpeg cache-control public, max-age=7200 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 12 Apr 2024 12:16:52 GMT
GET		Prediksi-Hongkong-Jitu-09-Maret-2020.jpg prediksitogel.website/wp-content/uploads/2020/02/	0 0
GET H2	200	Gucci-Pin-HK-Harbour-City_01.jpg dam.harpersbazaar.mx/wp-content/uploads/2019/11/	649 KB 650 KB	155ms 49ms	Image image/jpeg	13.33.187.43 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dam.harpersbazaar.mx/wp-content/uploads/2019/11/Gucci-Pin-HK-Harbour-City_01.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.187.43 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-187-43.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 809fb9dc4613ccb0d945873b6fc6cca5121c239d1b3cd77e6d8afcb5a3a8b774 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 10 Apr 2024 15:11:32 GMT via 1.1 2e8126aebd83e92e3cf50c4f9c832912.cloudfront.net (CloudFront) last-modified Sat, 09 Nov 2019 04:39:10 GMT server AmazonS3 x-amz-cf-pop FRA60-P9 age 155121 etag "5937e709f97199e777255e9f4102798d" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=31536000 content-length 664177 x-amz-cf-id ajGPwccaVoZ5LoOjN76zLi6kS3oGJmILfczpbP0Kz0ecZs8TyGtO8g== expires Sun, 08 Nov 2020 04:39:08 GMT
GET H2	200	sddefault.jpg i.ytimg.com/vi/u4E6CmXkpX0/	71 KB 71 KB	91ms 91ms	Image image/jpeg	142.250.185.214 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi/u4E6CmXkpX0/sddefault.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.214 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f22.1e100.net Software sffe / Resource Hash cbf5339b650d4c6a86fc182dca5a7a68d4a64a781f66200f6b3b497251d90644 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/ Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 12 Apr 2024 10:16:52 GMT x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 72499 x-xss-protection 0 server sffe etag "1613239303" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/jpeg cache-control public, max-age=7200 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Fri, 12 Apr 2024 12:16:52 GMT
GET H3	200	favicon.ico questionw.pages.dev/themes/mundana/assets/	1 KB 2 KB	117ms 117ms	Other text/plain	172.66.44.174 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://questionw.pages.dev/themes/mundana/assets/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.174 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 779dcb1d58f80948a839dd3d5674985c9be2db026cfc87ac29c006fcb2879316 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/syair-gucci-mas-2022 Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 12 Apr 2024 10:16:52 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "c42b3e4efa00b0eeb8eee1220b6bb73c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aTvcUTT5arqcHRRC2%2FflES2rX9deonp3Z4eewYHYuB4tXse1wW%2B%2BCxA%2BPv8xWf%2BhrWrUHUwURg4m27Y5OrD6VbehQFrTRutAEk6kKXUSWghank%2B%2B%2BjnJDTwO%2FT%2Blp9kGMJ7mlXDe"}],"group":"cf-nel","max_age":604800} content-type null access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 873276a1dfc40e5d-MXP alt-svc h3=":443"; ma=86400 content-length 1150
GET H3	200	favicon.ico questionw.pages.dev/themes/mundana/assets/	1 KB 412 B	39ms 38ms	Other text/plain	172.66.44.174 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://questionw.pages.dev/themes/mundana/assets/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.174 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 779dcb1d58f80948a839dd3d5674985c9be2db026cfc87ac29c006fcb2879316 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/syair-gucci-mas-2022 Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 12 Apr 2024 10:16:52 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "c42b3e4efa00b0eeb8eee1220b6bb73c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v7yFISA5mjSz4SVs%2BdSRXwVLF7Gan%2Fy9mUCPbcQUVJ86ypGA4K2zUSB%2BuvS5d8q9qXPYjBKWc9hB%2FSbIWZbjZjUnPNDhrqanspj7VTLBqX%2Br0KzTQ1q6fWTXVKRaGsH9JD1JEtPn"}],"group":"cf-nel","max_age":604800} content-type null access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 873276a2992c0e5d-MXP alt-svc h3=":443"; ma=86400 content-length 1150
GET H3	200	favicon.ico questionw.pages.dev/themes/mundana/assets/	1 KB 402 B	33ms 33ms	Other text/plain	172.66.44.174 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://questionw.pages.dev/themes/mundana/assets/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.174 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 779dcb1d58f80948a839dd3d5674985c9be2db026cfc87ac29c006fcb2879316 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/syair-gucci-mas-2022 Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 12 Apr 2024 10:16:52 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "c42b3e4efa00b0eeb8eee1220b6bb73c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oz11e9WByuaP9SavJVVJycqnkbusKTgVBSZpYoycQBLZLUBU43Weo2mGUFPWu9ye4RKf5759mxrrZnLV82qGuegR0S7x8e6FTNdoVPLquvZo3nDFPkZJXldXyPLofhkEnCIp85VS"}],"group":"cf-nel","max_age":604800} content-type null access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 873276a2d9b00e5d-MXP alt-svc h3=":443"; ma=86400 content-length 1150
GET H3	200	logo.png questionw.pages.dev/themes/mundana/assets/	580 B 1 KB	112ms 112ms	Other image/png	172.66.44.174 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://questionw.pages.dev/themes/mundana/assets/logo.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.66.44.174 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 17edc2471e97c1c9b26245526301f7baab866a14a46cb0984bbaa3a8073f207d Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://questionw.pages.dev/syair-gucci-mas-2022 Accept-Language it-IT,it;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 12 Apr 2024 10:16:53 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "acf40f22c7dddc5096cc17004dde0cf1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=THsJexXUBtA62EVwwVpDuqgDz3QEo7JuCvlHoE0BDmB9ptWwc91NER3EXZ6eQU7LHYAmxcWWpYLX4SR9WL0Qu8a8ooJOw7HkAsyeWMz0S2v5QfBk2Ikw%2FICkr3pBM%2BaTswrp6Uin"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 873276a31a040e5d-MXP alt-svc h3=":443"; ma=86400 content-length 580

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

questionw.pages.dev

URL

https://questionw.pages.dev/themes/mundana/assets/css/all.css

Domain

syairtogeljos.files.wordpress.com

URL

https://syairtogeljos.files.wordpress.com/2022/08/syair-hk-sgp-sdy-16-08-2022-03-9.jpg?w=605

Domain

prediksitogel.website

URL

https://prediksitogel.website/wp-content/uploads/2020/02/Prediksi-Hongkong-Jitu-09-Maret-2020.jpg

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| init function| $ function| jQuery object| bootstrap undefined| didScroll number| lastScrollTop number| delta number| navbarHeight function| hasScrolled function| loadSearch object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			questionw.pages.dev/	1970-01-21 04:34:13	Name: HstCfa4763872 Value: 1712917012405
			questionw.pages.dev/	1970-01-21 04:34:13	Name: HstCla4763872 Value: 1712917012405
			questionw.pages.dev/	1970-01-21 04:34:13	Name: HstCmu4763872 Value: 1712917012405
			questionw.pages.dev/	1970-01-21 04:34:13	Name: HstPn4763872 Value: 1
			questionw.pages.dev/	1970-01-21 04:34:13	Name: HstPt4763872 Value: 1
			questionw.pages.dev/	1970-01-21 04:34:13	Name: HstCnv4763872 Value: 1
			questionw.pages.dev/	1970-01-21 04:34:13	Name: HstCns4763872 Value: 1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://i.ytimg.com/vi/S2WOiATdkGc/maxresdefault.jpg Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://questionw.pages.dev/syair-gucci-mas-2022 Message: Refused to apply style from 'https://questionw.pages.dev/themes/mundana/assets/css/all.css' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: https://pl16385118.highrevenuegate.com/23/9f/85/239f85d9889fca14d1545b9c850cefca.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://pl15583704.highrevenuegate.com/2b/89/af/2b89af084ef32e835d1e19152924ccfb.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://tse2.mm.bing.net/th?id=OIP.x5Mynsakv-_OCFbs5Jw19AHaJX Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://questionw.pages.dev/syair-gucci-mas-2022 Message: Mixed Content: The page at 'https://questionw.pages.dev/syair-gucci-mas-2022' was loaded over HTTPS, but requested an insecure element 'http://prediksitogel.website/wp-content/uploads/2020/02/Prediksi-Hongkong-Jitu-09-Maret-2020.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
dam.harpersbazaar.mx
fonts.googleapis.com
fonts.gstatic.com
i.pinimg.com
i.ytimg.com
i2.wp.com
menurutparaahli.com
pbs.twimg.com
pl15583704.highrevenuegate.com
pl16385118.highrevenuegate.com
prediksitogel.website
preview.redd.it
questionw.pages.dev
rumussoal.com
s10.histats.com
s4.histats.com
stackpath.bootstrapcdn.com
syairtogeljos.files.wordpress.com
tse2.mm.bing.net
prediksitogel.website
questionw.pages.dev
syairtogeljos.files.wordpress.com
104.126.37.177
104.18.10.207
104.20.66.115
13.107.21.200
13.33.187.43
139.180.147.131
142.250.185.138
142.250.185.214
146.75.120.159
149.56.240.127
151.101.1.140
151.101.194.137
172.217.23.99
172.66.44.174
192.0.77.2
192.243.59.12
3.122.152.250
0c7e3a64002e67cda849e8e767d0e117b89f58da19d8618e8e8ce0765815f04c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16a2619b4d831694734838f42d825eb871ee5160d241900b780ad523404b1c50
17edc2471e97c1c9b26245526301f7baab866a14a46cb0984bbaa3a8073f207d
20a1ca5042001203376525459c3ba87fd16ad69e92432cdc4496dd3fb43c5a45
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e08fe7de75861e4ca9650eb7e57031585bfcde836ae3f094fbc826a949cb902
356a3f976c3013567c4e7c267408f9c3b411ae63b2cd51bc902b6f9f896b8827
36cbc8edf63260b8b3d9a827aee5ac721de768306c5231e22498de2c1232d358
476d72696b44e477b6e08be0890d8101b92fda0b66ef41a78bf8c51cff019344
4f3365558aca9550be3389c4bb54abe4e6ae9d27b228f9e3eb365d0c7be25dfe
5996706ffd9dddf670da74af19bc451d2747dfea798a99621f629f652829646a
5cbd3878a51ee60c933e39d1ba30b7f4953a7864bfabbe50269148d922eb2bc5
6b1acf30e56dea81f83f65757aa6767f2db854989815081400b3d93530f96dfa
779dcb1d58f80948a839dd3d5674985c9be2db026cfc87ac29c006fcb2879316
7dd3cd3717b907b8ae5490a923b6c39525b4acf3431a85fe000b804d265778f5
809fb9dc4613ccb0d945873b6fc6cca5121c239d1b3cd77e6d8afcb5a3a8b774
982e616576648281e262c1aee57ddc2ece58e3d6e7f4a1a0c6f86290c0aea93f
a69ce3b692d53219f75ad1667e1f1f8ce197a62ff52a6338807a1fe3f65639d2
b3a62e400b4f42f82ae66ee666f78d0885a2472a26c4846de6496fed500d6539
cbf5339b650d4c6a86fc182dca5a7a68d4a64a781f66200f6b3b497251d90644
d48ae796dc8fd23b59b12830cb10f477b6208191812a42a9399ce4a320d640a1
de81e0168ce2ac03f49bfa5bbd90b2a45c1f51105c60dd8985583eb79f35ee22
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267
fa8a1267f13d08f082cbb5aa2cb76e201a705bfebd72d08cd605eab57e41e8d3
fc085e95a95a885f3cb8a0a496727444f291a91184295edcb80682f455c9b945